cgroups

View documentation for cgclassify

$ tldr cgclassify

$ tldr cgcreate

$ tldr cgexec

No 'cgroups' command; use cgcreate [OPTIONS] CONTROLLERS:PATH or filesystem interface: echo VALUE > /sys/fs/cgroup/PATH/CONTROL_FILE

-g, --gidgroup
    Specify controllers and group path (cgroup-tools)

-r, --replace
    Replace existing parameters (cgset)

-d, --sticky
    Make tasks sticky (cgclassify)

-a, --all
    Apply to all tasks in group (cgexec)

Cgroups, or control groups, is a Linux kernel feature that limits, accounts for, and isolates resource usage (CPU, memory, disk I/O, network) of process groups. It enables fine-grained control over resource allocation, essential for containerization technologies like Docker, Kubernetes, LXC, and systemd services.

Accessed via a pseudo-filesystem (sysfs) mounted at /sys/fs/cgroup. In v1, multiple hierarchies per resource type; v2 uses a single unified hierarchy for better compatibility.

No standalone cgroups command exists. Use filesystem directly (e.g., echo to control files), cgroup-tools package (cgcreate, cgset, cgexec), or systemd (systemd-run, systemd-cgtop).

Example: Create group with cgcreate -g memory:mygroup, limit memory via cgset -r memory.limit_in_bytes=1G mygroup. Widely used for virtualization, security, and performance tuning.

Not a command; kernel feature. v1 deprecated in favor of v2 (check kernel config). Requires root or CAP_SYS_ADMIN. cgroup-tools optional, systemd handles v2 by default.

v1: legacy, multiple hierarchies per subsys.
v2: unified hierarchy, delegation, better threading support.

Admins can delegate cgroup trees to unprivileged users via cgroup.subtree_control.

Introduced in Linux 2.6.24 (2007) by Paul Menage and Rohit Seth (Google). Memory controller first, others added later. v2 development started 2013, mainline in 4.5 (2016). Adopted by major distros; unified in systemd-based systems.

cgcreate(1), cgexec(1), cgset(1), systemd-cgtop(1), systemd-cgls(1), mount(8)