Can one run a program under the same cgroup as a container?

michacassola · July 7, 2025, 4:48pm

Can one run a host system program under the same cgroup as a container?

Coud this be achieved with something like the following?

cgexec -g *:lxc.payload.container command -argument

stgraber · July 7, 2025, 5:35pm

It’s technically possible, yes. Not usually advisable as the container may restart causing some issues. Also your program using container resources may lead to confusing output in the likes of top/htop inside the container as your process won’t be visible in there.

michacassola · July 7, 2025, 5:40pm

Thanks!

It’s only so that host side backup things run on the same resources as the container.

But the container sees there are resources used (stolen, st in top)?

Which is the right one lxc.monitor.container or the payload one?

stgraber · July 7, 2025, 5:40pm

Yeah, exactly, the container will see the memory/cpu usage but without being able to see the process consuming the resources.

It’s the payload cgroup you want to use for this.

michacassola · July 7, 2025, 5:44pm

Just out of interest and lack of knowlegde: Why is there only one PID in init.scope/cgroup.procs? Where are all the other processes?

stgraber · July 7, 2025, 5:46pm

They’re most likely under system.slice/WHATEVER.service/cgroup.procs