CN111858020B - User resource limiting method and device and computer storage medium - Google Patents

User resource limiting method and device and computer storage medium Download PDF

Info

Publication number
CN111858020B
CN111858020B CN201910364782.XA CN201910364782A CN111858020B CN 111858020 B CN111858020 B CN 111858020B CN 201910364782 A CN201910364782 A CN 201910364782A CN 111858020 B CN111858020 B CN 111858020B
Authority
CN
China
Prior art keywords
control group
user
resource limitation
resource
target control
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910364782.XA
Other languages
Chinese (zh)
Other versions
CN111858020A (en
Inventor
魏明江
李维亮
刘婧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Suzhou Software Technology Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Suzhou Software Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Suzhou Software Technology Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201910364782.XA priority Critical patent/CN111858020B/en
Publication of CN111858020A publication Critical patent/CN111858020A/en
Application granted granted Critical
Publication of CN111858020B publication Critical patent/CN111858020B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5011Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals
    • G06F9/5016Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals the resource being the memory
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5027Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The embodiment of the invention provides a user resource limiting method, a device and a computer storage medium, comprising the following steps: acquiring a current process and a user identifier corresponding to the current process; in this way, when whether the user identifier corresponding to the current process belongs to the user identifier carried by the configuration file corresponding to the target control group is obtained, and when the user identifier is further determined to belong to the user identifier carried by the configuration file corresponding to the target control group, the current process is added into the target control group, wherein the target control group is generated based on the configuration file carrying the specified user identifier. Therefore, by establishing the control group corresponding to the user group to be subjected to resource limitation, all processes corresponding to the user identification are added into the corresponding control group, the control group is utilized to realize the limitation of the system resources used by the user or the user group, the processes of the user are not omitted, and the overall global limitation of the resources used by the user or all processes under the user group is realized.

Description

User resource limiting method and device and computer storage medium
Technical Field
The present invention relates to the field of computer resource limitation, and in particular, to a method and apparatus for limiting user resources, and a computer storage medium.
Background
A multi-user operating system, such as Linux, allows multiple users to log in and use the system at the same time, and for this reason, it is sometimes necessary to limit the system resources that a certain user or a user group can use, so as to prevent that one user excessively uses the system resources and other users cannot use the system resources.
At present, when a multi-user operating system limits user resources, on one hand, the multi-user operating system cannot limit the resources of all tasks of a user or a user group, and on the other hand, limited resource types and strategies are less.
Disclosure of Invention
In order to solve the existing technical problems, the embodiment of the invention provides a user resource limiting method, a device and a storage medium, which can effectively realize global limitation of the appointed multi-user using system resources.
In order to achieve the above purpose, the technical scheme of the invention is realized as follows:
the embodiment of the invention provides a user resource limiting method, which comprises the following steps: acquiring a current process and a user identifier corresponding to the current process; and when the user identifier is determined to belong to the user identifier carried by the configuration file corresponding to the target control group, adding the current process into the target control group, wherein the target control group is generated based on the configuration file carrying the designated user identifier.
Before the current process and the user identifier corresponding to the current process are obtained, the method includes: acquiring a configuration file meeting the set format requirements, and generating a corresponding control group based on the configuration file; wherein the set format requirements include a user identification and specified format requirements of the resource restriction parameters.
Wherein the resource limitation parameter comprises a resource limitation type and a resource limitation value; the generating a corresponding control group based on the configuration file includes: and determining the resource limitation type and the resource limitation value of the control group corresponding to the user identification based on the user identification and the resource limitation parameter carried by the configuration file.
Wherein said joining said current process to said target control group comprises: and adding the current process into the target control group, determining a resource limitation type and a resource limitation value corresponding to the target control group, and carrying out resource limitation on the target control group according to the corresponding resource limitation value based on the resource limitation type.
The resource limitation type is a central processing unit, and the resource limitation value is a first threshold value; the resource limitation of the target control group according to the corresponding resource limitation value based on the resource limitation type comprises the following steps: and limiting resources of the central processor occupied by the process contained in the target control group by the first threshold.
The resource limitation type is a memory, and the resource limitation value is a second threshold value; the resource limitation of the target control group according to the corresponding resource limitation value based on the resource limitation type comprises the following steps: and limiting the resources of the memory occupied by the process contained in the target control group by using the second threshold value.
Wherein the resource limitation type is block equipment, and the resource limitation value is a third threshold value; the resource limitation of the target control group according to the corresponding resource limitation value based on the resource limitation type comprises the following steps: and limiting the resources of the block equipment occupied by the process contained in the target control group by the third threshold value.
The obtaining the current process and the user identifier corresponding to the current process includes: traversing all current processes, and determining user identifications corresponding to each process; or acquiring a new process and determining a user identifier corresponding to the new process.
The embodiment of the invention also provides a device for limiting the user resources, which comprises: an acquisition module and a determination module; the acquisition module is used for acquiring a current process and a user identifier corresponding to the current process; and the determining module is used for adding the current process into the target control group when determining that the user identifier belongs to the user identifier carried by the configuration file corresponding to the target control group, wherein the target control group is generated based on the configuration file carrying the designated user identifier.
The embodiment of the invention also provides a device for limiting the user resources, which comprises: a processor and a memory for storing a computer program capable of running on the processor; the first processor is configured to implement the color matching method according to any embodiment of the present invention applied to the object display management device when running the computer program.
The embodiment of the invention also provides a computer storage medium, wherein a computer program is stored in the computer storage medium, and the computer program realizes the user resource limiting method according to any embodiment of the invention when being executed by a processor.
The embodiment of the invention provides a user resource limiting method, a device and a computer storage medium, which comprise the following steps: acquiring a current process and a user identifier corresponding to the current process; in this way, when whether the user identifier corresponding to the current process belongs to the user identifier carried by the configuration file corresponding to the target control group is obtained, and when the user identifier is further determined to belong to the user identifier carried by the configuration file corresponding to the target control group, the current process is added into the target control group, wherein the target control group is generated based on the configuration file carrying the specified user identifier. Therefore, by establishing the control group corresponding to the user group to be subjected to resource limitation, all processes corresponding to the user identification are added into the corresponding control group, the control group is utilized to realize the limitation of the system resources used by the user or the user group, the processes of the user are not omitted, and the overall global limitation of the resources used by the user or all processes under the user group is realized.
Drawings
FIG. 1 is a flowchart illustrating a method for limiting user resources according to an embodiment of the present invention;
FIG. 2 is a flowchart of a user resource restriction method according to another embodiment of the present invention;
FIG. 3 is a flowchart of a user resource restriction method according to another embodiment of the present invention
FIG. 4 is a schematic diagram of a user resource restriction device according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a user resource restriction device according to another embodiment of the present invention.
Detailed Description
The technical scheme of the invention is further elaborated below by referring to the drawings in the specification and the specific embodiments. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used herein in the description of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The term "and/or" as used herein includes any and all combinations of one or more of the associated listed items.
As shown in fig. 1, an embodiment of the present invention provides a user resource restriction method, which includes the following steps:
step 101: acquiring a current process and a user identifier corresponding to the current process;
a process is a running activity of a program with a certain independent function with respect to a certain data set. It is a basic unit for dynamic execution of an operating system, in which processes may be either basic allocation units or basic execution units.
Here, the user identifier refers to identification information corresponding to a user who establishes a current process; the method comprises the steps that a current process and a user identifier corresponding to the current process are obtained, namely a new process is created based on a kernel with the user carrying the corresponding user identifier, and a processor obtains the current process and the corresponding user identifier.
Step 102: and when the user identifier is determined to belong to the user identifier carried by the configuration file corresponding to the target control group, adding the current process into the target control group, wherein the target control group is generated based on the configuration file carrying the designated user identifier.
Here, the configuration file carries a user identifier corresponding to a user or a user group that needs to perform resource restriction, and the generation of the target control group based on the configuration file carrying the specified user identifier refers to executing a tool command line based on the configuration file carrying the specified user identifier, and then creating a corresponding target control group according to the configuration file.
Determining that the user identifier belongs to the user identifier carried by the configuration file corresponding to the target control group means that the user identifier carried by the target control group comprises the user identifier, for example, the user identifier carried by the configuration file corresponding to the target control group comprises a user A, a user B and a user C, and when determining that the user identifier corresponding to the current process is the user A, determining that the user identifier belongs to the user identifier carried by the configuration file corresponding to the target control group, adding the current process into the target control group.
The user resource limiting method provided by the embodiment of the invention comprises the steps of obtaining a current process and a user identifier corresponding to the current process; in this way, when whether the user identifier corresponding to the current process belongs to the user identifier carried by the configuration file corresponding to the target control group is obtained, and when the user identifier is further determined to belong to the user identifier carried by the configuration file corresponding to the target control group, the current process is added into the target control group, wherein the target control group is generated based on the configuration file carrying the specified user identifier. Therefore, by establishing the control group corresponding to the user group to be subjected to resource limitation, all processes corresponding to the user identification are added into the corresponding control group, the control group is utilized to realize the limitation of the system resources used by the user or the user group, the processes of the user are not omitted, and the overall global limitation of the resources used by the user or all processes under the user group is realized.
In an embodiment, before the obtaining the current process and the user identifier corresponding to the current process, the method includes:
acquiring a configuration file meeting the set format requirements, and generating a corresponding control group based on the configuration file; wherein the set format requirements include a user identification and specified format requirements of the resource restriction parameters.
Acquiring a configuration file meeting the set format requirement means that the configuration file carries a designated user identifier and resource restriction parameters corresponding to each user identifier; or, the configuration file carries a specified user identifier and specified resource limitation parameters.
Generating a corresponding control group based on the configuration file refers to generating a control group carrying a user identifier and specified resource limitation parameters based on the configuration file meeting the set format requirements. The resource limitation parameter refers to a set of categories and values of resources that are limited to a user or group of users within a control group generated for a profile. The configuration file generally includes the following fields: user/user group: user identification, i.e. the name of the user or group of users that need to be resource restricted; control: resource limitation types; value: a resource limit value; cgroup: the corresponding control group, i.e. the control group to which the user or the process of the user group needs to join. Here, the configuration file in accordance with the set format requirement may include the following contents: the user A, the resource limitation type is the number of processes which can be created, the resource limitation value is Z as an example, and the corresponding control group is U.
In the above embodiment of the present application, the configuration file meeting the set format requirement is obtained, so that a corresponding control group is generated, and the limitation on the resources used by the users or all processes of the user group included in the control group is implemented based on the user identifier and the resource limitation parameter carried by the control group.
In an embodiment, the adding the current process to the target control group includes:
and adding the current process into the target control group, determining a resource limitation type and a resource limitation value corresponding to the target control group, and carrying out resource limitation on the target control group according to the corresponding resource limitation value based on the resource limitation type.
Here, the resource limitation parameter includes a resource limitation type and a resource limitation value, and in particular, the resource limitation type may include a central processing unit (Central Processing Unit, CPU), a memory, a block device, a device access right, a network, the number of processes that can be created, remote direct data access, and the like; the resource limitation value may be a specific resource limitation value given for a certain resource limitation class.
Here, the resource limitation type and the resource limitation value of the control group corresponding to the user identifier are determined based on the user identifier and the resource limitation parameter carried by the configuration file.
Adding the current process into the target control group, determining the resource limitation type and the resource limitation value corresponding to the target control group, wherein the determination that the current process is added into the corresponding target control group, determining the resource limitation type and the resource limitation value corresponding to the target control group, and further, performing resource limitation on the target control group according to the corresponding resource limitation value based on the resource limitation type, for example, a resource limitation type CPU of a user A, wherein the resource limitation value is 30%, and limiting the CPU occupancy rate of the user A in the control group to be 30%.
In the above embodiment of the present invention, the current process is added to the corresponding target control group, and the resource limitation is further implemented for the target control group according to the corresponding resource limitation type and resource limitation value based on the resource limitation type and resource limitation value corresponding to the target control group, so that the process of the user or the user group is implemented for the resource limitation according to the corresponding resource limitation type and resource limitation value by adding the user or the user group corresponding to the current process to the corresponding control group; meanwhile, the resource limitation of the control group basically comprises all resources used by the user or the user group, and the configuration is flexible, so that the resource limitation of the user or the user group is allowed to be refined and is easier to control.
In one embodiment, the resource limitation type is a CPU, and the resource limitation value is a first threshold value; the resource limitation of the target control group according to the corresponding resource limitation value based on the resource limitation type comprises the following steps:
and limiting the resources of the CPU occupied by the process contained in the target control group by the first threshold.
As can be seen from the above embodiments, the resource restriction categories may include CPU, memory, block device, device access rights, network, number of processes that can be created, RDMA remote direct data access, etc.
Taking the resource limitation type as a CPU as an example, the first threshold may be a value of the CPU occupied by the process included in the target control group, and the general value is a percentage of the occupied CPU; for example, if the control group generated based on the configuration file is the control group G and the set first threshold is 50%, the first threshold is used to limit resources of the CPUs occupied by the processes included in the target control group, that is, the CPUs occupied by the processes included in the control group G occupy 50% at most, otherwise, the resources are limited, so that the problem that the users included in the target control group or the user group excessively use the system resources to cause the users other than the users in the control group cannot use is prevented by limiting the resources of the CPUs included in the target control group by the first threshold.
In an embodiment, the resource constraint type is a memory, and the resource constraint value is a second threshold; the resource limitation of the target control group according to the corresponding resource limitation value based on the resource limitation type comprises the following steps:
and limiting the resources of the memory occupied by the process contained in the target control group by using the second threshold value.
As can be seen from the above embodiments, the resource limitation categories include CPU, memory, block device, device access rights, network, number of processes that can be created, RDMA remote direct data access, etc.,
taking the resource limitation type as a memory as an example, the first threshold may be a value of a memory occupied by a process included in the target control group, and generally is a byte occupied by the memory; for example, if the control group generated based on the configuration file is the control group H and the set second threshold is X bytes, then the second threshold is used to limit the resources of the memory occupied by the process contained in the target control group, that is, if the memory occupied by the process contained in the control group H is X bytes at most, otherwise, the memory is limited by the resources; therefore, the problem that the users or the user groups contained in the target control group cannot use other users which are not in the control group due to the fact that the users or the user groups excessively use system resources is prevented by limiting the resources of the memory in the target control group by the second threshold value.
In an embodiment, the resource limitation type is a block device, and the resource limitation value is a third threshold value; the resource limitation of the target control group according to the corresponding resource limitation value based on the resource limitation type comprises the following steps:
and limiting the resources of the block equipment occupied by the process contained in the target control group by the third threshold value.
As can be seen from the above embodiments, the resource limitation categories include CPU, memory, block device, device access rights, network, number of processes that can be created, RDMA remote direct data access, etc.
Taking the resource limitation class as a block device here as an example, the block device stores information in blocks with fixed sizes, each block has its own address, and can also read data with a certain length, such as a hard disk, a usb disk, an SD card, etc., at any position of the device, specifically, the block device can only accept input and return output in units of blocks.
The third threshold may be a value of a block device occupied by a process contained in the target control group, typically a number of blocks occupying the block device; for example, if the control group generated based on the configuration file is the control group I and the set second threshold is Y blocks, then the third threshold is used to limit resources of the block devices occupied by the processes included in the target control group, that is, the block devices occupied by the processes included in the control group I are at most Y blocks, otherwise, the block devices are limited by the resources; therefore, the problem that the users or the user groups contained in the target control group cannot use other users except the control group due to excessive use of system resources is prevented by limiting the resources of the block equipment in the target control group by the third threshold value.
In an embodiment, the obtaining the current process and the user identifier corresponding to the current process includes:
and traversing all the current processes, and determining the user identification corresponding to each process.
Here, traversing all current processes, determining the user identifier corresponding to each process means that all processes in the system are to be acquired, and determining the user identifier corresponding to each process respectively; further, determining that the user identifier belongs to the user identifier carried by the configuration file corresponding to the control group, adding the process into the corresponding control group, and realizing resource limitation of the process.
Further, referring to fig. 2, in the process of implementing traversing all the current processes and determining the user identifier corresponding to each process, the method specifically includes the following steps, which are implemented through the file system interface of the cgroup.
Step S11: acquiring a configuration file of user resource limitation;
the configuration file is used for generating a control group for limiting the resources of the user or the user group, and a system administrator writes the configuration file for the user or the user group needing to limit the resources, wherein the configuration file generally comprises the following fields: user/user group: user identification, i.e. the name of the user or group of users that need to be resource restricted; control: resource limitation types; value: a resource limit value; cgroup: the corresponding control group, i.e. the control group to which the user or the process of the user group needs to join.
And after the configuration file is created and written into the system, the system acquires the configuration file carrying the user identifier and the designated resource limiting parameter.
Step S12: a validation configuration file;
the validation configuration file specifically refers to a command line of the execution tool, and the configuration file is validated, that is, a control group carrying a user identifier and a resource limitation parameter is generated based on the configuration file, and resource limitation is implemented on a process corresponding to the user or the user group, specifically, see the following steps S13 to S15.
Step S13: creating a control group according to the configuration file;
here, automatically creating the control group according to the configuration file refers to generating the control group carrying the user identifier and the specified resource limitation parameter based on the configuration file carrying the user identifier and the specified resource limitation parameter.
Step S14: configuring resource limitation for the control group according to the resource limitation parameter;
the automatic resource limitation of the control group configuration according to the resource limitation parameters refers to the resource limitation parameters corresponding to the control group configuration based on the user identification carried by the configuration file and the designated resource limitation parameters, so that the control group is subjected to resource limitation by the resource limitation parameters.
Step S15: and traversing all the current processes, and determining the user identification corresponding to each process.
Traversing all current processes, determining a user identifier corresponding to each process, determining that the user identifier belongs to a user identifier carried by a configuration file corresponding to a control group, and further adding all existing processes corresponding to the user into the control group, and realizing resource restriction on the existing processes of the user based on resource restriction parameters; in this way, a limitation is implemented on the resources used by all processes of the user or group of users contained within the control group.
In an embodiment, the obtaining the current process and the user identifier corresponding to the current process includes:
and acquiring a new process and determining a user identifier corresponding to the new process.
Here, after acquiring a configuration file meeting the set format requirement, generating a corresponding control group based on the configuration file, detecting in real time by the system according to a set period, and determining a user identifier corresponding to a new process when the new process is acquired, specifically, referring to fig. 3, including the following steps:
step S21: acquiring a new process;
step S22: judging whether the newly-built process has resource restriction configuration or not;
here, determining a user identifier corresponding to the new process, and if the user identifier belongs to the user identifier carried by the configuration file corresponding to the control group, entering step S23;
if the user identifier does not belong to the user identifier carried by the configuration file corresponding to the control group, entering step S21;
step S23: adding the new process into the corresponding control group;
adding the new process into a corresponding control group, determining the resource limitation type and the resource limitation value of the control group corresponding to the user identification based on the user identification and the resource limitation parameter carried by the configuration file, and carrying out resource limitation on the new process according to the corresponding resource limitation value based on the resource limitation type.
Here, whether the new process has resource limitation configuration is judged for the new process, and if so, the new process is added into the corresponding control group by modifying the code of the kernel new process.
In the above embodiment of the present invention, the user identifier corresponding to the new process is determined by acquiring the new process, and resource limitation is implemented on the new process corresponding to the user identifier belonging to the control group, so that the monitoring of the new process of the user or the user group in real time ensures resource limitation on all processes of the user or the user group included in the control group, and avoids missing processes.
In another embodiment, as shown in fig. 4, there is also provided a resource limiting device, including:
an obtaining module 21, configured to obtain a current process and a user identifier corresponding to the current process;
and the determining module 22 is configured to add the current process to the target control group when determining that the user identifier belongs to the user identifier carried by the configuration file corresponding to the target control group, where the target control group is generated based on the configuration file carrying the specified user identifier.
In the above embodiments of the present application, the current process and the user identifier corresponding to the current process are obtained; in this way, when whether the user identifier corresponding to the current process belongs to the user identifier carried by the configuration file corresponding to the target control group is obtained, and when the user identifier is further determined to belong to the user identifier carried by the configuration file corresponding to the target control group, the current process is added into the target control group, wherein the target control group is generated based on the configuration file carrying the specified user identifier. Therefore, all processes corresponding to the user identifier are added into the control group corresponding to the user identifier, the control group is utilized to limit the resources of the user or the user group, the processes of the user cannot be omitted, and the limitation of the resources used by all processes under the user or the user group is realized.
Optionally, the obtaining module 21 is further configured to obtain a configuration file meeting the set format requirement, and generate a corresponding control group based on the configuration file; wherein the set format requirements include a user identification and specified format requirements of the resource restriction parameters.
Optionally, the resource limitation parameter includes a resource limitation type and a resource limitation value; the determining module 22 is further configured to determine a resource limitation type and a resource limitation value of the control group corresponding to the user identifier based on the user identifier and the resource limitation parameter carried by the configuration file.
Optionally, the determining module 22 is further configured to add the current process to the target control group, determine a resource limitation type and a resource limitation value corresponding to the target control group, and perform resource limitation on the target control group with the corresponding resource limitation value based on the resource limitation type.
Optionally, the resource limitation type is a CPU, and the resource limitation value is a first threshold; the determining module 22 is further configured to limit, by using the first threshold, resources of a CPU occupied by a process included in the target control group.
Optionally, the resource limitation type is a memory, and the resource limitation value is a second threshold; the determining module 22 is further configured to limit, with the second threshold, a memory occupied by a process included in the target control group.
Optionally, the resource limitation type is a block device, and the resource limitation value is a third threshold; the determining module 22 is further configured to limit, by using the third threshold, resources of block devices occupied by a process included in the target control group.
Optionally, the obtaining module 21 is further configured to traverse all current processes and determine a user identifier corresponding to each process.
Optionally, the obtaining module 21 is further configured to obtain a new process, and determine a user identifier corresponding to the new process.
In another embodiment, as shown in fig. 5, there is also provided a user resource restriction apparatus, including: at least one processor 210 and a memory 211 for storing a computer program capable of running on the processor 210; the number of processors 210 illustrated in fig. 5 is not used to refer to one processor, but is merely used to refer to a positional relationship of the processors with respect to other devices, and in practical applications, the number of processors may be one or more; likewise, the memory 211 illustrated in fig. 5 is also used in the same sense, that is, only to refer to the positional relationship of the memory with respect to other devices, and in practical applications, the number of memories may be one or more.
Wherein, when the processor 210 is configured to run the computer program, the following steps are performed:
acquiring a current process and a user identifier corresponding to the current process;
and when the user identifier is determined to belong to the user identifier carried by the configuration file corresponding to the target control group, adding the current process into the target control group, wherein the target control group is generated based on the configuration file carrying the designated user identifier.
In an alternative embodiment, the processor 210 is further configured to execute the following steps when executing the computer program:
acquiring a configuration file meeting the set format requirements, and generating a corresponding control group based on the configuration file; wherein the set format requirements include a user identification and specified format requirements of the resource restriction parameters.
In an alternative embodiment, the processor 210 is further configured to execute the following steps when executing the computer program:
and adding the current process into the target control group, determining a resource limitation type and a resource limitation value corresponding to the target control group, and carrying out resource limitation on the target control group according to the corresponding resource limitation value based on the resource limitation type.
In an alternative embodiment, the processor 210 is further configured to execute the following steps when executing the computer program:
and limiting the resources of the CPU occupied by the process contained in the target control group by the first threshold.
In an alternative embodiment, the processor 210 is further configured to execute the following steps when executing the computer program:
and limiting the resources of the memory occupied by the process contained in the target control group by using the second threshold value.
In an alternative embodiment, the processor 210 is further configured to execute the following steps when executing the computer program:
and limiting the resources of the block equipment occupied by the process contained in the target control group by the third threshold value.
In an alternative embodiment, the processor 210 is further configured to execute the following steps when executing the computer program:
traversing all current processes, and determining user identifications corresponding to each process; or alternatively, the first and second heat exchangers may be,
and acquiring a new process and determining a user identifier corresponding to the new process.
The computer device may further include: at least one network interface 212. The various components in the transmitting end are coupled together by a bus system 213. It is understood that the bus system 213 is used to enable connected communication between these components. The bus system 213 includes a power bus, a control bus, and a status signal bus in addition to the data bus. But for clarity of illustration the various buses are labeled as bus system 213 in fig. 5.
The memory 211 may be a volatile memory or a nonvolatile memory, or may include both volatile and nonvolatile memories. Wherein the nonvolatile Memory may be Read Only Memory (ROM), programmable Read Only Memory (PROM, programmable Read-Only Memory), erasable programmable Read Only Memory (EPROM, erasable Programmable Read-Only Memory), electrically erasable programmable Read Only Memory (EEPROM, electrically Erasable Programmable Read-Only Memory), magnetic random access Memory (FRAM, ferromagnetic random access Memory), flash Memory (Flash Memory), magnetic surface Memory, optical disk, or compact disk Read Only Memory (CD-ROM, compact Disc Read-Only Memory); the magnetic surface memory may be a disk memory or a tape memory. The volatile memory may be random access memory (RAM, random Access Memory), which acts as external cache memory. By way of example, and not limitation, many forms of RAM are available, such as static random access memory (SRAM, static Random Access Memory), synchronous static random access memory (SSRAM, synchronous Static Random Access Memory), dynamic random access memory (DRAM, dynamic Random Access Memory), synchronous dynamic random access memory (SDRAM, synchronous Dynamic Random Access Memory), double data rate synchronous dynamic random access memory (ddr SDRAM, double Data Rate Synchronous Dynamic Random Access Memory), enhanced synchronous dynamic random access memory (ESDRAM, enhanced Synchronous Dynamic Random Access Memory), synchronous link dynamic random access memory (SLDRAM, syncLink Dynamic Random Access Memory), direct memory bus random access memory (DRRAM, direct Rambus Random Access Memory). The memory 211 described in embodiments of the present invention is intended to comprise, without being limited to, these and any other suitable types of memory.
The memory 211 in the embodiment of the present invention is used to store various types of data to support the operation of the transmitting end. Examples of such data include: any computer program for operation on the sender, such as an operating system and application programs. The operating system includes various system programs, such as a framework layer, a core library layer, a driver layer, and the like, for implementing various basic services and processing hardware-based tasks. The application programs may include various application programs for implementing various application services. Here, a program for implementing the method of the embodiment of the present invention may be included in an application program.
The present embodiment also provides a computer storage medium, for example, including a memory 211 storing a computer program executable by a processor 210 in a transmitting end to perform the steps of the foregoing method. The computer storage medium may be FRAM, ROM, PROM, EPROM, EEPROM, flash Memory, magnetic surface Memory, optical disk, or CD-ROM; but may also be various devices including one or any combination of the above memories, such as smartphones, tablet computers, notebook computers, etc. A computer storage medium having a computer program stored therein, which when executed by a processor, performs the steps of:
wherein, when the processor 210 is configured to run the computer program, the following steps are performed:
acquiring a current process and a user identifier corresponding to the current process;
and when the user identifier is determined to belong to the user identifier carried by the configuration file corresponding to the target control group, adding the current process into the target control group, wherein the target control group is generated based on the configuration file carrying the designated user identifier.
In an alternative embodiment, the computer program, when executed by the processor, further performs the steps of:
acquiring a configuration file meeting the set format requirements, and generating a corresponding control group based on the configuration file; wherein the set format requirements include a user identification and specified format requirements of the resource restriction parameters.
In an alternative embodiment, the computer program, when executed by the processor, further performs the steps of:
and adding the current process into the target control group, determining a resource limitation type and a resource limitation value corresponding to the target control group, and carrying out resource limitation on the target control group according to the corresponding resource limitation value based on the resource limitation type.
In an alternative embodiment, the computer program, when executed by the processor, further performs the steps of:
and limiting the resources of the CPU occupied by the process contained in the target control group by the first threshold.
In an alternative embodiment, the computer program, when executed by the processor, further performs the steps of:
and limiting the resources of the memory occupied by the process contained in the target control group by using the second threshold value.
In an alternative embodiment, the computer program, when executed by the processor, further performs the steps of:
and limiting the resources of the block equipment occupied by the process contained in the target control group by the third threshold value.
In an alternative embodiment, the computer program, when executed by the processor, further performs the steps of:
traversing all current processes, and determining user identifications corresponding to each process; or alternatively, the first and second heat exchangers may be,
and acquiring a new process and determining a user identifier corresponding to the new process.
The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, improvement, etc. made within the spirit and scope of the present invention are included in the protection scope of the present invention.

Claims (7)

1. A method of user resource limitation, the method comprising:
acquiring a configuration file meeting the set format requirements;
generating a corresponding control group based on the configuration file; wherein, the set format requirement comprises a user identifier and a specified format requirement of a resource limitation parameter, and the resource limitation parameter comprises a resource limitation type and a resource limitation value;
acquiring a current process and a user identifier corresponding to the current process;
when the user identification is determined to belong to the user identification carried by the configuration file corresponding to the target control group, adding the current process into the target control group, determining a resource restriction type and a resource restriction value corresponding to the target control group, and performing resource restriction on the target control group according to the corresponding resource restriction value based on the resource restriction type; the target control group is generated based on a configuration file carrying a designated user identifier, wherein the designated user identifier comprises a user identifier corresponding to a user or a user group needing to be subjected to resource limitation;
the resource limitation type is a central processing unit, and the resource limitation value is a first threshold value; the resource limitation of the target control group according to the corresponding resource limitation value based on the resource limitation type comprises the following steps:
and limiting resources of the central processor occupied by the process contained in the target control group by the first threshold.
2. The method for limiting user resources according to claim 1, wherein the type of resource limitation is a memory, and the value of the resource limitation is a second threshold; the resource limitation of the target control group according to the corresponding resource limitation value based on the resource limitation type comprises the following steps:
and limiting the resources of the memory occupied by the process contained in the target control group by using the second threshold value.
3. The user resource restriction method according to claim 1, wherein the resource restriction type is a block device, and the resource restriction value is a third threshold; the resource limitation of the target control group according to the corresponding resource limitation value based on the resource limitation type comprises the following steps:
and limiting the resources of the block equipment occupied by the process contained in the target control group by the third threshold value.
4. The method for restricting user resources according to claim 1, wherein the obtaining the current process and the user identifier corresponding to the current process includes:
traversing all current processes, and determining user identifications corresponding to each process; or alternatively, the first and second heat exchangers may be,
and acquiring a new process and determining a user identifier corresponding to the new process.
5. A user resource limiting device, the device comprising: an acquisition module and a determination module; wherein,
the acquisition module is used for acquiring configuration files meeting the set format requirements;
the determining module is used for generating a corresponding control group based on the configuration file; wherein, the set format requirement comprises a user identifier and a specified format requirement of a resource limitation parameter, and the resource limitation parameter comprises a resource limitation type and a resource limitation value;
the acquisition module is also used for acquiring the current process and the user identification corresponding to the current process;
the determining module is further configured to add the current process to the target control group when determining that the user identifier belongs to a user identifier carried by a configuration file corresponding to the target control group, determine a resource limitation type and a resource limitation value corresponding to the target control group, and perform resource limitation on the target control group according to the corresponding resource limitation value based on the resource limitation type; the target control group is generated based on a configuration file carrying a designated user identifier, wherein the designated user identifier comprises a user identifier corresponding to a user or a user group needing to be subjected to resource limitation;
the resource limitation type is a central processing unit, and the resource limitation value is a first threshold value; the determining module is specifically configured to limit resources of a central processor occupied by a process included in the target control group by using the first threshold.
6. A user resource restriction apparatus, comprising: a processor and a memory for storing a computer program capable of running on the processor;
wherein the processor is configured to implement the user resource restriction method of any of claims 1 to 4 when the computer program is run.
7. A computer storage medium, characterized in that the computer storage medium has stored therein a computer program which, when executed by a processor, implements the user resource limitation method of any of claims 1 to 4.
CN201910364782.XA 2019-04-30 2019-04-30 User resource limiting method and device and computer storage medium Active CN111858020B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910364782.XA CN111858020B (en) 2019-04-30 2019-04-30 User resource limiting method and device and computer storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910364782.XA CN111858020B (en) 2019-04-30 2019-04-30 User resource limiting method and device and computer storage medium

Publications (2)

Publication Number Publication Date
CN111858020A CN111858020A (en) 2020-10-30
CN111858020B true CN111858020B (en) 2024-01-26

Family

ID=72965116

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910364782.XA Active CN111858020B (en) 2019-04-30 2019-04-30 User resource limiting method and device and computer storage medium

Country Status (1)

Country Link
CN (1) CN111858020B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113806011B (en) * 2021-08-17 2023-12-19 曙光信息产业股份有限公司 Cluster resource control method and device, cluster and computer readable storage medium
CN113821306B (en) * 2021-09-24 2023-09-05 亿咖通(湖北)技术有限公司 Resource isolation method, device and terminal equipment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109586970B (en) * 2018-12-13 2022-07-08 新华三大数据技术有限公司 Resource allocation method, device and system

Also Published As

Publication number Publication date
CN111858020A (en) 2020-10-30

Similar Documents

Publication Publication Date Title
CN108537543B (en) Parallel processing method, device, equipment and storage medium for blockchain data
CN110297689B (en) Intelligent contract execution method, device, equipment and medium
CN110209652B (en) Data table migration method, device, computer equipment and storage medium
US9886398B2 (en) Implicit sharing in storage management
CN108287708B (en) Data processing method and device, server and computer readable storage medium
CN105069383A (en) Virtual desktop USB (Universal Serial Bus) storage peripheral management and control method and system
CN104881318A (en) Interface calling method and device and terminal
CN110138767B (en) Transaction request processing method, device, equipment and storage medium
CN111858020B (en) User resource limiting method and device and computer storage medium
US10977049B2 (en) Installing of operating system
CN109923547B (en) Program behavior monitoring device, distributed object generation management device, storage medium, and program behavior monitoring system
CN110704177A (en) Computing task processing method and device, computer equipment and storage medium
CN113010265A (en) Pod scheduling method, scheduler, memory plug-in and system
CN114281263A (en) Storage resource processing method, system and equipment of container cluster management system
US20150154413A1 (en) Managing Document Revisions
US20170344297A1 (en) Memory attribution and control
CN115470156A (en) RDMA-based memory use method, system, electronic device and storage medium
CN114356521A (en) Task scheduling method and device, electronic equipment and storage medium
CN104216834A (en) Internal storage assess method, buffering scheduler and internal storage module
CN110442636B (en) Data reading and writing method and device and data reading and writing equipment
CN105677481A (en) Method and system for processing data and electronic equipment
CN113296891A (en) Multi-scene knowledge graph processing method and device based on platform
CN102750493A (en) Access permission control method, access permission control device and access permission control system
EP2673704A1 (en) Method and apparatus for moving a software object
JP6418419B2 (en) Method and apparatus for hard disk to execute application code

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant