Lmctfy
From Gentoo Wiki
This article explains how to install and configure lmctfy, Google's open-source container support. This page is very much a WIP.
Installation
Kernel
A kernel that supports cgroups is required in order to make lmctfy work. The following setup enables lmctfy on linux-3.10.7-gentoo-r1.
KERNEL
[*] General setup --->
[*] Control Group support --->
[ ] Example debug cgroup subsystem
[*] Freezer cgroup subsystem
[ ] Device controller for cgroups
[*] Cpuset support
[*] Include legacy /proc/<pid>/cpuset file
[*] Simple CPU accounting cgroup subsystem
[*] Resource counters
[*] Memory Resource Controller for Control Groups
[*] Memory Resource Controller Swap Extension
[*] Memory Resource Controller Swap Extension enabled by default
[*] Memory Resource Controller Kernel Memory accounting
[*] HugeTLB Resource Controller for Control Groups
[ ] Enable perf_event per-cpu per-container group (cgroup) monitoring
[*] Group CPU scheduler --->
[*] Group scheduling for SCHED_OTHER
[*] CPU bandwidth provisioning for FAIR_GROUP_SCHED
[*] Group scheduling for SCHED_RR/FIFO
[*] Block IO controller
[ ] Enable Block IO controller debugging
Userspace
The following code exists in the "palmer" overlay, available from eselect repository:
root #emerge --ask lmctfyConfiguration
The following commands setup a simple lmctfy container limeted to 100MB of memory and then proceeds to start a process that attempts to allocate 200MB of memory, which should be killed.
root #lmctfy init ""
root #lmctfy create memory_only "memory:{limit:100000000}"
root #lmctfy run memory_only "memtester 200M"