# cpu and ram allocation per user

## DaggyStyle

hello.

let say that I have a server with 6 gigs of ram and a cpu with 6 cores.

I have three users:

a wife user that is suppose run win7 from vmware which have allocated 2 cpus and 2 gigs

a guest user that is suppose run kde/gnome which have allocated 2 cpus and 2 gigs

a husband user that is suppose run kde/gnome which have allocated 2 cpus and 2 gigs at min or the entire resources at max (if no one else it using it or logged);

I've wanted to know if it doable?

thanks.

----------

## boerKrelis

With virtualisation, this is easy.

Within one Linux system, not so. Especially since the memory model is much too complex to say "let user X have Y MB of ram". You have your resident stack size, swap, file buffers, shared memory... 

You need a different system to handle that. See http://www.gentoo.org/doc/en/security/security-handbook.xml?part=1&chap=5.

----------

## DaggyStyle

if I'm taking the virtualization in the linux as well as in the windows, is there a way to launch a xorg session from within virtualization?

----------

## boerKrelis

You mean, starting the VM once your guest logs in with gdm/kdm/xdm? That would require some major hacking.

What you could do is start the VM up front, run the X server locally (on the host machine) and have the X clients connect to it from the VM. There's a protocol for that, it's called XDMCP. GDM on the host machine will then let your guest log in to the VM.

But I suggest you take a look at ulimits I pointed to earlier in this thread. Unix has been designed as a multi-user system from the beginning. Loading every shared (shared) library for every user is a waste of resources, and there are much smarter algorithms (schedulers) available to let the CPU cycles be fairly and optimally utilized. I mean, what's the point of limiting a user to 1 CPU and letting him wait for CPU cycles while the other cores are idling?

----------

## DaggyStyle

 *boerKrelis wrote:*   

> You mean, starting the VM once your guest logs in with gdm/kdm/xdm? That would require some major hacking.
> 
> What you could do is start the VM up front, run the X server locally (on the host machine) and have the X clients connect to it from the VM. There's a protocol for that, it's called XDMCP. GDM on the host machine will then let your guest log in to the VM.
> 
> But I suggest you take a look at ulimits I pointed to earlier in this thread. Unix has been designed as a multi-user system from the beginning. Loading every shared (shared) library for every user is a waste of resources, and there are much smarter algorithms (schedulers) available to let the CPU cycles be fairly and optimally utilized. I mean, what's the point of limiting a user to 1 CPU and letting him wait for CPU cycles while the other cores are idling?

 

this is just a plan, I want to minimize the computer in the house, ideally, there will be one main server with multiple terminals (screen+keyboard+mouse) from which one can use the system.

resource speaking, nor the wife and the guest user needs all 6 cores, but the developer does when it comes to compilation, the developer is also maintaining the system.

maybe, the I'll take in account allowing more cpu power if they ideal but when all three are working, why should the guest or the wife who clearly doesn't need more the two cores needs to get more resources?

----------

## boerKrelis

 *DaggyStyle wrote:*   

> 
> 
> why should the guest or the wife who clearly doesn't need more the two cores needs to get more resources?
> 
> 

 

Because with more resources their environment will be snappier.

Your problem is not unique.

What you want is 'group scheduling', maybe with cpu control groups. It's been in the kernel since 2.6.24 (CONFIG_GROUP_SCHED & co).

From http://www.computerworld.com.au/article/197349/fair_user_scheduling_linux/?fp=16&fpid=1:

 *Quote:*   

> 
> 
> To achieve such ends with the 2.6.24 scheduler, it will only be necessary to go to the new sysfs directory /sys/kernel/uids. There will be a subdirectory there for every active user ID on the system, and each subdirectory will contain a file called cpu_share. The integer value found in that file defaults to 1024. For the purposes of adjusting scheduling, all that really matters with the cpu_share value is its ratio between two users. If one user's cpu_share is set to 2048, that user will get twice as much CPU time as any one user whose value remains at the default 1024. The end result is that adjusting the scheduling of the CPU between users is quite easy for the administrator to do.
> 
> 

 

Memory is another subject.

Consider what happens if you set apart 2G of RAM for the guest in a VM. Whether he makes good use of it or not, the dev cannot use it because it's locked in the VM. That's a waste. Especially if you recognize the fact that the VM can not share page caches with the host kernel - they're running different kernel instances.

In a shared memory scenario, the guest user has a need for maybe, what, 100M private memory on a shared system, leaving 1900M more for the both of you to use or for the kernel to use as more page cache! Faster for everybody. Everybody wins!

But if you hard-partition the resources, they get underutilized and everybody loses. If you want to give one user access to more resources, then do so with the tools provided for that end, eg, ulimits and cgroups.

But if you desperately want to run VM's then I'd go the XDMCP route if I were you.

----------

## DaggyStyle

 *boerKrelis wrote:*   

>  *DaggyStyle wrote:*   
> 
> why should the guest or the wife who clearly doesn't need more the two cores needs to get more resources?
> 
>  
> ...

 

thanks for the info!

the kernel uid seems to be better option then what I've wanted, thanks for the fix.

I guess that the windows vm can't use the dynamic memory sharing,

I didn't know you can reserve memory, nice  :Smile:  it seams that it can be done after all.

thanks for the valuable info

----------

## boerKrelis

 *DaggyStyle wrote:*   

> 
> 
> I didn't know you can reserve memory, nice :) it seams that it can be done after all. 
> 
> 

 

I didn't know either. Can you? How? I only know how to limit memory usage by uid/group, not how to reserve memory.

----------

## DaggyStyle

 *boerKrelis wrote:*   

>  *DaggyStyle wrote:*   
> 
> I didn't know you can reserve memory, nice  it seams that it can be done after all. 
> 
>  
> ...

 

my bad, I've miss read your post, I've thought you've wrote that there is a way to do that

still, limiting memory usage is what I've wanted in the first place, thought it isn't preferable but it is something.

----------

