Limit the number of user processes, CPU usage, and memory utilization on Linux

To limit the CPU utilization of the process, a shell script code is given as follows:

Renice +10 ' ps aux | awk ' {if ($ > 0.8 && id-u $ > $) Print $ "

The use of PS to obtain process information, in fact, PS%cpu a column of the meaning of the process actually occupy the CPU time and its survival time ratio, this value can reflect the process of CPU consumption, but not accurately reaction process accounted for the CPU time of the entire system CPU percentage.

The%cpu in the top output is the percentage of the CPU time that the process occupies for the entire system CPU, which is used to limit the CPU utilization of the process more reasonably, while the%mem column also reflects the percentage of memory that the process consumes and can be used to limit process memory usage.

The shell script code is as follows:

#!/bin/sh

Pids= ' Top-bn 1 | grep "^ *[1-9]" | awk ' {if ($9 > | | $ > $ && id-u $ > $) print "

For-PID in $PIDS

Do

Renice +10 $PID

echo "Renice +10 $PID"

Done

This script can be run in cron, such as checking every minute, just add the crontab entry as root: #crontab-E * * * * * * limit.sh

The nice value of a process that consumes more than 50% CPU or 25% of memory is checked once every minute thereafter, so that the process priority is lowered, the chance of being dispatched is reduced, and the process is prompted with a message from root to be adjusted.

However, the best way to limit memory usage is to use Pam,redhat to set it in/etc/security/limits.conf. The contents of this page are: Limit the number of user processes on Linux, CPU utilization, memory usage, etc., the article reproduced from the network, if there is infringement please tell us, we will promptly delete it, the text of the following:

Edit/etc/pam.d/login
#%pam-1.0 Auth required/lib/security/pam_securetty.so auth required/lib/security/pam_pwdb.so Shadow Nullok Auth required/lib/security/pam_nologin.so Account required/lib/security/pam_pwdb.so Password REQUIRED/LIB/SECURITY/PAM_ cracklib.so Password required/lib/security/pam_pwdb.so Shadow Nullok use_authtok session REQUIRED/LIB/SECURITY/PAM_ pwdb.so Session Required/lib/security/pam_limits.so
You had to add the last of the lines
Edit/etc/security/limits.conf
Available parameters: Issue=filename: Specify a different profile instead of the default/etc/issue. Noesc: The transfer characters in the configuration file are not interpreted.
Configuration file Description: Debug: Write debug information to log conf=filename: Specify configuration file
Profile Description: The syntax for each line of the profile (one entry) is as follows:
Here can be the user name user group name, using @group syntax wildcard *, indicating any can be soft-represents a soft limit, can exceed the limit hard-represents a hard limit, there is root setting, kernel execution, can not exceed the limit can be Core-core file size (KB) dat A-Maximum data size (KB) fsize-maximum file size (KB) memlock-Maximum free memory space (KB) nofile-maximum number of files that can be opened rss-maximum space in kilobytes (KB) stack-maximum stack space (KB) cpu-Maximum CPU usage time (MIN) nproc-maximum number of running processes as-address space limit maxlogins-The maximum number of times a user can log on to a system locks-max number of locked files It is important to note that if you can use the "-" number indefinitely, And the priority for user throttling is higher than for groups.
In fact, in a Linux server, it is acceptable for a user process to run for a long time. And the CPU is too high to make other users unbearable, and it is likely that the user program has a problem, this time the system should automatically prevent such processes continue to consume system resources.
The simplest way is to discover that the CPU utilization exceeds a certain limit of user processes through PS, and then kill the process, which is very violent, and the user discovers that his process has been killed and is likely to start the process again, such a vicious cycle.
There is a compromise method, not to kill the target process, but to properly adjust its nice value, see the following shell program:
Renice +10 ' ps aux | awk ' {if ($ > 0.8 && id-u $ > $) Print $ "
Reprint Address: http://blog.sina.com.cn/s/blog_53689eaf0101b5xe.html

Limit the number of user processes, CPU usage, and memory utilization on Linux