cgroup limits are not detected in docker #8777
Comments
|
Cc @Drawaes too |
|
Good find :) |
|
TL;DR in some situations the GC doesn't pick up the container memory limits; which can lead to OOM exceptions and restarts /cc @gkhanna79 @Maoni0 Probably would need to be part of a 2.0.x servicing release when fixed? As containers is a mainstream ASP.NET Core deployment scenario |
|
Yeah I would backport the patch if it is causing OOM on containers in some environments. (my useful 2p) |
|
Looks like someone else might be having container issue dotnet/core#871 |
|
@janvorli will you be looking at this? |
|
@janvorli I'll update the PR so it handles the docker limits too. |
|
PR was updated: dotnet/coreclr#13488 |
|
Implemented on master: dotnet/coreclr#13488 and 2.0 branch: dotnet/coreclr#13895 |
|
Any ideas on when or if we will see this as part of a .NET Core 2.0.x release? |
|
It should show up in .NET Core 2.0.3 update. |
|
I confirm that our microservices deployed in AWS ECS Docker instances (.NET Core 2.0 runtimes) are affected by this. |
|
Anyone know which package to try this out with for docker? Tried the 2.0.3 service release but that still has the issue unless I have to manually specify the ServerGarbageCollection flag (which I did not try). |
|
@emanuelbalea I will have a look. How are you testing this? |
|
I was using the nightly docker image and testing on aws ec2 container service with an existing microservice and running siege against it to simulate real load. If there's anything I'm missing I'll be happy to try it |
|
I think memory wise things are ok. The gc should pick up the docker limit and containers shouldn't run out of memory. @emanuelbalea are you running OOM?
|
|
@tmds yes was just using more and more ram till the host filed up and ultimately crashed. Sounds like there was no GC being done. Has the usage of 'COMPlus_gcServer' changed? We used to have to set it to 0 for it to actually turn on gc before. |
From what I see the docker limits are properly parsed. I guess also for gc they are not used in all places. I don't know how to debug this further myself. |
|
I'm closing this in favor of two more specific issues: |
ghost
locked as resolved and limited conversation to collaborators
Triggered by the discussion at aspnet/KestrelHttpServer#1260, I'm having a look at the cgroup code in coreclr.
The first problem I encounter is the code isn't properly parsing the mountinfo when the mountpoint contains a dash. PR: dotnet/coreclr#13488
The next problem I have is the limits aren't found.
The code is looking for a mountpoint in the
/proc/self/mountinfofile and then combines that with a path it finds under /proc/self/cgroup.I ran a container on rhel7.4+docker and one on minishift(= local instance of openshift, which is using kubernetes as an orchectrator) and the limits are not found at that location.
Instead they are present directly under the mount path.
For example:
mountpoint:cgroupcc @janvorli @benaadams @markvincze @rahku @gboucher90
The text was updated successfully, but these errors were encountered: