From owner-freebsd-current@FreeBSD.ORG Mon Oct 5 19:38:57 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5E285106568D for ; Mon, 5 Oct 2009 19:38:57 +0000 (UTC) (envelope-from 000.fbsd@quip.cz) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) by mx1.freebsd.org (Postfix) with ESMTP id 1DBA88FC14 for ; Mon, 5 Oct 2009 19:38:56 +0000 (UTC) Received: from localhost (localhost.codelab.cz [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id 89D4619E019; Mon, 5 Oct 2009 21:38:55 +0200 (CEST) Received: from [192.168.1.2] (r5bb235.net.upc.cz [86.49.61.235]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id D2BA719E023; Mon, 5 Oct 2009 21:38:49 +0200 (CEST) Message-ID: <4ACA4B49.70702@quip.cz> Date: Mon, 05 Oct 2009 21:38:49 +0200 From: Miroslav Lachman <000.fbsd@quip.cz> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 X-Accept-Language: cz, cs, en, en-us MIME-Version: 1.0 To: Tom Judge References: <4ACA0549.7030404@tomjudge.com> <4ACA2E0F.5010800@elischer.org> <4ACA3146.9090402@tomjudge.com> In-Reply-To: <4ACA3146.9090402@tomjudge.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-current@freebsd.org, Julian Elischer Subject: Re: Per Jail Memory Limits X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 19:38:57 -0000 Tom Judge wrote: > Julian Elischer wrote: > >> Tom Judge wrote: >> >>> >>> Does anyone know of a patch that will add per jail memory limits so >>> that a jail can't swallow the resources of the entire box? >> >> not yet.. >> > > I started to port this to 7.1 today: > > http://wiki.freebsd.org/JailResourceLimits > > > What are the peoples opinions on this patch? The original JailResourceLimits patch was never 100% functional. Please see this page http://wiki.freebsd.org/Jails with links to newer attempts for 7.x and 8.x. It is also better to discuss it on Jail mailinglist freebsd-jail@freebsd.org and you can find some useful informations in archive http://lists.freebsd.org/pipermail/freebsd-jail/ I am unhappy that there are people with some interest in to jail resource limits, some patches floating around, but it never arive at final stage and production quality, and never get committed. :( It would be nice to have jails with CPU / memory / FD / disk IO / bandwidth limits connected to SNMP monitoring of these resources. Unfortunately I have zero C coding skills, so I can just wait if somebody... Miroslav Lachman