Re: Restricting resource usage on a shell server

To: "Raj Kiran Grandhi" <grajkiran@gmail.com>
Cc: debian-user@lists.debian.org
Subject: Re: Restricting resource usage on a shell server
From: "Sean Whitton" <sean@silentflame.com>
Date: Sat, 15 Mar 2008 16:55:56 +0000
Message-id: <[🔎] c13e6b500803150955k5e5c3442s15aefb534b1a2ac3@mail.gmail.com>
In-reply-to: <[🔎] 47DBFA18.9070308@gmail.com>
References: <[🔎] c13e6b500803150845y17269f44je47b64aee73c1de7@mail.gmail.com> <[🔎] 47DBFA18.9070308@gmail.com>

On Sat, Mar 15, 2008 at 4:32 PM, Raj Kiran Grandhi <grajkiran@gmail.com> wrote:
> Sean Whitton wrote:
>  > Hello,
>  >
>  > I am looking to set up a shell server providing apache, MySQL and
>  > mailman as well as standard shell features. For this I am going to
>  > need to limit my users usage of server resources so that they don't
>  > compromise the usage of others. Particularly, I am looking to limit
>  > disc usage across MySQL, mailman and of course normal files, bandwidth
>  > usage across ssh, sftp, httpd and anything else (e.g. wget), and
>  > memory/process usage to prevent one user hogging the server's capacity
>  > - all of this in a clean, low maintenance manner! Yes, it is a lot to
>  > ask, but I think Debian can do it, I just don't know how to make it.
>  >
>  > 1) Disc usage
>  > I can setup quotas to limit users to a certain amount of drive space
>  > quite easily, but how can I tie this to MySQL usage too? For example,
>  > if a user has a 1GB quota and uses 512MB for a database, they should
>  > then only be able to use 512MB for their home directory.
>  >
>
>  Are the databases and the home directories on the same partition? The
>  mysql database files are owned my the 'mysql' user on debian. So, it
>  might not be possible to implement a quota system that includes the
>  database.

They will be on the same partition :( I believe there are however
scripts out there to handle this kind of thing.

>
>  > 2) Bandwidth usage
>  > I get the impression from asking around that this is not at all going
>  > to be easy. I am thinking that simply limiting httpd and setting up a
>  > restrictive firewall to stop users binding their own servers would be
>  > an effective method assuming I can trust them not to upload huge
>  > files. However, does anyone know of a better way of limiting bandwidth
>  > globally?
>
>  Perhaps the iproute package would suit your needs.
>  The following rules provide some basic limiting. I got them from some page.
>
>  # tc qdisc add dev $DEV handle ffff: ingress
>  and
>  # tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip \
>  src 0.0.0.0/0 police rate ${RATE}kbit burst 10k drop flowid :1

That makes sense but I want to set a limit in GB per month, and then
allow as fast transfer as required by the user. Is this possible with
that package?

Thanks,

Sean

Reply to:

References:
- Restricting resource usage on a shell server
  - From: "Sean Whitton" <sean@silentflame.com>
- Re: Restricting resource usage on a shell server
  - From: Raj Kiran Grandhi <grajkiran@gmail.com>

Prev by Date: Missing /dev/gpmctl error
Next by Date: Re: Missing /dev/gpmctl error
Previous by thread: Re: Restricting resource usage on a shell server
Next by thread: Detached device and boot auto mount
Index(es):
- Date
- Thread