Resource limits for jails

I want a jail that can't allocate more than 512MB memory and ist not able to consume more than 25% of the cpu.

The FreeBSD builtin jails have no options for resource limiting. Check jail.conf(5) and jail(8).
I have found that you can limit resources for specific users according to 13.13 Resource Limits in the Handbook.

Is this the only way to limit resources for jails if I run them as specific user who is limited by /etc/login.conf?
Are there "cleaner" ways to achieve a resource limited jail?
 
I can remember seeing something about resource limits for jails. But I can't seem to find it on short notice. It was a work-in-progress in any case.
 
rctl(8) accepts jail as a subject type. If you booted your system with kern.racct.enable="1" in /boot/loader.conf you can use the following commands to add rules to its database:

# rctl -a jail:<jailname>:vmemoryuse:deny=512M to limit memory
# rctl -a jail:<jailname>:pcpu:deny=25 to limit processing power

PS: "FreeBSD Mastery: Jails" devotes a chapter (17 pages) to resource restriction and removal, it's like a nice juice between the manual pages.
 
Back
Top