linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Tejun Heo <tj@kernel.org>
To: Austin S Hemmelgarn <ahferroin7@gmail.com>
Cc: Aleksa Sarai <cyphar@cyphar.com>,
	lizefan@huawei.com, mingo@redhat.com, peterz@infradead.org,
	richard@nod.at, fweisbec@gmail.com, linux-kernel@vger.kernel.org,
	cgroups@vger.kernel.org
Subject: Re: [PATCH RFC 0/2] add nproc cgroup subsystem
Date: Fri, 27 Feb 2015 12:06:40 -0500	[thread overview]
Message-ID: <20150227170640.GK3964@htj.duckdns.org> (raw)
In-Reply-To: <54F09E62.8000007@gmail.com>

Hello,

On Fri, Feb 27, 2015 at 11:42:10AM -0500, Austin S Hemmelgarn wrote:
> Kernel memory consumption isn't the only valid reason to want to limit the
> number of processes in a cgroup.  Limiting the number of processes is very
> useful to ensure that a program is working correctly (for example, the NTP
> daemon should (usually) have an _exact_ number of children if it is
> functioning correctly, and rpcbind shouldn't (AFAIK) ever have _any_
> children), to prevent PID number exhaustion, to head off DoS attacks against
> forking network servers before they get to the point of causing kmem
> exhaustion, and to limit the number of processes in a cgroup that uses lots
> of kernel memory very infrequently.

All the use cases you're listing are extremely niche and can be
trivially achieved without introducing another cgroup controller.  Not
only that, they're actually pretty silly.  Let's say NTP daemon is
misbehaving (or its code changed w/o you knowing or there are corner
cases which trigger extremely infrequently).  What do you exactly
achieve by rejecting its fork call?  It's just adding another
variation to the misbehavior.  It was misbehaving before and would now
be continuing to misbehave after a failed fork.

In general, I'm pretty strongly against adding controllers for things
which aren't fundamental resources in the system.  What's next?  Open
files?  Pipe buffer?  Number of flocks?  Number of session leaders or
program groups?

If you want to prevent a certain class of jobs from exhausting a given
resource, protecting that resource is the obvious thing to do.

Thanks.

-- 
tejun

  reply	other threads:[~2015-02-27 17:06 UTC|newest]

Thread overview: 65+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-02-23  3:08 [PATCH RFC 0/2] add nproc cgroup subsystem Aleksa Sarai
2015-02-23  3:08 ` [PATCH RFC 1/2] cgroups: allow a cgroup subsystem to reject a fork Aleksa Sarai
2015-02-23 14:49   ` Peter Zijlstra
2015-02-23  3:08 ` [PATCH RFC 2/2] cgroups: add an nproc subsystem Aleksa Sarai
2015-02-27  4:17 ` [RFC PATCH v2 0/2] add nproc cgroup subsystem Aleksa Sarai
2015-02-27  4:17   ` [PATCH v2 1/2] cgroups: allow a cgroup subsystem to reject a fork Aleksa Sarai
2015-03-09  3:06     ` Tejun Heo
     [not found]       ` <CAOviyaip7Faz98YWzGoTaXGYVb72sfD+ZL4Xa89reU9+=43jFA@mail.gmail.com>
     [not found]         ` <20150309065902.GP13283@htj.duckdns.org>
2015-03-10  8:19           ` Aleksa Sarai
2015-03-10 12:47             ` Tejun Heo
2015-03-10 14:51               ` Aleksa Sarai
2015-03-10 15:17                 ` Tejun Heo
2015-03-11  5:16                   ` Aleksa Sarai
2015-03-11 11:46                     ` Tejun Heo
2015-03-11 23:47           ` Aleksa Sarai
2015-03-12  1:25             ` Tejun Heo
2015-02-27  4:17   ` [PATCH v2 2/2] cgroups: add an nproc subsystem Aleksa Sarai
2015-03-02 15:22     ` Tejun Heo
2015-03-09  1:49       ` Zefan Li
2015-03-09  2:34         ` Tejun Heo
2015-02-27 11:49 ` [PATCH RFC 0/2] add nproc cgroup subsystem Tejun Heo
2015-02-27 13:46   ` Richard Weinberger
2015-02-27 13:52     ` Tejun Heo
2015-02-27 16:42   ` Austin S Hemmelgarn
2015-02-27 17:06     ` Tejun Heo [this message]
2015-02-27 17:25       ` Tim Hockin
2015-02-27 17:45         ` Tejun Heo
2015-02-27 17:56           ` Tejun Heo
2015-02-27 21:45           ` Tim Hockin
2015-02-27 21:49             ` Tejun Heo
     [not found]               ` <CAAAKZwsCc8BtFx58KMFpRTohU81oCBeGVOPGMJrjJt9q5upKfQ@mail.gmail.com>
2015-02-28 16:57                 ` Tejun Heo
2015-02-28 22:26                   ` Tim Hockin
2015-02-28 22:50                     ` Tejun Heo
2015-03-01  4:46                       ` Tim Hockin
2015-02-28 23:11                     ` Johannes Weiner
2015-02-27 18:49       ` Austin S Hemmelgarn
2015-02-27 19:35         ` Tejun Heo
2015-02-28  9:26         ` Aleksa Sarai
2015-02-28 11:59           ` Tejun Heo
     [not found]             ` <CAAAKZws45c3PhFQMGrm_K+OZV+KOyGV9sXTakHcTfNP1kHxzOQ@mail.gmail.com>
2015-02-28 16:43               ` Tejun Heo
2015-03-02 13:13                 ` Austin S Hemmelgarn
2015-03-02 13:31                   ` Aleksa Sarai
2015-03-02 13:54                     ` Tejun Heo
2015-03-02 13:49                   ` Tejun Heo
2015-02-27 17:12     ` Tim Hockin
2015-02-27 17:15       ` Tejun Heo
2015-03-04 20:23 ` [PATCH v3 0/2] cgroup: add pids subsystem Aleksa Sarai
2015-03-04 20:23   ` [PATCH v3 1/2] cgroups: allow a cgroup subsystem to reject a fork Aleksa Sarai
2015-03-04 20:23   ` [PATCH v3 2/2] cgroups: add a pids subsystem Aleksa Sarai
2015-03-05  8:39     ` Aleksa Sarai
2015-03-05 14:37     ` Marian Marinov
2015-03-06  1:45 ` [PATCH v4 0/2] cgroup: add " Aleksa Sarai
2015-03-06  1:45   ` [PATCH v4 1/2] cgroups: allow a cgroup subsystem to reject a fork Aleksa Sarai
2015-03-06  1:45   ` [PATCH v4 2/2] cgroups: add a pids subsystem Aleksa Sarai
2015-03-09  3:34     ` Tejun Heo
2015-03-09  3:39       ` Tejun Heo
2015-03-09 18:58       ` Austin S Hemmelgarn
2015-03-09 19:51         ` Tejun Heo
2015-03-10  8:10         ` Aleksa Sarai
2015-03-10 11:32           ` Austin S Hemmelgarn
2015-03-10 12:31             ` Aleksa Sarai
2015-03-11 15:13               ` Austin S Hemmelgarn
2015-03-12  2:28                 ` Aleksa Sarai
2015-03-12 15:35                   ` Austin S Hemmelgarn
2015-03-12  3:47                 ` Tejun Heo
2015-03-09  3:08   ` [PATCH v4 0/2] cgroup: add " Tejun Heo

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150227170640.GK3964@htj.duckdns.org \
    --to=tj@kernel.org \
    --cc=ahferroin7@gmail.com \
    --cc=cgroups@vger.kernel.org \
    --cc=cyphar@cyphar.com \
    --cc=fweisbec@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lizefan@huawei.com \
    --cc=mingo@redhat.com \
    --cc=peterz@infradead.org \
    --cc=richard@nod.at \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).