On Mo, 23.09.24 11:58, Matthew Ife (matthew@xxxxxxx) wrote: > > /run/ is only mounted by systemd if it is not pre-mounted already by > > the container manager. We generally assume the container manager does > > that (for example systemd-nspawn does it that way), already because > > /run/host/ is the mechanism to pass outside info/resources into the > > container in a systemd world, hence it really needs to be premounted. > > I think theabove is enough to know the right answer. > Fix the container manager to behave correctly. This feels like the most elegant approach. > > I didn't spot this when trying to understand the best approach to change things. Apologies. > > Note, you're right about how we do stupid things like disabling swap. Its not my call sadly! > Whilst I dont think the answer here is "adding swap will fix" there are a myriad other reasons to > have swap and it would at least elongate the cliff-edge we have with this problem otherwise. Adding swap *will* fix the issue for you btw to a large degree. By not having swap you make it impossible for tmpfs and anonymous memory to be paged out. You basically *create* an artificial OOM situation if any loads shows up, because you artifically minimize the amount of reclaimable pages: in most cases only mapped ELF binaries become reclaimable this way, so they will be constantly thrashed and everything goes to shit. If you disable swap on a big server you are just misunderstanding how memory management works on Linux, and its pretty much your own fault. This might sound harsh, but it is how it is. Talk to whoever maintains these systems, and get them talk to some MM person and get educated about these things. There's a fundamental misunderstanding here how loaded systems need to be managed. And if you then combine this with non-persistant journald, you are artificially amplifying the problem you artificially created for yourself, because you intentionally moved even more stuff that would normally be backed by disk into unreclaimable memory. Lennart -- Lennart Poettering, Berlin
Re: Making /run respect Container Memory Limits
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Making /run respect Container Memory Limits
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Mon, 23 Sep 2024 16:14:58 +0200
- Cc: systemd-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <0a0f0f9ebe807d33ce319f347bf8f92acdceec40.camel@ife.onl>
- References: <c837444596e75c77515b24d94bea96a6c88aa75c.camel@ife.onl> <ZvFDOSNzMKPbpinb@gardel-login> <0a0f0f9ebe807d33ce319f347bf8f92acdceec40.camel@ife.onl>
- Follow-Ups:
- Re: Making /run respect Container Memory Limits
- From: Demi Marie Obenour
- Re: Making /run respect Container Memory Limits
- References:
- Making /run respect Container Memory Limits
- From: Matthew Ife
- Re: Making /run respect Container Memory Limits
- From: Lennart Poettering
- Re: Making /run respect Container Memory Limits
- From: Matthew Ife
- Making /run respect Container Memory Limits
- Prev by Date: Re: Making /run respect Container Memory Limits
- Next by Date: Re: Making /run respect Container Memory Limits
- Previous by thread: Re: Making /run respect Container Memory Limits
- Next by thread: Re: Making /run respect Container Memory Limits
- Index(es):
 |