<div dir="ltr">I guess I don't really have an argument for or against removing some of them from <rlimits>. The original patch that I wrote and we use internally only allowed setting of RLIMIT_NOFILE, but when I went to publish it back to this list is was trivial to just make it a generic interface to all of the RLIMIT_* tunables. I don't have a need for them at this time, but I figured someone else might find them useful. But if this list can come up with a set we want included/excluded then the <rlimits> section can be modified accordingly. Although it might be confusing to an operator who is reading the setrlimit(2) manpage and can't understand why they can't set the limit they are interested in.<div><br></div><div>Ryan</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Jan 30, 2015 at 9:02 AM, Daniel P. Berrange <span dir="ltr"><<a href="mailto:berrange@redhat.com" target="_blank">berrange@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="HOEnZb"><div class="h5">On Fri, Jan 30, 2015 at 08:53:20AM -0600, Ryan Cleere wrote:<br>
> ---<br>
> docs/<a href="http://formatdomain.html.in" target="_blank">formatdomain.html.in</a> | 49 +++++++++++++++++++++++<br>
> docs/schemas/domaincommon.rng | 89 +++++++++++++++++++++++++++++++++++++++++<br>
> src/conf/domain_conf.c | 92 +++++++++++++++++++++++++++++++++++++++++++<br>
> src/conf/domain_conf.h | 33 ++++++++++++++++<br>
> src/libvirt_private.syms | 1 +<br>
> src/lxc/lxc_controller.c | 32 +++++++++++++++<br>
> src/util/virprocess.c | 4 +-<br>
> src/util/virprocess.h | 2 +<br>
> 8 files changed, 300 insertions(+), 2 deletions(-)<br>
><br>
> diff --git a/docs/<a href="http://formatdomain.html.in" target="_blank">formatdomain.html.in</a> b/docs/<a href="http://formatdomain.html.in" target="_blank">formatdomain.html.in</a><br>
> index f8d5f89..5aec51c 100644<br>
> --- a/docs/<a href="http://formatdomain.html.in" target="_blank">formatdomain.html.in</a><br>
> +++ b/docs/<a href="http://formatdomain.html.in" target="_blank">formatdomain.html.in</a><br>
> @@ -348,6 +348,55 @@<br>
> </pre><br>
><br>
><br>
> + <p><br>
> + If you want to set an rlimit of the containter init process instead of<br>
> + inheriting from the host init, set the <code>rlimits</code> element. You<br>
> + are able to set any of the rlimits that setrlimits is able to set using<br>
> + any of the following sub-elements:<br>
> + </p><br>
> +<br>
> + <dl><br>
> + <dt><code>as</code></dt><br>
> + <dd>Used to set RLIMIT_AS.</dd><br>
> + <dt><code>core</code></dt><br>
> + <dd>Used to set RLIMIT_CORE.</dd><br>
> + <dt><code>cpu</code></dt><br>
> + <dd>Used to set RLIMIT_CPU.</dd><br>
> + <dt><code>data</code></dt><br>
> + <dd>Used to set RLIMIT_DATA.</dd><br>
> + <dt><code>fsize</code></dt><br>
> + <dd>Used to set RLIMIT_FSIZE.</dd><br>
> + <dt><code>locks</code></dt><br>
> + <dd>Used to set RLIMIT_LOCKS.</dd><br>
> + <dt><code>memlock</code></dt><br>
> + <dd>Used to set RLIMIT_MEMLOCK.</dd><br>
> + <dt><code>msgqueue</code></dt><br>
> + <dd>Used to set RLIMIT_MSGQUEUE.</dd><br>
> + <dt><code>nice</code></dt><br>
> + <dd>Used to set RLIMIT_NICE.</dd><br>
> + <dt><code>nofile</code></dt><br>
> + <dd>Used to set RLIMIT_NOFILE.</dd><br>
> + <dt><code>nproc</code></dt><br>
> + <dd>Used to set RLIMIT_NPROC.</dd><br>
> + <dt><code>rss</code></dt><br>
> + <dd>Used to set RLIMIT_RSS.</dd><br>
> + <dt><code>rtprio</code></dt><br>
> + <dd>Used to set RLIMIT_RTPRIO.</dd><br>
> + <dt><code>rttime</code></dt><br>
> + <dd>Used to set RLIMIT_RTTIME.</dd><br>
> + <dt><code>sigpending</code></dt><br>
> + <dd>Used to set RLIMIT_SIGPENDING.</dd><br>
> + <dt><code>stack</code></dt><br>
> + <dd>Used to set RLIMIT_STACK.</dd><br>
> + </dl><br>
> +<br>
> + <pre><br>
> + <rlimits><br>
> + <nofile>10240</nofile><br>
> + </rlimits><br>
> + </pre><br>
> +<br>
> +<br>
> <h3><a name="elementsSysinfo">SMBIOS System Information</a></h3><br>
><br>
> <p><br>
> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng<br>
> index d467dce..b98f8d5 100644<br>
> --- a/docs/schemas/domaincommon.rng<br>
> +++ b/docs/schemas/domaincommon.rng<br>
> @@ -59,6 +59,9 @@<br>
> <ref name="idmap"/><br>
> </optional><br>
> <optional><br>
> + <ref name="rlimits"/><br>
> + </optional><br>
> + <optional><br>
> <ref name="devices"/><br>
> </optional><br>
> <zeroOrMore><br>
> @@ -570,6 +573,92 @@<br>
> </interleave><br>
> </element><br>
> </define><br>
> + <define name="rlimits"><br>
> + <element name="rlimits"><br>
> + <interleave><br>
> + <optional><br>
> + <element name="cpu"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="fsize"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="data"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="stack"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="core"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="rss"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="nproc"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="nofile"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="memlock"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="as"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="locks"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="sigpending"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="msgqueue"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="nice"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="rtprio"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + <optional><br>
> + <element name="rttime"><br>
> + <ref name='scaledInteger'/><br>
> + </element><br>
> + </optional><br>
> + </interleave><br>
> + </element><br>
> + </define><br>
> <!--<br>
> Resources usage defines the amount of memory (maximum and possibly<br>
> current usage) and number of virtual CPUs used by that domain.<br>
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c<br>
> index d562e1a..399976e 100644<br>
> --- a/src/conf/domain_conf.c<br>
> +++ b/src/conf/domain_conf.c<br>
> @@ -772,6 +772,24 @@ VIR_ENUM_IMPL(virDomainLoader,<br>
> "rom",<br>
> "pflash")<br>
><br>
> +VIR_ENUM_IMPL(virDomainRLimit, VIR_DOMAIN_RLIMIT_LAST,<br>
> + "cpu",<br>
> + "fsize",<br>
> + "data",<br>
> + "stack",<br>
> + "core",<br>
> + "rss",<br>
> + "nproc",<br>
> + "nofile",<br>
> + "memlock",<br>
> + "as",<br>
> + "locks",<br>
> + "sigpending",<br>
> + "msgqueue",<br>
> + "nice",<br>
> + "rtprio",<br>
> + "rttime")<br>
<br>
</div></div>I'm really not a huge fan of this passthrough of arbitrary rlimits<br>
in the XML like this. Not least because a number of these limits are<br>
actually schedular tunables and so would logically belong under the<br>
existing <cputune> XML element.<br>
<br>
Regards,<br>
Daniel<br>
<span class="HOEnZb"><font color="#888888">--<br>
|: <a href="http://berrange.com" target="_blank">http://berrange.com</a> -o- <a href="http://www.flickr.com/photos/dberrange/" target="_blank">http://www.flickr.com/photos/dberrange/</a> :|<br>
|: <a href="http://libvirt.org" target="_blank">http://libvirt.org</a> -o- <a href="http://virt-manager.org" target="_blank">http://virt-manager.org</a> :|<br>
|: <a href="http://autobuild.org" target="_blank">http://autobuild.org</a> -o- <a href="http://search.cpan.org/~danberr/" target="_blank">http://search.cpan.org/~danberr/</a> :|<br>
|: <a href="http://entangle-photo.org" target="_blank">http://entangle-photo.org</a> -o- <a href="http://live.gnome.org/gtk-vnc" target="_blank">http://live.gnome.org/gtk-vnc</a> :|<br>
</font></span></blockquote></div><br></div>