Difficulty: Beginner
Estimated Time: 10 minutes

Part of the OSCON 2016 Tutorial. More information coming soon.

Don’t stop now! The next scenario will only take about 10 minutes to complete.

CGroups and Namespaces

Step 1 of 5

Step 1 - Define Memory Limits

CGroups control how much resources a process can use. By adding restrictions you can deliver a guaranteed Quality of Service to applications by ensuring they have enough space available. It's also possible protect the system from potentially malicious users or applications aiming to perform Denial of Service (DoS) applications via resource exhaustion. This can also help limit applications from memory leaks or other programming bugs by defining upper boundaries.


docker run -d --name mb100 --memory 100m alpine top

The memory usage ad limits of containers can be identified via the docker stats command.

docker stats --no-stream