Configuring service memory hard limits

Virtuozzo Infrastructure allows administrators to control memory usage across internal services by setting per–service-type hard limits. These limits prevent any single service from consuming excessive memory, thus ensuring predictable performance and maintaining overall system stability.

Each system service (such as the S3 gateway, object service, name service, etc.) runs in an isolated cgroup that enforces resource boundaries at the kernel level. The memory limiter automatically applies configured thresholds to each service type and monitors their usage in real time.

When a service exceeds its configured hard memory limit, it is automatically terminated to prevent memory leaks or exhaustion of system resources.

The memory limiter provides the following capabilities:

• Cgroup v2 integration: Each service type operates within a dedicated cgroup (for example, /sys/fs/cgroup/svc_type_s3gw), where memory constraints are applied through standard memory.max and memory.high controls.
• Automatic enforcement: The system continuously monitors memory events and pressure metrics. Processes that exceed their limits are terminated automatically.
• Service isolation: Services are dynamically assigned to and removed from their respective cgroups when they start or stop, ensuring consistent isolation.

• Configuration: Memory hard limits can be defined per service type in /var/lib/ostor/ostor-agent.cfg. For example:

  memory_hard_limit_mb.s3gw=2048

  Separate configuration entries exist for all major service types.

The default limits for S3 services are listed in the table below:

Service type	Parameter	Default limit (MB)
S3 gateway (S3GW)	memory_hard_limit_mb.s3gw	2048
Object service (OS)	memory_hard_limit_mb.os	2048
Name service (NS)	memory_hard_limit_mb.ns	2048
Geo-replication (GR)	memory_hard_limit_mb.gr	1024
Account control (ACC)	memory_hard_limit_mb.acc	2048
Notification delivery (NDS)	memory_hard_limit_mb.nds	1024
Default (other services)	memory_hard_limit_mb.default	1024