1========================= 2Process Number Controller 3========================= 4 5Abstract 6-------- 7 8The process number controller is used to allow a cgroup hierarchy to stop any 9new tasks from being fork()'d or clone()'d after a certain limit is reached. 10 11Since it is trivial to hit the task limit without hitting any kmemcg limits in 12place, PIDs are a fundamental resource. As such, PID exhaustion must be 13preventable in the scope of a cgroup hierarchy by allowing resource limiting of 14the number of tasks in a cgroup. 15 16Usage 17----- 18 19In order to use the `pids` controller, set the maximum number of tasks in 20pids.max (this is not available in the root cgroup for obvious reasons). The 21number of processes currently in the cgroup is given by pids.current. 22 23Organisational operations are not blocked by cgroup policies, so it is possible 24to have pids.current > pids.max. This can be done by either setting the limit to 25be smaller than pids.current, or attaching enough processes to the cgroup such 26that pids.current > pids.max. However, it is not possible to violate a cgroup 27policy through fork() or clone(). fork() and clone() will return -EAGAIN if the 28creation of a new process would cause a cgroup policy to be violated. 29 30To set a cgroup to have no limit, set pids.max to "max". This is the default for 31all new cgroups (N.B. that PID limits are hierarchical, so the most stringent 32limit in the hierarchy is followed). 33 34pids.current tracks all child cgroup hierarchies, so parent/pids.current is a 35superset of parent/child/pids.current. 36 37The pids.events file contains event counters: 38 39 - max: Number of times fork failed in the cgroup because limit was hit in 40 self or ancestors. 41 42Example 43------- 44 45First, we mount the pids controller:: 46 47 # mkdir -p /sys/fs/cgroup/pids 48 # mount -t cgroup -o pids none /sys/fs/cgroup/pids 49 50Then we create a hierarchy, set limits and attach processes to it:: 51 52 # mkdir -p /sys/fs/cgroup/pids/parent/child 53 # echo 2 > /sys/fs/cgroup/pids/parent/pids.max 54 # echo $$ > /sys/fs/cgroup/pids/parent/cgroup.procs 55 # cat /sys/fs/cgroup/pids/parent/pids.current 56 2 57 # 58 59It should be noted that attempts to overcome the set limit (2 in this case) will 60fail:: 61 62 # cat /sys/fs/cgroup/pids/parent/pids.current 63 2 64 # ( /bin/echo "Here's some processes for you." | cat ) 65 sh: fork: Resource temporary unavailable 66 # 67 68Even if we migrate to a child cgroup (which doesn't have a set limit), we will 69not be able to overcome the most stringent limit in the hierarchy (in this case, 70parent's):: 71 72 # echo $$ > /sys/fs/cgroup/pids/parent/child/cgroup.procs 73 # cat /sys/fs/cgroup/pids/parent/pids.current 74 2 75 # cat /sys/fs/cgroup/pids/parent/child/pids.current 76 2 77 # cat /sys/fs/cgroup/pids/parent/child/pids.max 78 max 79 # ( /bin/echo "Here's some processes for you." | cat ) 80 sh: fork: Resource temporary unavailable 81 # 82 83We can set a limit that is smaller than pids.current, which will stop any new 84processes from being forked at all (note that the shell itself counts towards 85pids.current):: 86 87 # echo 1 > /sys/fs/cgroup/pids/parent/pids.max 88 # /bin/echo "We can't even spawn a single process now." 89 sh: fork: Resource temporary unavailable 90 # echo 0 > /sys/fs/cgroup/pids/parent/pids.max 91 # /bin/echo "We can't even spawn a single process now." 92 sh: fork: Resource temporary unavailable 93 # 94