[libvirt-users] cgroups inside LXC containers losts memory limits after some time

mxs kolo kolomaxes at gmail.com
Thu Sep 18 13:41:01 UTC 2014 

>>After unpredictable time passed (1-5 day ?), cgroups inside LXC
>>magicaly removed.
I use next workaround for such containers:

1) restore subgroup in cgroup hierarchy :
[root@]# mkdir /sys/fs/cgroup/memory/machine.slice/machine-lxc\\x2dpuppet.scope

2) put value in limits:
[root@]# echo 8589934592 >
/sys/fs/cgroup/memory/machine.slice/machine-lxc\\x2dpuppet.scope/memory.limit_in_bytes

[root@]# echo 9663676416  >
/sys/fs/cgroup/memory/machine.slice/machine-lxc\\x2dphosgene7.infra.scope/memory.memsw.limit_in_bytes

[root@]# echo 8589934592  >
/sys/fs/cgroup/memory/machine.slice/machine-lxc\\x2dpuppet.scope/memory.kmem.limit_in_bytes

[root@]# echo 8589934592  >
/sys/fs/cgroup/memory/machine.slice/machine-lxc\\x2dpuppet.scope/memory.kmem.tcp.limit_in_bytes

[root@]# echo 8589934592  >
/sys/fs/cgroup/memory/machine.slice/machine-lxc\\x2dpuppet.scope/memory.soft_limit_in_bytes

3) check that inside container  limits still unset:
[root at puppet01 /]# free
             total       used       free     shared    buffers     cached
Mem:    9007199254740991    1591360 9007199253149631          0
  0     913112
-/+ buffers/cache:     678248 9007199254062743
Swap:            0          0          0

4) get libvirtd pid of such container:
[root@]# ps ax | grep puppet | grep libvirt
 3142 ?        Ssl    0:17 /usr/libexec/libvirt_lxc --name puppet
--console 21 --security=none --handshake 27 --background --veth
macvlan0
Moreover, you need get pid of all process existed in LXC.  We would test
in ssh sessions, because get pid of sshd run in our container.
[root@]# pstree -ap 3142 | grep ssh
  |   `-sshd,5527


5) Assign pid with cgroups:
[root@]# cgclassify -g
memory:machine.slice/machine-lxc\\x2dpuppet.scope  3142 3143 5527

(I put pid 3143 in list - it's init inside LXC)

6) check again in container - start new ssh session:
[root at puppet01 /]# free
             total       used       free     shared    buffers     cached
Mem:       8388608        392    8388216          0          0          0
-/+ buffers/cache:        392    8388216
Swap:      1048576          0    1048576


7) compile and run loadmem:

#include <stdlib.h>

int main() {
  int *p;
  while(1) {
    int inc=1024*1024*sizeof(char);
    p=(int*) calloc(1,inc);
    if(!p) break;
  }
}

After 8G allocated process loadmem would be killed

b.r.
 Maxim Kozin

More information about the libvirt-users mailing list