mongo icon indicating copy to clipboard operation
mongo copied to clipboard
verified publisher icon docker-library

Warnings about NUMA while starting up the container

Open w1ndy opened this issue 9 years ago • 3 comments

Hi,

I'm running the mongo image on a NUMA-enabled machine, and I get following warning from logs when MongoDB is starting:

WARNING: You are running on a NUMA machine. We suggest launching mongod like this to avoid performance problems: numactl --interleave=all mongod [other options]

How can I resolve this? Any help is appreciated, thanks.

w1ndy avatar Sep 20 '16 14:09 w1ndy

Seccomp is preventing numactl from working correctly, because get_mempolicy and set_mempolicy syscall is restricted in docker containers. Possible workarounds include:

  1. Run without seccomp: docker run --security-opt seccomp=unconfined mongo
  2. Run with a custom seccomp profile: docker run --security-opt seccomp=./seccomp.json mongo

Hope it helps other people who ran into the same problem. Maybe we can add it into docs? For reference: https://docs.docker.com/engine/security/seccomp/

w1ndy avatar Sep 20 '16 15:09 w1ndy

Indeed, adding this to the documentation (https://github.com/docker-library/docs/tree/master/mongo) would be extremely appreciated.

Our current test already includes something like this (creating a custom seccomp profile on the fly): https://github.com/docker-library/official-images/blob/98d3a4d3cecc8b53e0ea547337eeff53ff58710e/test/tests/mongo-basics/run.sh#L6-L53

tianon avatar Dec 20 '17 01:12 tianon

To improve on this, adding --cap-add SYS_NICE to your container arguments is sufficient to allow NUMA to do the right thing.

tianon avatar Mar 08 '22 18:03 tianon