24/7/365 Support

Setting resource limits on LXD containers in Ubuntu

In this recipe, we will learn to set resource limits on containers. LXD uses the cgroups feature in the Linux kernel to manage resource allocation and limits. Limits can be applied to a single container through configuration or set in a profile, applying limits to a group of containers at once. Limits can be dynamically updated even when the container is running.

How to do it…

We will create a new profile and configure various resource limits in it. Once the profile is ready, we can use it with any number of containers. Follow these steps:

Create a new profile with the following command:

$ lxc profile create cookbook

Profile cookbook created

Next, edit the profile with lxc profile edit. This will open a text editor with a default profile structure in YML format:

$ lxc profile edit cookbook

Add the following details to the profile. Feel free to select any parameters and change their values as required:

name: cookbook

config:

boot.autostart: "true"

limits.cpu: "1"

limits.cpu.priority: "10"

limits.disk.priority: "10"

limits.memory: 128MB

limits.processes: "100"

description: A profile for Ubuntu Cookbook Containers

devices:

eth0:

nictype: bridged

parent: lxdbr0

type: nic

Save your changes to the profile and exit the text editor.

Optionally, you can check the created profile, as follows:

$ lxc profile show cookbook

Now, our profile is ready and can be used with a container to set limits. Create a new container using our profile:

$ lxc launch ubuntu:xenial c4 -p cookbook

This should create and start a new container with the cookbook profile applied to it. You can check the profile in use with the lxc info command:

$ lxc info c4

Check the memory limits applied to container c4:

$ lxc exec c4 -- free -m

Profiles can be updated even when they are in use. All containers using that profile will be updated with the respective changes, or return a failure message. Update your profile as follows:

$ lxc profile set cookbook limits.memory 256MB

How it works…

LXD provides multiple options to set resource limits on containers. You can apply limits using profiles or configure containers separately with the lxc config command. The advantage of creating profiles is that you can have various parameters defined in one central place, and all those parameters can be applied to multiple containers at once. A container can have multiple profiles applied and also have configuration parameters explicitly set. The overlapping parameters will take a value from the last applied profile. Also the parameters that are set explicitly using lxc config will override any values set by profiles.

The LXD installation ships with two preconfigured profiles. One is default, which is applied to all containers that do not receive any other profile. This contains a network device for a container. The other profile, named docker, configures the required kernel modules to run Docker inside the container. You can view the parameters of any profile with the lxc profile show profile_name command.

In the previous example, we used the edit option to edit the profile and set multiple parameters at once. You can also set each parameter separately or update the profile with the set option:

$ lxc profile set cookbook limits.memory 256MB

Similarly, use the get option to read any single parameter from a profile:

$ lxc profile get cookbook limits.memory

Profiles can also be applied to a running container with lxc profile apply. The following command will apply two profiles, default and cookbook, to an existing container, c6:

$ lxc profile apply c6 default,cookbook

Updating the profiles will update the configuration for all container using that profile. To modify a single container, you can use lxc config set or pass the parameters directly to a new container using the -c flag:

$ lxc launch ubuntu:xenial c7 -c limits.memory=64MB

Similar to lxc profile, you can use the edit option with lxc config to modify multiple parameters at once. The same command can also be used to configure or read server parameters. When used without any container name, the command applies to the LXD daemon.

There's more…

The lxc profile and lxc config commands can also be used to attach local devices to containers. Both commands provide the option to work with various devices, which include network, disk IO, and so on. The simplest example will be to pass a local directory to a container, as follows:

$ lxc config device add c1 share disk \

source=/home/ubuntu path=home/ubuntu/shared

See also

Read more about setting resource limits at https://www.stgraber.org/2016/03/26/lxd-2-0-resource-control-412

For more details about LXC configuration, check the help menu for the lxc profile and lxc config commands, as follows:

$ lxc config --help

Help Category:

What Our Clients Say