I recently received a report of a libvirt+Xen installation reaching the pids cgroup controller TasksMax limit kernel: [71282.213347] cgroup: fork rejected by pids controller in /system.slice/libvirtd.service The default setting of TaskMax is 512 on this system # cat /sys/fs/cgroup/pids/system.slice/libvirtd.service/pids.max 512 Depending on domain type and configuration, I've noticed between 5-7 tasks (IO threads, qemu process, etc.) are created when starting a domain. It doesn't take too many domains before the 512 limit is reached. LimitNOFILE was recently changed by commit 27cd763500 to support 4096 domains. Following similar logic, would it be ok to increase TasksMax to 32768? That would accommodate 4096 domains with 8 tasks each. TasksMax also supports the special value of "infinity", but that seems a bit aggressive to me. Regards, Jim