From: Tejun Heo <tj@kernel.org>
To: Benjamin Berg <benjamin@sipsolutions.net>
Cc: cgroups@vger.kernel.org, linux-mm@kvack.org,
Johannes Weiner <hannes@cmpxchg.org>
Subject: Re: Memory reclaim protection and cgroup nesting (desktop use)
Date: Thu, 5 Mar 2020 09:55:54 -0500 [thread overview]
Message-ID: <20200305145554.GA5897@mtj.thefacebook.com> (raw)
In-Reply-To: <4d3e00457bba40b25f3ac4fd376ba7306ffc4e68.camel@sipsolutions.net>
Hello,
On Thu, Mar 05, 2020 at 02:13:58PM +0100, Benjamin Berg wrote:
> A major discussion point seemed to be that cgroups should be grouped by
> their resource management needs rather than a logical hierarchy. I
> think that the resource management needs actually map well enough to
> the logical hierarchy in our case. The hierarchy looks like:
Yeah, the two layouts share a lot of commonalities in most cases. It's
not like we usually wanna distribute resources completely unrelated to
how the system is composed logically.
> root
> / \
> system.slice user.slice
> / | | \
> cron journal user-1000.slice user-1001.slice
> | \
> user@1000.service [SAME]
> | |
> apps.slice session.slice
> | |
> unprotected protected
>
...
> I think this actually makes sense. Both from an hierarchical point of
> view and also for configuring resources. In particular the user-.slice
> layer is important, because this grouping allows us to dynamically
> adjust resource management. The obvious thing we can do there is to
> prioritise the currently active user while also lowering resource
> allocations for inactive users (e.g. graphical greeter still running in
> the background).
Changing memory limits dynamically can lead to pretty abrupt system
behaviors depending on how big the swing is but memory.low and io/cpu
weights should behave fine.
> Note, that from my point of view the scenario that most concerns me is
> a resource competition between session.slice and its siblings. This
> makes the hierarchy above even less important; we just need to give the
> user enough control to do resource allocations within their own
> subtree.
>
> So, it seems to me that the suggested mount option should work well in
> our scenario.
Sounds great. In our experience, what would help quite a lot is using
per-application cgroups more (e.g. containing each application as user
services) so that one misbehaving command can't overwhelm the session
and eventually when oomd has to kick in, it can identify and kill only
the culprit application rather than the whole session.
Thanks.
--
tejun
next prev parent reply other threads:[~2020-03-05 14:55 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-04 9:44 Benjamin Berg
2020-03-04 16:30 ` Tejun Heo
2020-03-04 17:02 ` Jonathan Corbet
2020-03-04 17:10 ` Tejun Heo
2020-03-05 1:29 ` Daniel Xu
2020-03-05 13:13 ` Benjamin Berg
2020-03-05 14:55 ` Tejun Heo [this message]
2020-03-05 15:12 ` Tejun Heo
2020-03-05 15:27 ` Benjamin Berg
2020-03-05 15:39 ` Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200305145554.GA5897@mtj.thefacebook.com \
--to=tj@kernel.org \
--cc=benjamin@sipsolutions.net \
--cc=cgroups@vger.kernel.org \
--cc=hannes@cmpxchg.org \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox