cgroups (control groups) provide a process hierarchy for distribution of resources (CPU, memory, disk I/O, network) introduced in 2006 under the name "process containers" and merged in 2.6.24 in 2008.

It builds on Linux namespaces.


  • v1:
    • Multiple process hierarchies, one per controller.
    • Thread level, not process.
  • v2:
    • No longer possible to assign different threads of the same process different cgroups.
    • Subgroups created within a single hierarchy.
    • Propagation of parameters to immediate subgroups

Both versions are supported in-kernel, and it possible, though confusing, to use both concurrently.


  • /sys/fs/cgroups exposes a VFS
  • libcgroup provides an API interface to the filesystem.
  • cgrulesengd moves processes into cgroups based on a set of rules loaded at startup.
  • A process may inspect its own cgroups via /proc/self/cgroup.