Table of Contents
Overview and Concepts
Control Groups (cgroups) are a kernel feature that lets you partition and limit a machine’s resources among groups of processes. They are heavily used by containers, systemd, and schedulers.
At a high level, cgroups provide:
- Accounting – measure how much CPU, memory, I/O, etc. a group of processes uses
- Limiting – cap resources (e.g. max memory, CPU share)
- Prioritization – give some workloads more CPU or I/O bandwidth
- Isolation – keep one workload from affecting others as much
Unlike namespaces (which provide isolation of views like PID, mount, net), cgroups control resource usage and distribution.
Cgroup v1 vs cgroup v2
There are two major generations:
- cgroup v1
- Multiple independent hierarchies (one per controller or group of controllers)
- Different controllers (cpu, memory, blkio, etc.) can have different trees
- Widely used historically, still present on older or compatibility-focused systems
- cgroup v2
- Single unified hierarchy
- Consistent behavior across controllers
- Better semantics and delegation model
- This is what modern distributions and container stacks favor
Many systems run in a hybrid mode: a cgroup v2 unified hierarchy plus some v1 controllers. For new design and internals understanding, focus on v2.
Check what is in use with: