On some distributions you might need to enable the memory isolation /etc/default/grub
GRUB_CMDLINE_LINUX="cgroup_enable=memory" On 9 June 2014 19:59, Benjamin Mahler <[email protected]> wrote: > In addition to cpu and memory isolation, you will get process isolation. > With posix isolation, processes can "escape" from the slave (e.g. something > that double-forks and uses setsid). > > > On Mon, Jun 9, 2014 at 9:02 AM, Jie Yu <[email protected]> wrote: > >> Hi Dick, >> >> >>> what croup isolation provides over stock posix / process isolation >> >> >> Currently, mesos provides cpu and memory isolation through cgroups on >> Linux boxes '--isolation=cgroups/cpu,cgroups/mem' >> >> the configuration required to setup cgroups >> >> >> If no other service on the host uses cgroup (no cgroup subsystems being >> mounted), then it should be pretty simple because mesos will mount >> corresponding subsystems for you. You can choose the root hierarchy using >> the following slave flag: >> >> add(&Flags::cgroups_hierarchy, >> "cgroups_hierarchy", >> "The path to the cgroups hierarchy root\n", >> "/sys/fs/cgroup"); >> >> If some services on the host are using cgroup (e.g, systemd), then it >> depends on how cgroups are mounted. >> >> - Jie >> >> >> >> On Mon, Jun 9, 2014 at 3:09 AM, Dick Davies <[email protected]> >> wrote: >> >>> So we're running with default isolation (posix) >>> and thinking about enabling cgroups (mesos 0.17.0 >>> right now but the upgrade to 0.18.2 was seamless >>> in dev. so that'll probably happen too). >>> >>> I just need to justify the effort and extra complexity, >>> so can someone explain briefly >>> >>> * what croup isolation provides over stock posix / process isolation >>> * the configuration required to setup cgroups >>> >>> Thanks! >>> >> >> >
