Feature #21090
open
The foreman_scap_client puppet class should provide ability to configure cgroups to limit system resources
Description
It has been observed that foreman_scap_client requires high CPU when there are policies which runs probe_rpmverify, probe_file like commands. There is no way to reduce CPU utilization by these commands as its expected,
Having configurable for cgroups should allow to put resource limitation for required systems and avoid to do system to system separate configurations.
- Why does the user need this? (List the business requirements here)
To be able to put cgroups configurations for forman_scap_client from Foreman itself using foreman_scap_client class.
- How would the user like to achieve this? (List the functional requirements here)
By having cgroups configurable managed by puppet class foreman_scap_client to limit system resources on foreman_scap_client executable.
- For each functional requirement listed, specify how it can be tested to confirm the requirement is successfully implemented.
By confirming configurable of foreman_scap_client class works as expected to limit CPU, RAM utilization.
No data to display