virsh vol-download uses a lot of memory

Peter Crowther peter.crowther at melandra.com
Wed Jan 22 12:44:50 UTC 2020 

Architecturally, separating the data and control channels feels like the
right approach - whether nbd or something else. Would need signposting for
those of us who routinely implement firewalling on hosts, but that's a
detail.

I presume there's no flow control on streams at the moment?

Cheers,

Peter

On Wed, 22 Jan 2020, 12:18 Daniel P. Berrangé, <berrange at redhat.com> wrote:

> On Wed, Jan 22, 2020 at 01:01:42PM +0100, Michal Privoznik wrote:
> > On 1/22/20 11:11 AM, Michal Privoznik wrote:
> > > On 1/22/20 10:03 AM, R. Diez wrote:
> > > > Hi all:
> > > >
> > > > I am using the libvirt version that comes with Ubuntu 18.04.3 LTS.
> > >
> > > I'm sorry, I don't have Ubuntu installed anywhere to look the version
> > > up. Can you run 'virsh version' to find it out for me please?
> >
> > Nevermind, I've managed to reproduce with the latest libvirt anyway.
> >
> > >
> > > >
> > > > I have written a script that backs up my virtual machines every
> > > > night. I want to limit the amount of memory that this backup
> > > > operation consumes, mainly to prevent page cache thrashing. I have
> > > > described the Linux page cache thrashing issue in detail here:
> > > >
> > > >
> http://rdiez.shoutwiki.com/wiki/Today%27s_Operating_Systems_are_still_incredibly_brittle#The_Linux_Filesystem_Cache_is_Braindead
> > > >
> > > >
> > > > The VM virtual disk weighs 140 GB at the moment. I thought 500 MiB
> > > > of RAM should be more than enough to back it up, so I added the
> > > > following options to the systemd service file associated to the
> > > > systemd timer I am using:
> > > >
> > > >    MemoryLimit=500M
> > > >
> > > > However, the OOM is killing "virsh vol-download":
> > > >
> > > > Jan 21 23:40:00 GS-CEL-L kernel: [55535.913525] [  pid  ]   uid
> > > > tgid total_vm      rss pgtables_bytes swapents oom_score_adj name
> > > > Jan 21 23:40:00 GS-CEL-L kernel: [55535.913527] [  13232]  1000
> > > > 13232     5030      786    77824      103             0
> > > > BackupWindows10
> > > > Jan 21 23:40:00 GS-CEL-L kernel: [55535.913528] [  13267]  1000
> > > > 13267     5063      567    73728      132             0
> > > > BackupWindows10
> > > > Jan 21 23:40:00 GS-CEL-L kernel: [55535.913529] [  13421]  1000
> > > > 13421     5063      458    73728      132             0
> > > > BackupWindows10
> > > > Jan 21 23:40:00 GS-CEL-L kernel: [55535.913530] [  13428]  1000
> > > > 13428 712847   124686  5586944   523997             0 virsh
> > > > Jan 21 23:40:00 GS-CEL-L kernel: [55535.913532]
> oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/system.slice/VmBackup.service,task_memcg=/system.slice/VmBackup.service,task=virsh,pid=13428,uid=1000
> > > >
> > > > Jan 21 23:40:00 GS-CEL-L kernel: [55535.913538] Memory cgroup out of
> > > > memory: Killed process 13428 (virsh) total-vm:2851388kB,
> > > > anon-rss:486180kB, file-rss:12564kB, shmem-rss:0kB
> > > >
> > > > I wonder why "virsh vol-download" needs so much RAM. It does not get
> > > > killed straight away, it takes a few minutes to get killed. It
> > > > starts using a VMSIZE of around 295 MiB, which is not really frugal
> > > > for a file download operation, but then it grows and grows.
> > >
> > > This is very likely a memory leak somewhere.
> >
> > Actually, it is not. It's caused by our design of the client event loop.
> If
> > there are any incoming data, read as much as possible placing them at the
> > end of linked list of incoming stream data (stream is a way that libvirt
> > uses to transfer binary data). Problem is that instead of returning NULL
> to
> > our malloc()-s once the limit is reached, kernel decides to kill us.
> >
> > For anybody with libvirt insight: virNetClientIOHandleInput() ->
> > virNetClientCallDispatch() -> virNetClientCallDispatchStream() ->
> > virNetClientStreamQueuePacket().
> >
> >
> > The obvious fix would be to stop processing incoming packets if stream
> has
> > "too much" data cached (define "too much"). But this may lead to
> > unresponsive client event loop - if the client doesn't pull data from
> > incoming stream fast enough they won't be able to make any other RPC.
>
> IMHO if they're not pulling stream data and still expecting to make
> other RPC calls in a timely manner, then their code is broken.
>
> Having said that, in retrospect I rather regret ever implementing our
> stream APIs as we did. We really should have just exposed an API which
> lets you spawn an NBD server associated with a storage volume, or
> tunnelled NBD over libvirtd. The former is probably our best strategy
> these days, now that NBD has native TLS support.
>
> Regards,
> Daniel
> --
> |: https://berrange.com      -o-
> https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org         -o-
> https://fstop138.berrange.com :|
> |: https://entangle-photo.org    -o-
> https://www.instagram.com/dberrange :|
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20200122/dd1b2091/attachment.htm>

More information about the libvirt-users mailing list