This document describes the posix/rlimits isolator. The isolator adds support for setting POSIX resource limits (rlimits) for containers launched using the Mesos containerizer.
POSIX rlimits can be used control the resources a process can consume. Resource limits are typically set at boot time and inherited when a child process is forked from a parent process; resource limits can also be modified via setrlimit(2). In many interactive shells, resource limits can be inspected or modified with the ulimit shell built-in.
A POSIX resource limit consist of a soft and a hard limit. The soft limit specifies the effective resource limit for the current and forked process, while the hard limit gives the value up to which processes may increase their effective limit; increasing the hard limit is a privileged action. It is required that the soft limit is less than or equal to the hard limit. System administrators can use a hard resource limit to define the maximum amount of resources that can be consumed by a user; users can employ soft resource limits to ensure that one of their tasks only consumes a limited amount of the global hard resource limit.
This isolator permits setting per-task resource limits. This isolator interprets rlimits specified as part of a task's ContainerInfo for the Mesos containerizer, e.g.,
{ "container": { "type": "MESOS", "rlimit_info": { "rlimits": [ { "type": "RLMT_CORE" }, { "type": "RLMT_STACK", "soft": 8192, "hard": 32768 } ] } } }
To enable interpretation of rlimits, agents need to be started with posix/rlimits in its --isolation flag, e.g.,
mesos-agent --master=<master ip> --ip=<agent ip> --work_dir=/var/lib/mesos --isolation=posix/rlimits[,other isolation flags]
To set a hard limit for a task larger than the current value of the hard limit, the agent process needs to be under a privileged user (with the CAP_SYS_RESOURCE capability), typically root.
POSIX currently defines a base set of resources, see the documentation; Linux defines additional resource limits, see e.g., the documentation of setrlimit(2).
Mesos maps these resource types onto RLimit types, where by convention the prefix RLMT_ is used in place of RLIMIT_ above. Not all limits types are supported on all platforms.
We require either both the soft and hard RLimit value, or none to be set; the latter case is interpreted as the absence of an explicit limit.