cgroups (control groups) is a Linux kernel feature to limit, account and isolate resource usage (CPU, memory, disk I/O, etc.) of process groups.
cgroups (control groups) is a Linux kernel feature to limit, account and isolate resource usage (CPU, memory, disk I/O, etc.) of process groups. This work was started by engineers at Google (primarily Paul Menage and Rohit Seth) in 2006 under the name "process containers"; in late 2007 it was renamed to Control Groups (due to the confusion caused by multiple meanings of the term "container" in the Linux kernel) and merged to kernel version 2.6.24. Since then, many new features and controllers have been added.
One of the design goals of cgroups was to provide a unified interface to many different use cases, from controlling single processes (like nice) to whole operating system-level virtualization (like OpenVZ, Linux-VServer, LXC). Cgroups provides:
- Resource limiting: groups can be set to not exceed a set memory limit — this also includes file system cache.
- Prioritization: some groups may get a larger share of CPU or disk I/O throughput.
- Accounting: to measure how much resources certain systems use for e.g. billing purposes.
- Isolation: separate namespaces for groups, so they don't see each other's processes, network connections or files.
- Control: freezing groups or checkpointing and restarting.