Previous
Zone-Wide Resource Controls
Zone-wide resource controls are available on a system with zones installed. Zone-wide resource controls limit the total resource usage of all process entities within a zone. Zone-wide resource controls can also be set using global property names as described in How to Configure the Zone.
Table 6-2 Zones Resource Controls
Control Name | Description | Default Unit |
|---|---|---|
zone.cpu-shares | Number of fair share scheduler (FSS) CPU shares for this zone | Quantity (shares) |
zone.max-locked-memory | Total amount of physical locked memory available to a zone. | Size (bytes) |
zone.max-lwps | Maximum number of LWPs simultaneously available to this zone | Quantity (LWPs) |
zone.max-msg-ids | Maximum number of message queue IDs allowed for this zone | Quantity (message queue IDs) |
zone.max-sem-ids | Maximum number of semaphore IDs allowed for this zone | Quantity (semaphore IDs) |
zone.max-shm-ids | Maximum number of shared memory IDs allowed for this zone | Quantity (shared memory IDs) |
zone.max-shm-memory | Total amount of shared memory allowed for this zone | Size (bytes) |
zone.max-swap | Total amount of swap that can be consumed by user process address space mappings and tmpfs mounts for this zone. | Size (bytes) |
For information on configuring zone-wide resource controls, see Resource Type Properties and How to Configure the Zone. To use zone-wide resource controls in lx branded zones, see How to Configure, Verify, and Commit the lx Branded Zone.
Note that it is possible to apply a zone-wide resource control to the global zone. See Using the Fair Share Scheduler on a Solaris System With Zones Installed for additional information.
Units Support
Global flags that identify resource control types are defined for all resource controls. The flags are used by the system to communicate basic type information to applications such as the prctl command. Applications use the information to determine the following:
The unit strings that are appropriate for each resource control
The correct scale to use when interpreting scaled values
The following global flags are available:
Global Flag | Resource Control Type String | Modifier | Scale |
|---|---|---|---|
RCTL_GLOBAL_BYTES | bytes | B | 1 |
| KB | 210 | |
| MB | 220 | |
| GB | 230 | |
| TB | 240 | |
| PB | 250 | |
| EB | 260 | |
RCTL_GLOBAL_SECONDS | seconds | s | 1 |
| Ks | 103 | |
| Ms | 106 | |
| Gs | 109 | |
| Ts | 1012 | |
| Ps | 1015 | |
| Es | 1018 | |
RCTL_GLOBAL_COUNT | count | none | 1 |
| K | 103 | |
| M | 106 | |
| G | 109 | |
| T | 1012 | |
| P | 1015 | |
| E | 1018 |
Scaled values can be used with resource controls. The following example shows a scaled threshold value:
task.max-lwps=(priv,1K,deny) |
Note - Unit modifiers are accepted by the prctl, projadd, and projmod commands. You cannot use unit modifiers in the project database itself.
Resource Control Values and Privilege Levels
A threshold value on a resource control constitutes an enforcement point where local actions can be triggered or global actions, such as logging, can occur.
Each threshold value on a resource control must be associated with a privilege level. The privilege level must be one of the following three types.
Basic, which can be modified by the owner of the calling process
Privileged, which can be modified only by privileged (superuser) callers
System, which is fixed for the duration of the operating system instance
A resource control is guaranteed to have one system value, which is defined by the system, or resource provider. The system value represents how much of the resource the current implementation of the operating system is capable of providing.
Any number of privileged values can be defined, and only one basic value is allowed. Operations that are performed without specifying a privilege value are assigned a basic privilege by default.
The privilege level for a resource control value is defined in the privilege field of the resource control block as RCTL_BASIC, RCTL_PRIVILEGED, or RCTL_SYSTEM. See setrctl(2) for more information. You can use the prctl command to modify values that are associated with basic and privileged levels.
Global and Local Actions on Resource Control Values
There are two categories of actions on resource control values: global and local.
Global Actions on Resource Control Values
Global actions apply to resource control values for every resource control on the system. You can use the rctladm command described in the rctladm(1M) man page to perform the following actions:
Display the global state of active system resource controls
Set global logging actions
You can disable or enable the global logging action on resource controls. You can set the syslog action to a specific degree by assigning a severity level, syslog=level. The possible settings for level are as follows:
debug
info
notice
warning
err
crit
alert
emerg
By default, there is no global logging of resource control violations.