Fix unlimited memory issue on old kernel #1494
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fixes opencontainers#1421 On old kernels (before 3.11), max memory limit is LLONG_MAX, which is 2^63-1 on most platforms, so we should not use uint64(-1) for unlimited memory. Keep using `-1` for cgroup API when people want to set memory unlimited to fix this. Signed-off-by: Qiang Huang <[email protected]>
This was referenced Jun 23, 2017
Contributor
|
This should fix the immediate problem we found during testing, so we should merge once confirmed, as the current code does not work at all on older kernels (you cannot set a memory limit at all). I still think that having the memory limits as |
Contributor
Yah its a bit weird right now because essentially we are doing double-cast, where we translate user input from -1 into uint64, than cast back to -1 again. The argument before was that we should stick to the internal kernel's value presentation (i.e. uint64), but maybe we should actually just conform to the kernel external interface for these settings (i.e int64) |
Member
|
@dqminh ya that sounds like a good idea. But does this also need a spec change? |
Member
|
I think we should change these back to -1. This PR fixes it but it has to add a lot of code to work around the issue. We have been running with -1 for years now and it has worked correctly. Lets either revert the kmem accounting or the entire thing and not add more code around this as cgroups accepts -1 |
Contributor
|
I am happy to do a PR to change the spec back to |
Member
|
@justincormack tibor already opened a PR for this: #1492 |
Contributor
|
@crosbymichael I meant a PR to change the runtime spec, not |
justincormack
added a commit
to justincormack/runtime-spec
that referenced
this pull request
Jun 23, 2017
The kernel ABI to these values is a string, which accepts the value `-1` to mean "unlimited" or an integer up to 2^63 for an amount of memory in bytes. While the internal representation in the kernel is unsigned, this is not exposed in any ABI directly. Because of the user-kernel memory split, values over 2^63 are not really useful; indeed that much memory is not supported, as physical memory is limited to 52 bits in the forthcoming switch to five level page tables. So it is much more natural to support the value `-1` for unlimited, especially as the actual number needed to represent the maximum has varied in different kernel versions, and across 32 and 64 bit architectures, so determining the value to use is not possible, so it is necessary to write the string `-1` to the cgroup files. See also discussion in - opencontainers/runc#1494 - opencontainers/runc#1492 - opencontainers/runc#1375 - opencontainers/runc#1421 Signed-off-by: Justin Cormack <[email protected]>
Contributor
|
Spec PR opened opencontainers/runtime-spec#876 |
justincormack
added a commit
to justincormack/runtime-spec
that referenced
this pull request
Jun 23, 2017
The kernel ABI to these values is a string, which accepts the value `-1` to mean "unlimited" or an integer up to 2^63 for an amount of memory in bytes. While the internal representation in the kernel is unsigned, this is not exposed in any ABI directly. Because of the user-kernel memory split, values over 2^63 are not really useful; indeed that much memory is not supported, as physical memory is limited to 52 bits in the forthcoming switch to five level page tables. So it is much more natural to support the value `-1` for unlimited, especially as the actual number needed to represent the maximum has varied in different kernel versions, and across 32 and 64 bit architectures, so determining the value to use is not possible, so it is necessary to write the string `-1` to the cgroup files. See also discussion in - opencontainers/runc#1494 - opencontainers/runc#1492 - opencontainers/runc#1375 - opencontainers/runc#1421 Signed-off-by: Justin Cormack <[email protected]>
justincormack
added a commit
to justincormack/runtime-spec
that referenced
this pull request
Jun 23, 2017
The kernel ABI to these values is a string, which accepts the value `-1` to mean "unlimited" or an integer up to 2^63 for an amount of memory in bytes. While the internal representation in the kernel is unsigned, this is not exposed in any ABI directly. Because of the user-kernel memory split, values over 2^63 are not really useful; indeed that much memory is not supported, as physical memory is limited to 52 bits in the forthcoming switch to five level page tables. So it is much more natural to support the value `-1` for unlimited, especially as the actual number needed to represent the maximum has varied in different kernel versions, and across 32 and 64 bit architectures, so determining the value to use is not possible, so it is necessary to write the string `-1` to the cgroup files. See also discussion in - opencontainers/runc#1494 - opencontainers/runc#1492 - opencontainers/runc#1375 - opencontainers/runc#1421 Signed-off-by: Justin Cormack <[email protected]>
justincormack
added a commit
to justincormack/runtime-spec
that referenced
this pull request
Jun 23, 2017
The kernel ABI to these values is a string, which accepts the value `-1` to mean "unlimited" or an integer up to 2^63 for an amount of memory in bytes. While the internal representation in the kernel is unsigned, this is not exposed in any ABI directly. Because of the user-kernel memory split, values over 2^63 are not really useful; indeed that much memory is not supported, as physical memory is limited to 52 bits in the forthcoming switch to five level page tables. So it is much more natural to support the value `-1` for unlimited, especially as the actual number needed to represent the maximum has varied in different kernel versions, and across 32 and 64 bit architectures, so determining the value to use is not possible, so it is necessary to write the string `-1` to the cgroup files. See also discussion in - opencontainers/runc#1494 - opencontainers/runc#1492 - opencontainers/runc#1375 - opencontainers/runc#1421 Signed-off-by: Justin Cormack <[email protected]>
justincormack
added a commit
to justincormack/runc
that referenced
this pull request
Jun 24, 2017
replace opencontainers#1492 opencontainers#1494 fix opencontainers#1422 Since opencontainers/runtime-spec#876 the memory specifications are now `int64`, as that better matches the visible interface where `-1` is a valid value. Otherwise finding the correct value was difficult as it was kernel dependent. Signed-off-by: Justin Cormack <[email protected]>
justincormack
added a commit
to justincormack/runc
that referenced
this pull request
Jun 27, 2017
replace opencontainers#1492 opencontainers#1494 fix opencontainers#1422 Since opencontainers/runtime-spec#876 the memory specifications are now `int64`, as that better matches the visible interface where `-1` is a valid value. Otherwise finding the correct value was difficult as it was kernel dependent. Signed-off-by: Justin Cormack <[email protected]>
Contributor
|
This can be closed now with #1495 |
tiborvass
pushed a commit
to tiborvass/runtime-spec
that referenced
this pull request
Jul 6, 2017
The kernel ABI to these values is a string, which accepts the value `-1` to mean "unlimited" or an integer up to 2^63 for an amount of memory in bytes. While the internal representation in the kernel is unsigned, this is not exposed in any ABI directly. Because of the user-kernel memory split, values over 2^63 are not really useful; indeed that much memory is not supported, as physical memory is limited to 52 bits in the forthcoming switch to five level page tables. So it is much more natural to support the value `-1` for unlimited, especially as the actual number needed to represent the maximum has varied in different kernel versions, and across 32 and 64 bit architectures, so determining the value to use is not possible, so it is necessary to write the string `-1` to the cgroup files. See also discussion in - opencontainers/runc#1494 - opencontainers/runc#1492 - opencontainers/runc#1375 - opencontainers/runc#1421 Signed-off-by: Justin Cormack <[email protected]> (cherry picked from commit e73cd70) Signed-off-by: Tibor Vass <[email protected]>
tiborvass
pushed a commit
to tiborvass/runc
that referenced
this pull request
Jul 6, 2017
replace opencontainers#1492 opencontainers#1494 fix opencontainers#1422 Since opencontainers/runtime-spec#876 the memory specifications are now `int64`, as that better matches the visible interface where `-1` is a valid value. Otherwise finding the correct value was difficult as it was kernel dependent. Signed-off-by: Justin Cormack <[email protected]> (cherry picked from commit 3d9074e) Signed-off-by: Tibor Vass <[email protected]>
tiborvass
pushed a commit
to tiborvass/runc
that referenced
this pull request
Jul 6, 2017
replace opencontainers#1492 opencontainers#1494 fix opencontainers#1422 Since opencontainers/runtime-spec#876 the memory specifications are now `int64`, as that better matches the visible interface where `-1` is a valid value. Otherwise finding the correct value was difficult as it was kernel dependent. Signed-off-by: Justin Cormack <[email protected]> (cherry picked from commit 3d9074e) Signed-off-by: Tibor Vass <[email protected]>
adrianreber
pushed a commit
to adrianreber/runc
that referenced
this pull request
Jul 27, 2017
replace opencontainers#1492 opencontainers#1494 fix opencontainers#1422 Since opencontainers/runtime-spec#876 the memory specifications are now `int64`, as that better matches the visible interface where `-1` is a valid value. Otherwise finding the correct value was difficult as it was kernel dependent. Signed-off-by: Justin Cormack <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #1421
On old kernels (before 3.11), max memory limit is
LLONG_MAX, which is 2^63-1 on most platforms, so we
should not use uint64(-1) for unlimited memory.
Keep using
-1for cgroup API when people want toset memory unlimited to fix this.
Signed-off-by: Qiang Huang [email protected]