memory_only container example
150 views
Skip to first unread message
Palmer Dabbelt
Oct 3, 2013, 5:24:38 AM10/3/13
to lmc...@googlegroups.com
I've gotten lmctfy to build and run on Gentoo Linux,
"kernel 3.10.7-gentoo-r1", but I can't seem to get it to work. It seems
to pass the tests run by "make check" (at least, it prints a whole lot
of passes, it scrolled past my terminal buffer), but I can't get the
simple memory_only container example to run. When I do
# lmctfy init
# lmctfy create memory_only "memory:{limit:100000000}"
# lmctfy run memory_only "memtester 200M"
I would expect memtester to fail to allocate 200M, but it does
successfully allocate that much (which is over the 100M limit I set for
it).
Am I misunderstanding what lmctfy is supposed to be doing, or should I
go and debug my setup?
On a whim, I tried running
# lmctfy run memory_only "memtester 5G" &
# memtester 5G
on my 8G machine, and Linux OOM kills one of them arbitrarily. I
was testing if this just allow me to oversubscribe memory and then kill
the offending container, but apparently that's not happening either.
For full disclosure, I ran the following
# cd /dev
# ln -s /sys/fs/cgroup/ .
# cd
to get lmctfy to start. I assume this is OK, as it appears I've just
got my cgroups filesystem mounted somewhere else
# mount | grep cgroup
cgroup_root on /sys/fs/cgroup type tmpfs ...
If anyone is interested in trying out the Gentoo package, my ebuild is
available in the "palmer" overlay.
"kernel 3.10.7-gentoo-r1", but I can't seem to get it to work. It seems
to pass the tests run by "make check" (at least, it prints a whole lot
of passes, it scrolled past my terminal buffer), but I can't get the
simple memory_only container example to run. When I do
# lmctfy init
# lmctfy create memory_only "memory:{limit:100000000}"
# lmctfy run memory_only "memtester 200M"
I would expect memtester to fail to allocate 200M, but it does
successfully allocate that much (which is over the 100M limit I set for
it).
Am I misunderstanding what lmctfy is supposed to be doing, or should I
go and debug my setup?
On a whim, I tried running
# lmctfy run memory_only "memtester 5G" &
# memtester 5G
on my 8G machine, and Linux OOM kills one of them arbitrarily. I
was testing if this just allow me to oversubscribe memory and then kill
the offending container, but apparently that's not happening either.
For full disclosure, I ran the following
# cd /dev
# ln -s /sys/fs/cgroup/ .
# cd
to get lmctfy to start. I assume this is OK, as it appears I've just
got my cgroups filesystem mounted somewhere else
# mount | grep cgroup
cgroup_root on /sys/fs/cgroup type tmpfs ...
If anyone is interested in trying out the Gentoo package, my ebuild is
available in the "palmer" overlay.
Victor Marmol
Oct 3, 2013, 9:22:37 AM10/3/13
to Palmer Dabbelt, lmc...@googlegroups.com
I think the machine may not be setup for memory isolation (at least what lmctfy thinks will allow it to do that). Don't worry about where the cgroup hierarchies are mounted, lmctfy doesn't care and will adapt to what you give it.
Two things to try out:
- after you created the test container with memory isolation, what is the output of:
$ lmctfy run test "cat /proc/self/cgroup"
- Who/what mounted the cgroup hierarchies for you? You initialized lmctfy with an empty init spec which means you'll do that part yourself, the output of:
$ cat /proc/mounts | grep cgroup
May be useful as well.
Palmer Dabbelt
Oct 3, 2013, 2:55:08 PM10/3/13
to Victor Marmol, lmc...@googlegroups.com
Looks like I didn't have memory isolation enabled. I needed to enable
CONFIG_MEMCG, and now things work (without the symlinks). For
reference, here's my full kernel config
https://wiki.gentoo.org/wiki/Lmctfy
CONFIG_MEMCG, and now things work (without the symlinks). For
reference, here's my full kernel config
https://wiki.gentoo.org/wiki/Lmctfy
Victor Marmol
Oct 3, 2013, 3:12:21 PM10/3/13
to Palmer Dabbelt, lmc...@googlegroups.com
Arguably we can do a better job at communicating this to the user. We know memory isolation is not enabled, but we completely ignore that you asked for isolation of memory and we can't do it.
For the config, you probably need an InitSpec, unless something else mounts the cgroup hierarchies for you. Someday you'll also want to enable the perf_event hierarchy, but we only support it in spirit today.
For the config, you probably need an InitSpec, unless something else mounts the cgroup hierarchies for you. Someday you'll also want to enable the perf_event hierarchy, but we only support it in spirit today.
Reply all
Reply to author
Forward
0 new messages