Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libcontainer: ability to compile without kmem #1921

Merged
merged 1 commit into from
Nov 1, 2018
Merged

libcontainer: ability to compile without kmem #1921

merged 1 commit into from
Nov 1, 2018

Conversation

kolyshkin
Copy link
Contributor

Commit fe898e7 (PR #1350) enables kernel memory accounting
for all cgroups created by libcontainer -- even if kmem limit is
not configured.

Kernel memory accounting is known to be broken in some kernels,
specifically the ones from RHEL7 (including RHEL 7.5). Those
kernels do not support kernel memory reclaim, and are prone to
oopses. Unconditionally enabling kmem acct on such kernels lead
to bugs, such as

This commit gives a way to compile runc without kernel memory setting
support. To do so, use something like

make BUILDTAGS="seccomp nokmem"

Signed-off-by: Kir Kolyshkin kolyshkin@gmail.com

@kolyshkin
Copy link
Contributor Author

This is an alternative to #1920

@kolyshkin kolyshkin changed the title libcontainer: enable to compile without kmem libcontainer: ability to compile without kmem Nov 1, 2018
@kolyshkin
libcontainer: ability to compile without kmem
6a2c155 
Commit fe898e7 (PR opencontainers#1350) enables kernel memory accounting
for all cgroups created by libcontainer -- even if kmem limit is
not configured.

Kernel memory accounting is known to be broken in some kernels,
specifically the ones from RHEL7 (including RHEL 7.5). Those
kernels do not support kernel memory reclaim, and are prone to
oopses. Unconditionally enabling kmem acct on such kernels lead
to bugs, such as

* opencontainers#1725
* kubernetes/kubernetes#61937
* moby/moby#29638

This commit gives a way to compile runc without kernel memory setting
support. To do so, use something like

	make BUILDTAGS="seccomp nokmem"

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@crosbymichael
Copy link
Member

I think this could be a safe change in addition to #1920. What do you think?

@mrunalp
Copy link
Contributor

mrunalp commented Nov 1, 2018

I prefer this over #1920

@kolyshkin
Copy link
Contributor Author

I think this could be a safe change in addition to #1920. What do you think?

If you approve #1920 then I guess this one is not needed -- the only kernels we see this issue is RHEL7 ones -- everyone else, including ancient Ubuntu 16.04, is using more recent kernels with kmem controller rewritten.

@mrunalp
Copy link
Contributor

mrunalp commented Nov 1, 2018
edited by caniszczyk
Loading

LGTM

Approved with PullApprove

@mrunalp mrunalp mentioned this pull request Nov 1, 2018
Closed
@cyphar
Copy link
Member

cyphar commented Nov 1, 2018
edited by caniszczyk
Loading

LGTM.

Approved with PullApprove

@cyphar
Copy link
Member

cyphar commented Nov 1, 2018

(and pullapprove is broken again! yay!)

@cyphar cyphar merged commit 6a2c155 into opencontainers:master Nov 1, 2018
cyphar added a commit that referenced this pull request Nov 1, 2018
@cyphar
merge branch 'pr-1921'
9f1e944 
  libcontainer: ability to compile without kmem

LGTMs: @mrunalp @cyphar
Closes #1921
@kolyshkin kolyshkin mentioned this pull request Nov 1, 2018
Merged
@Ace-Tang Ace-Tang mentioned this pull request Nov 2, 2018
Merged
@cyphar cyphar mentioned this pull request Nov 2, 2018
Closed
@ryarnyah ryarnyah mentioned this pull request Nov 2, 2018
Closed
This was referenced Nov 12, 2018
Closed
Merged
@cyphar cyphar mentioned this pull request Nov 21, 2018
Closed
This was referenced Dec 13, 2018
Closed
Closed
@thaJeztah thaJeztah mentioned this pull request Jan 4, 2019
Merged
@zouyee zouyee mentioned this pull request Feb 11, 2019
Closed
@vilhelmen vilhelmen mentioned this pull request Mar 4, 2019
Closed
@thaJeztah thaJeztah mentioned this pull request May 23, 2019
Closed
@kolyshkin kolyshkin deleted the no-kmem-2 branch July 19, 2019 01:28
@jeffrey4l jeffrey4l mentioned this pull request Sep 21, 2019
Open
@thaJeztah thaJeztah mentioned this pull request Dec 9, 2019
Closed
@zionwu zionwu mentioned this pull request Sep 16, 2020
Closed
@kolyshkin kolyshkin mentioned this pull request Sep 19, 2020
Closed
@kolyshkin kolyshkin mentioned this pull request Mar 8, 2021
Merged
@hwshadow hwshadow mentioned this pull request Jan 19, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@kolyshkin @crosbymichael @mrunalp @cyphar