[FFmpeg-user] FFmpeg & infrastructure
Reindl Harald
h.reindl at thelounge.net
Tue Jul 12 11:36:56 EEST 2016
Am 12.07.2016 um 10:11 schrieb Vivek Jain:
> Is there a way we can determine how much of RAM/CPU gets used by ffmpeg
> operation?
> I am trying to access if I should get a dedicated machine where I should
> install it or can I simply use it on my existing app server..
>
> It would be great if we could somehow restrict ffmpeg operation on infra
> resources utilisation, may be fail the operation if it breaches threshold.
>
> Appreciate any guidance on this
well, place your stuff in a "Type=oneshot" systemd-unit with
"TimeoutStartSec=3600" or longer when tasks take more time and follow
https://www.freedesktop.org/software/systemd/man/systemd.resource-control.html
_________________________________________
when you are at it enable some security features to sandbox ffmpeg in
case of arbitary input files:
PrivateTmp=yes
PrivateDevices=yes
NoNewPrivileges=yes
CapabilityBoundingSet=CAP_KILL CAP_CHOWN CAP_FOWNER
SystemCallFilter=~acct modify_ldt add_key adjtimex clock_adjtime
delete_module fanotify_init finit_module get_mempolicy init_module
io_destroy io_getevents iopl ioperm io_setup io_submit io_cancel kcmp
kexec_load keyctl lookup_dcookie mbind migrate_pages mount move_pages
open_by_handle_at perf_event_open pivot_root process_vm_readv
process_vm_writev ptrace remap_file_pages request_key set_mempolicy
swapoff swapon syslog umount2 uselib vmsplice
ReadOnlyDirectories=/etc
ReadOnlyDirectories=/usr
ReadOnlyDirectories=/var/lib
ReadOnlyDirectories=/proc
ReadOnlyDirectories=/sys
InaccessibleDirectories=-/boot
InaccessibleDirectories=-/home
InaccessibleDirectories=-/media
InaccessibleDirectories=-/root
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-user/attachments/20160712/99b17abf/attachment.sig>
More information about the ffmpeg-user
mailing list