php_fpm cgroups

S

sysdev

Verified User
Joined
Jul 16, 2007
Messages
395
First of all I'm happy to see DA has made a first step to integrate cgroups in the fpm_children.c function like I mentioned a while ago, but is there any documentation about this or is it supposed to be part of the payed extension?

@scriptkitty
 
Last edited:
Ah, I missed that. It's pretty much the same as my own patch. Good to know we're on the same page ;)
 
sysdev said:
I've added cgroups a few months ago already to my da servers and I have pretty much the same patch. My early 'what-if' is here: https://forum.directadmin.com/threa...m-io-tasks-made-easy.62353/page-2#post-324546
Click to expand...
Are you sure it worked?

1) It does not put processes to user-XXX.slice (same slice as used by systemd). thus resource limits for user as mentioned in initial post wouldn't work.
2) If cgroup user slice has any scopes inside, it'd forbid writing to cgroup.procs.
3) It would error (not work) if cgroup is not created, there is no call to create it there. And there is no error handling there too.

Thank you!
 
It's not the only thing I did. See the rest of the thread and yes, it works. The example in the post is my first 'what-if' thought, remember. My first solution was to run a php-fpm for each user with their pid placed in the cgroup using the systemd start.
I've made a '[email protected]' (Notice the @) to create dynamic php-fpm pools per user and use an ExecStartPost to run a shellscript to create a name based user.slice with mkdir /sys/fs/cgroup/user.slice/${USERNAME}, then use a a few:

echo "${VAL}" > /sys/fs/cgroup/user.slice/$USERNAME/cpu.max
echo "${MBYTES}" > /sys/fs/cgroup/user.slice/$USERNAME/memory.max
echo "${MTASKS}" > /sys/fs/cgroup/user.slice/$USERNAME/pids.max
echo "253:0 wbps=${WBYTES} rbps=${RBYTES}" > /sys/fs/cgroup/user.slice/$USERNAME/io.max
echo "${PID}" >> /sys/fs/cgroup/user.slice/$USERNAME/cgroup.procs

to set the limits.

Modifying a user/reseller will simply use a hook to create a new user slice config in /etc/systemd/system/ and run a few systemctl set-property commands to activate the new limits.

My main issue was the persistant php-fpm pool for each user. That was a bit overkill and that's why I started looking for the fpm_children.c patch.
 
A systemctl set-property user-1029.slice CPUQuota=5% results in the first image, a systemctl set-property user-1029.slice CPUQuota=25% in the second. So it does work, but a php patch is the way to go to limit the number of active php-fpm pools.
 

Attachments

  • 1.png
    1.png
    21.6 KB · Views: 117
  • 2.png
    2.png
    19.4 KB · Views: 113
You must log in or register to reply here.
Back
Top