runc icon indicating copy to clipboard operation
runc copied to clipboard
verified publisher icon opencontainers

Should `memory.kmem.tcp.limit_in_bytes` still be supported?

Open thaJeztah opened this issue 4 years ago • 6 comments

Mostly a question here, as it's somewhat confusing (also see https://github.com/opencontainers/runtime-spec/pull/1093)

Commit https://github.com/opencontainers/runc/commit/2d38476c96e3407eba876e77b301880c6d7e5ccc (https://github.com/opencontainers/runc/pull/2840) removed support for kernel-memory limits.

The PR referred to https://github.com/torvalds/linux/commit/0158115f702b, which deprecated memory.kmem.limit_in_bytes in kernel 5.4, but the PR also removed support for memory.kmem.tcp.limit_in_bytes.

Looking at the Linux kernel, there's no mention (yet) of this option being deprecated as well (but it could be an oversight); https://github.com/torvalds/linux/blob/fdebeae0d75d03dc54eb68cb09bd6604a590b502/Documentation/admin-guide/cgroup-v1/memory.rst

I'm curious if memory.kmem.tcp.limit_in_bytes should also be considered deprecated in the kernel and, if not, if that option should be re-enabled.

thaJeztah avatar Aug 23 '21 10:08 thaJeztah

/cc @kolyshkin @AkihiroSuda

thaJeztah avatar Aug 23 '21 10:08 thaJeztah

Yes it seems like my mistake.

Not sure if anyone is using it (nobody? or we'd get bug reports, I assume), but the setting exist (in cgroup v1), is not obsoleted and can be re-introduced.

kolyshkin avatar Aug 23 '21 20:08 kolyshkin

Would re-introducing it also bring the risk of re-introducing the buggy kmem issues on the older kernels (3.10 most notably), or would that issue not be triggered?

thaJeztah avatar Aug 23 '21 21:08 thaJeztah

Not sure if anyone is using it (nobody? or we'd get bug reports, I assume),

LOL. I was thinking the same.

I started a branch to deprecate / disable the kmem options in moby, when I noticed we only deprecated one, and not the other one, and then I got confused 😅 (which is why I opened this ticket).

At least we should probably amend the change in the runtime-spec.

thaJeztah avatar Aug 23 '21 21:08 thaJeztah

https://github.com/torvalds/linux/blob/master/Documentation/admin-guide/cgroup-v1/memory.rst

It looks like this definitely turned to "deprecated"...

paolo-depa avatar Mar 01 '23 11:03 paolo-depa

https://github.com/torvalds/linux/blob/master/Documentation/admin-guide/cgroup-v1/memory.rst

It looks like this definitely turned to "deprecated"...

The memory.kmem.tcp.limit_in_bytes knob is not listed as deprecated in the document you mention, this is the reason why we have this issue opened. I just checked the recent kernel, and unlike memory.kmem.limit_in_bytes (which was deprecated by the kernel commit 58056f77502f3567b760c9a8fc8d2e9081515b2d), the kmem.tcp is still accepted by the kernel.

Given the fact that cgroup v1 is going to be deprecated sooner or later, and we receive no bug reports about inability to set kmem.tcp limit, I guess we can leave this as is for now.

kolyshkin avatar Mar 01 '23 23:03 kolyshkin