2.3.2.5 Cgroup Resource Accounting
A focused guide to Cgroup Resource Accounting, connecting core concepts with practical Docker and container operations.
Cgroup resource accounting is the kernel's ongoing tracking of exactly how much CPU time, memory, and disk IO each cgroup — and therefore each container — has actually consumed, independent of whether any limit has been configured at all, which is what tools like docker stats report.
Accounting Happens Regardless of Limits
Even a container with no configured resource limits still has its actual resource usage tracked by the kernel through the same cgroup mechanism that enforces limits when they are set — accounting and limiting are related but distinct capabilities.
docker run -d --name unrestricted myapp:1.0
docker stats unrestricted --no-stream
This reports actual CPU and memory usage for a container that has no explicit resource limits configured, demonstrating that accounting does not depend on limits being present.
What Gets Accounted
Cgroup accounting tracks cumulative and instantaneous CPU time consumed, current and peak memory usage, and the volume of data read from and written to block devices, all attributed precisely to the specific cgroup (and therefore container) responsible.
cat /sys/fs/cgroup/memory.current
cat /sys/fs/cgroup/cpu.stat
Inspected from within a container's cgroup directly, these files report exactly the same data that higher-level tools like docker stats summarize into a more readable format.
Using Accounting Data for Capacity Planning
Because accounting data reflects actual historical usage rather than configured limits, it is the appropriate basis for deciding what limits to set in the first place — observing a container's real resource consumption under realistic load before constraining it avoids setting limits that are either too restrictive or unnecessarily generous.
docker stats --no-stream
Run across all running containers, this provides a snapshot that is commonly used as a starting point for tuning resource limits based on observed behavior.
Why Resource Accounting Matters
Accurate, per-container resource accounting is what makes it possible to attribute resource consumption correctly on a shared host, which is essential both for diagnosing performance problems (is this container actually using more memory than expected) and for billing or chargeback in multi-tenant environments.