Traditional shared hosting has always suffered from the “bad neighbor problem”: your site runs fine until another user on the machine decides to encode 20 video files and all of the sudden your site is very sluggish.

That problem is now history on our centos6 servers thanks to a relatively unknown feature recently added to the linux kernel: cgroups.

cgroups allow admins to define various groups and various rules for which processes should go into which groups. Each group can then be allocated various resources or resource priorities relative to other groups.

Here is how cgroups get rid of the traditional “bad neighbor problem” in shared hosting:


  • Imagine a CPU-intensive script called “cpu-eater”
  • Imagine that user A runs 3 instances of the script (process 1, 2 and 3) and users B and C each run one instance of that script (process 4 and 5)
  • Without cgroups each of these 5 processes gets allocated the same amount of CPU (20% each if all the CPU power is available) which means that user A gets 60% in total and user B and C get 20% each. User A is being a bad neighbor and that’s not fair to users B and C.
  • With cgroups we can configure it so that each user gets their own cgroup and all of a user’s processes go in that user’s cgroup. We then configure it so that all cgroups have the same CPU priority. This means that users A, B and C each get 33.3% of the CPU to run their “cpu-eater” scripts which is fair.

Note that cgroups keep all the CPU power available to processes who want it: if there are only two CPU-intensive processes on the machine they’ll get 50% CPU each. If there is only one CPU-intensive process on the machine it’ll get 100% CPU.

Also, this example mentions CPU usage but cgroups can do the same for disk IOs and network IOs.

We’ve been running cgroups on all of our Centos6 servers for a few months and we’ve seen great results! No longer can a single user affect all other users on the machine.