FS#77548 - [containerd] certain containers consume all available memory

Attached to Project: Community Packages
Opened by l3s2d (l3s2d) - Friday, 17 February 2023, 06:21 GMT
Last edited by Toolybird (Toolybird) - Tuesday, 23 May 2023, 06:05 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Santiago Torres (sangy)
Morten Linderud (Foxboron)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Description:

LimitNOFILE=infinity in containerd.service file causes certain containers to immediately consume all available memory. I'm not really sure why this is presenting itself now, as the change seems to have been implemented quite a while ago.

Additional info:
https://github.com/moby/moby/issues/43361
https://github.com/containerd/containerd/issues/3201
https://github.com/bottlerocket-os/bottlerocket/issues/1136
https://github.com/containerd/containerd/issues/6707

Steps to reproduce:

Run the following (may cause system to freeze up!):
docker run -i mysql:5.7
This task depends upon

Closed by  Toolybird (Toolybird)
Tuesday, 23 May 2023, 06:05 GMT
Reason for closing:  Duplicate
Additional comments about closing:   FS#77481 
Comment by Toolybird (Toolybird) - Saturday, 18 February 2023, 00:51 GMT
That service file is provided by upstream, so technically it doesn't seem like an Arch packaging problem.

Is  FS#77481  related?
Comment by l3s2d (l3s2d) - Saturday, 18 February 2023, 02:05 GMT
Yes, I believe the root cause of https://bugs.archlinux.org/task/77481 is this issue. I will link to this issue.

I agree that one of the upstreams (systemd, containerd, docker) should fix this. Given that this is a particularly nasty bug, especially on low memory systems, it might be worth adding a patch.

Additional context:
https://github.com/containerd/containerd/pull/7566
https://github.com/moby/moby/issues/44547

Loading...