Docker has became the standard PaaS to deliver portable software. Since it uses the same resource as the host machine, resource management is very crucial to make sure it runs efficiently without putting at risk the host machine and throw an OOME (Out Of Memory Exception). This article will relate to some settings that we can to put in place to prevent that to happen. I have tested it on Ubuntu 20.04 but may also apply on the other versions/distributions with possible minimal change if any.
So, before anything, let’s make sure we are on the same OS version.
When talking about resources, we mostly need to look at Memory, CPU and Swap usage.
Memory usage limitation
To limit the amount of memory that Docker can use, there are 2 parameters we need to set up:
–memory : the maximum amount of memory that the container can use. This is a hard limit and container won’t be able to go beyond it.
–memory-reservation: the minimum amount of memory that is reserved for the container to run in case of the host experiences runs low on memory. It is a soft limit and may be exceeded as the host is recovering from the issue. To run container with a maximum memory of 1 GB and a minimal reservation of 750 MB, use below command:
sudo docker run -it –memory=”1g” –memory-reservation=”750m” ubuntu /bin/bash
We can check that the limit is effective with the command:
sudo docker stats
To demonstrate the efficiency of memory reservation, we can use the tool “stress-ng” to stress up the host.
As we can see on Figure 3, even if the host runs low on memory, the container is still able to survive because of the memory reservation that we have set to 750 MB. No other process will be allowed to use that.
CPU usage limitation
Before setting the limit on the CPU resources, we need to check the number of concurrent threads the CPU can actually. We can get that with the tool “htop“. Figure 4 shows four threads.
If we want a full details about the CPU information, we can look at /proc/cpuinfo.
After knowing the number of threads, we can limit the CPU resources with the parameter –cpus. For example, cpus=”0.5″ will allow at most a total of 50% of resources over the total number of threads.
sudo docker run -it –cpus=”0.5″ ubuntu /bin/bash
Swap usage limitation
When the hard memory limit is exhausted, the container will start overloading to the swap area.
Since the swap area is also being shared with the host, it is important to limit its usage to avoid crashing the host itself. Limitating the swap usage requires a specific setting on the linux Kernel to support the capability. To check whether it is supported or not, use the command:
sudo docker info | grep ‘^WARNING’
We can see from above screenshot that it is not actually supported. Therefore, we must enable that feature before we can play on swap limitation. To achieve that, follow below steps :
1- Edit /etc/default/grub and amend the line GRUB_CMDLINE_LINUX=”cgroup_enable=memory swapaccount=1”
2- Update grub loader with the change sudo update-grub
3- Restart the computer
After restarting, we can double check with the command in Figure 8 to ensure that the warning disappeared which means the feature is now enabled.
Now, we can set the swap amount limit with the parameter –memory-swap. It is important to stress that it is actually the total of memory (physical + swap) that the container can use i.e. –memory-swap = –memory + swap. Let’s run below command:
sudo docker run -it –cpus=”.5″ –memory=”750m” –memory-swap=”800m” ubuntu /bin/bash
We can see from Figure 9 that the amount of swap being used is around 50M which is consistent to the logic that 800 Mb = 750 Mb (memory) + 50 Mb (Swap).
And that’s it folks! I welcome your comment.