Using control groups to protect core services
What I'd like to do is guarantee certain minimum resources to core/critical services like sshd, maybe prioritize root user processes over non-root, etc. Most docs and examples have the opposite approach and explain how to compartmentalize applications.
I've just had enough of the 'a bug in my code has run amok with the mem/cpu, now I can't log in to kill it - please reboot' type incidents.
Can anyone point me to config examples or tutorials that cover this?
Responses
Hi Fred,
It sounds to me like you'll want to investigate ulimit. I have done a bit of a search on the knowledge solutions database here, but unfortunately can't find exactly what you're looking for. What I have found, though is an article explaining how to set ulimit values for oracle. One of the main things this suggests doing is checking out '# man limits.conf'. This has examples, explanations of different options and should be a good step in the right direction. I have also linked you to an article which discusses how to check current limits against a running process.
Once you've had a chance to look at all this feel free to let me know if you have any questions. I am sure either myself or someone else checking these groups will be able to help.
Cheers,
Rohan