I added memory limit to a privileged container:
# Template used to create this container: /usr/share/lxc/templates/lxc-download
# Parameters passed to the template: --server alt-repo.mfc.tambov.gov.ru/lxc --no-validate
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
# Distribution configuration
lxc.include = /usr/share/lxc/config/common.conf
lxc.arch = linux64
# Container specific configuration
lxc.rootfs.path = lvm:/dev/vg0/ptest
lxc.uts.name = ptest
# Network configuration
lxc.net.0.type = macvlan
lxc.net.0.link = eth1.203
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:16:3e:b6:20:ae
lxc.net.0.macvlan.mode = bridge
lxc.net.0.name = eth0
lxc.cgroup.memory.limit_in_bytes = 4G
But “free” still shows 12G (total host memory) inside the container. I checked the following file on the host, it shows the correct number:
$ cat /sys/fs/cgroup/memory/lxc.payload.ptest/memory.limit_in_bytes
4294967296
I read that lxcfs manages memory, CPU etc. info through bind mounts, does it mean something wrong with my lxcfs?
Host: Alt Linux with LXC 4.0.2
Container: Ubuntu 20.04, privileged