I would like to limit memory usage for Chromium (/bin/chromium-browser) and Firefox (/bin/firefox) for all users.
Before moving to Fedora I was using cgroups for that. However, I heard that on Fedora cgroups are deprecated. How can I set limit of 1GB RAM without cgroups?
EDIT:
I have tried doing it with cgroups.
/etc/cgconfig.conf
group browsers {
memory {
memory.limit_in_bytes = 1024m;
memory.memsw.limit_in_bytes = 1024m;
memory.soft_limit_in_bytes = 1024m;
}
}
/etc/cgrules.conf
*:/bin/chromium-browser memory browsers
but after
sudo service cgconfig start
systemctl status cgconfig.service
I am receiving
● cgconfig.service - Control Group configuration service
Loaded: loaded (/usr/lib/systemd/system/cgconfig.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Sun 2018-06-24 13:41:07 CEST; 29min ago
Process: 9239 ExecStart=/usr/sbin/cgconfigparser -l /etc/cgconfig.conf -s 1664 (code=exited, status=87)
Main PID: 9239 (code=exited, status=87)
Jun 24 13:41:07 me systemd[1]: Starting Control Group configuration service...
Jun 24 13:41:07 me cgconfigparser[9239]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.conf: Cgroup, operation not allowed
Jun 24 13:41:07 me systemd[1]: cgconfig.service: Main process exited, code=exited, status=87/n/a
Jun 24 13:41:07 me systemd[1]: cgconfig.service: Failed with result 'exit-code'.
Jun 24 13:41:07 me systemd[1]: Failed to start Control Group configuration service.
I will be happy with either working cgroups or alternative approach without cgroups.
Best Answer
Another approach is to use
systemd-run
andMemoryHigh
resource control, likesystemd-run --user --no-block -p MemoryHigh=1G firefox
MemoryHigh
is a feature of CGroup V2 and is not deprecated. As explained in systemd.resource-control(5) manpage we must let systemd use CGroup V2. To do this, we have to addsystemd.unified_cgroup_hierarchy=1
toGRUB_CMDLINE_LINUX_DEFAULT
in/etc/default/grun
then runupdate-grub
. Please note that this resource control is broken and does not work in some versions of systemd, e.g. v239 (where a workaround is also available).