[lxc-devel] limit the netwok traffic of container from the host

Serge Hallyn serge.hallyn at ubuntu.com
Fri Jun 14 21:27:01 UTC 2013


Quoting lsmushroom (lsmushroom at 126.com):
> Hi All,
>       Recently , we have been trying to find out a suitable way to
>       limit  network traffic generated from the process running in the
>       container. The network  type we used for our container is veth.
>       And we have tried TC combined with cgroup net_cls subsystem ,
>       which has successfully fulfill our goal . However ,  it requires
>       to add the configurations inside the container. As we will
>       provide the container as a service, and it is obviously
>       unacceptable to allow the end user modify the bandwidth
>       allocation . 

If I just set the veth pair name to xxx and issue:

sudo tc qdisc add dev xxx root tbf rate 0.5mbit burst 5kb latency 70ms peakrate 1mbit minburst 1540

on the host, the container's network is rated limited.

Do you want something different?




More information about the lxc-devel mailing list