Disk Quotas

Disk quotas enforce strict boundaries on filesystem consumption to ensure resource availability. They operate on two distinct axes:

Blocks (Capacity): Limits the total data volume a user or group can store (e.g., maximum 50GB).
Inodes (File Count): Limits the total number of files. A user can crash a filesystem by creating millions of 1KB files, exhausting all inodes even if terabytes of block space remain free.

Quotas utilize a two-tier enforcement mechanism:

Soft Limit: A warning threshold. Once crossed, an alert is generated, and a countdown timer (grace period) begins. Writes are still permitted.
Hard Limit: The absolute mathematical barrier. Once hit, the kernel intercepts and denies the write request, returning a Disk quota exceeded error to that specific user, while the rest of the system operates normally.

Implementing quotas requires modifying the filesystem mount options, initializing the tracking databases, and explicitly setting limits.

1. Enable Tracking at the Kernel Level Modify the filesystem configuration to instruct the kernel to monitor space and file allocations.

Command: vi /etc/fstab
Action: Append usrquota,grpquota to the mount options of the target partition (e.g., defaults,usrquota,grpquota).
Apply: sudo mount -o remount /target_partition (Applies changes without downtime).

2. Initialize the Quota Database Scan the filesystem to build the initial usage ledgers (aquota.user and aquota.group).

Command: sudo quotacheck -cugm /target_partition
Logic: c (create), u (user), g (group), m (force check on mounted filesystem).

3. Activate the Enforcement Engine Turn on the quota system for the partition. Limits will not apply until this is active.

4. Define the Limits (The Rules) Set the specific Soft (warning) and Hard (enforcement) boundaries for blocks (capacity) and inodes (file count).

Command: sudo edquota -u <username> or sudo edquota -g <groupname>
Logic: Opens a text editor. You modify the soft and hard columns under blocks (size in KB) and inodes (number of files). Save and exit to apply immediately.

5. Monitor and Audit Generate a comprehensive report of all users, their limits, and their current consumption.

Command: sudo repquota -a
Logic: Identifies users approaching their soft limits or those actively blocked by hard limits.

1. Mitigating the “Noisy Neighbor” Problem (SRE)

Scenario: Multiple containerized applications or logging agents write to a shared /var or /data partition.
Logic: If Application A enters an error loop and aggressively writes logs, it will consume 100% of the disk. Applications B and C, along with the OS, will crash when their write requests fail.
Action: Apply group-level block quotas. If Application A hits its hard limit, its writes fail, but the disk remains healthy and other services survive.

2. Protecting CI/CD Build Infrastructure (DevOps)

Scenario: Shared Jenkins or GitLab runners executing jobs for multiple development teams.
Logic: A poorly configured build script (e.g., a massive node_modules installation) or an uncleaned Docker build cache can exhaust inodes rapidly due to millions of tiny files.
Action: Enforce strict inode quotas on specific pipeline service accounts to guarantee that one runaway build does not paralyze the entire CI/CD cluster.

3. Managing Multi-Tenant Storage (SysAdmin)

Scenario: A centralized NFS server hosting 500 employee /home directories.
Logic: Storage hardware is finite. Unrestricted users will inevitably use the server for unauthorized massive backups or media storage.
Action: Implement user-level block quotas (e.g., 20GB per user) with automated alerts tied to the soft limit, forcing users to manage their own data lifecycle before they hit a hard wall.

Resources