The issue is dat PHP doesn’t support Cgroups yet so unless we apply tacky method where we check every second the load the user gens it will never work …
Maybe it’s worth integrating this script at the panel level? GitHub - oulfr/php
It really works and this is the best solution so far. FPM limits.
But the problem is that when adding a new user or changing the package for an existing one, you need to restart the script manually.
I was able to do this with cgroups v2 (available only above Ubuntu 24)
I used cgroups rules to auto apply cgroups restrictions on user level, so it automatically applies the rule to any new fpm processes launched under the user.
PHP doesn’t support it yet …
I do not understand this. PHP FPM runs the master process with the user root. Is that what you are talking about? And all the child processes are run by the individual users, that can be cgroup-ed.
It can’t be done at the moment at kernel level without any other extra scripts. Until php-fpm support it …
Cgroups are not applied to forked processes. So when php-fpm forks an user pool process the cgroup restrictions are not applied.
Please readup on cgrulesengd, it automatically applies cgroup to forked processes as it run as daemon.
Ok, can we please assume I did my research on this topic and that the way php-fpm forks user processes from a root process means that cgroups won’t be applied?
But anyway, I did my testing and research, feel free to do your own. I’ll gladly merge any good looking PR that fixes this issue by changing some config settings.
Edit:
Hopefully cgrulesengd can solve this issue but as DirectAdmin and other admin panels build php-fpm from source to fix this issue I’m not sure it will.
Atm. I’m working on something else so I cannot test it as we speak.
I will raise a PR soon.