CGroup in Linux (Alma Linux)
Intro
cgroup (Control Groups) drivers in Linux are mechanisms used to manage and control system resources such as CPU, memory, disk I/O, and network for groups of processes. They are commonly used in containerized environments to ensure that containers get the appropriate share of system resources and do not interfere with each other.
When you run containers on Linux, resource control is handled by cgroup drivers, which interface with the Linux cgroup (Control Groups) subsystem. There are different versions of cgroup drivers (cgroup v1 and cgroup v2), and they determine how the resource limits and accounting are applied.
Identify the cgroup version
To check which version is currently in use:
[root@kube-master1 ~]# stat -fc %T /sys/fs/cgroup/
cgroup2fs
For cgroup v2, the output is cgroup2fs.
For cgroup v1, the output is tmpfs.
cgroupfs driver
The cgroupfs driver is the default cgroup driver in the kubelet. When the cgroupfs driver is used, the kubelet and the container runtime directly interface with the cgroup filesystem to configure cgroups.
The cgroupfs driver is not recommended when systemd is the init system because systemd expects a single cgroup manager on the system. Additionally, if you use cgroup v2, use the systemd cgroup driver instead of cgroupfs.
Some basic differences between systemd and cgroupfs
| Feature | systemd | cgroupfs |
|---|---|---|
| Integration | Integrates with systemd init system | Uses native cgroup filesystem directly |
| Resource Management | Better integration with systemd services | Independent management |
| Compatibility | Recommended for Kubernetes & systemd setups | Common for Docker-only or non-systemd setups |
Reference:
- Kubernetes Doku