* pidns: Make pid accounting and pid_max per namespace
@ 2015-10-09 10:29 ` Zhang Haoyu
0 siblings, 0 replies; 8+ messages in thread
From: Zhang Haoyu @ 2015-10-09 10:29 UTC (permalink / raw)
To: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA
I started multiple docker containers in centos6.6(linux-2.6.32-504.16.2),
and there's one bad program was running in one container.
This program produced many child threads continuously without free, so more and
more pid numbers were consumed by this program, until hitting the pix_max limit (32768
default in my system ).
What's worse is that containers and host share the pid numbers resource, so new program
cannot be produced any more in host and other containers.
And, I clone the upstream kernel source from
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
This problem is still there, I'm not sure.
IMO, we should isolate the pid accounting and pid_max between pid namespaces,
and make them per pidns.
Below post had request for making pid_max per pidns.
http://thread.gmane.org/gmane.linux.kernel/1108167/focus=1111210
Thanks,
Zhang Haoyu
^ permalink raw reply [flat|nested] 8+ messages in thread
* pidns: Make pid accounting and pid_max per namespace
@ 2015-10-09 10:29 ` Zhang Haoyu
0 siblings, 0 replies; 8+ messages in thread
From: Zhang Haoyu @ 2015-10-09 10:29 UTC (permalink / raw)
To: linux-kernel, containers; +Cc: xemul
I started multiple docker containers in centos6.6(linux-2.6.32-504.16.2),
and there's one bad program was running in one container.
This program produced many child threads continuously without free, so more and
more pid numbers were consumed by this program, until hitting the pix_max limit (32768
default in my system ).
What's worse is that containers and host share the pid numbers resource, so new program
cannot be produced any more in host and other containers.
And, I clone the upstream kernel source from
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
This problem is still there, I'm not sure.
IMO, we should isolate the pid accounting and pid_max between pid namespaces,
and make them per pidns.
Below post had request for making pid_max per pidns.
http://thread.gmane.org/gmane.linux.kernel/1108167/focus=1111210
Thanks,
Zhang Haoyu
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: pidns: Make pid accounting and pid_max per namespace
[not found] ` <56179700.3010703-e3F2ONz+ghBBDgjK7y7TUQ@public.gmane.org>
@ 2015-10-10 3:35 ` Zefan Li
0 siblings, 0 replies; 8+ messages in thread
From: Zefan Li @ 2015-10-10 3:35 UTC (permalink / raw)
To: yuzhou-e3F2ONz+ghBBDgjK7y7TUQ
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA, LKML
On 2015/10/9 18:29, Zhang Haoyu wrote:
> I started multiple docker containers in centos6.6(linux-2.6.32-504.16.2),
> and there's one bad program was running in one container.
> This program produced many child threads continuously without free, so more and
> more pid numbers were consumed by this program, until hitting the pix_max limit (32768
> default in my system ).
>
> What's worse is that containers and host share the pid numbers resource, so new program
> cannot be produced any more in host and other containers.
>
> And, I clone the upstream kernel source from
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
> This problem is still there, I'm not sure.
>
> IMO, we should isolate the pid accounting and pid_max between pid namespaces,
> and make them per pidns.
> Below post had request for making pid_max per pidns.
> http://thread.gmane.org/gmane.linux.kernel/1108167/focus=1111210
>
Mainline kernel already supports per-cgroup pid limit, which should solve
your problem.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: pidns: Make pid accounting and pid_max per namespace
2015-10-09 10:29 ` Zhang Haoyu
(?)
(?)
@ 2015-10-10 3:35 ` Zefan Li
[not found] ` <56188774.1040000-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
-1 siblings, 1 reply; 8+ messages in thread
From: Zefan Li @ 2015-10-10 3:35 UTC (permalink / raw)
To: yuzhou; +Cc: containers, LKML
On 2015/10/9 18:29, Zhang Haoyu wrote:
> I started multiple docker containers in centos6.6(linux-2.6.32-504.16.2),
> and there's one bad program was running in one container.
> This program produced many child threads continuously without free, so more and
> more pid numbers were consumed by this program, until hitting the pix_max limit (32768
> default in my system ).
>
> What's worse is that containers and host share the pid numbers resource, so new program
> cannot be produced any more in host and other containers.
>
> And, I clone the upstream kernel source from
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
> This problem is still there, I'm not sure.
>
> IMO, we should isolate the pid accounting and pid_max between pid namespaces,
> and make them per pidns.
> Below post had request for making pid_max per pidns.
> http://thread.gmane.org/gmane.linux.kernel/1108167/focus=1111210
>
Mainline kernel already supports per-cgroup pid limit, which should solve
your problem.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: pidns: Make pid accounting and pid_max per namespace
2015-10-10 3:35 ` Zefan Li
@ 2015-10-10 4:40 ` Zhang Haoyu
0 siblings, 0 replies; 8+ messages in thread
From: Zhang Haoyu @ 2015-10-10 4:40 UTC (permalink / raw)
To: Zefan Li; +Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA, LKML
On 10/10/15 11:35, Zefan Li wrote:
> On 2015/10/9 18:29, Zhang Haoyu wrote:
>> I started multiple docker containers in centos6.6(linux-2.6.32-504.16.2),
>> and there's one bad program was running in one container.
>> This program produced many child threads continuously without free, so more and
>> more pid numbers were consumed by this program, until hitting the pix_max limit (32768
>> default in my system ).
>>
>> What's worse is that containers and host share the pid numbers resource, so new program
>> cannot be produced any more in host and other containers.
>>
>> And, I clone the upstream kernel source from
>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
>> This problem is still there, I'm not sure.
>>
>> IMO, we should isolate the pid accounting and pid_max between pid namespaces,
>> and make them per pidns.
>> Below post had request for making pid_max per pidns.
>> http://thread.gmane.org/gmane.linux.kernel/1108167/focus=1111210
>>
>
> Mainline kernel already supports per-cgroup pid limit, which should solve
> your problem.
>
What about pid accounting?
If one pidns consume too many pids, dose it influence the other pid namespaces?
Thanks,
Zhang Haoyu
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: pidns: Make pid accounting and pid_max per namespace
@ 2015-10-10 4:40 ` Zhang Haoyu
0 siblings, 0 replies; 8+ messages in thread
From: Zhang Haoyu @ 2015-10-10 4:40 UTC (permalink / raw)
To: Zefan Li; +Cc: containers, LKML
On 10/10/15 11:35, Zefan Li wrote:
> On 2015/10/9 18:29, Zhang Haoyu wrote:
>> I started multiple docker containers in centos6.6(linux-2.6.32-504.16.2),
>> and there's one bad program was running in one container.
>> This program produced many child threads continuously without free, so more and
>> more pid numbers were consumed by this program, until hitting the pix_max limit (32768
>> default in my system ).
>>
>> What's worse is that containers and host share the pid numbers resource, so new program
>> cannot be produced any more in host and other containers.
>>
>> And, I clone the upstream kernel source from
>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
>> This problem is still there, I'm not sure.
>>
>> IMO, we should isolate the pid accounting and pid_max between pid namespaces,
>> and make them per pidns.
>> Below post had request for making pid_max per pidns.
>> http://thread.gmane.org/gmane.linux.kernel/1108167/focus=1111210
>>
>
> Mainline kernel already supports per-cgroup pid limit, which should solve
> your problem.
>
What about pid accounting?
If one pidns consume too many pids, dose it influence the other pid namespaces?
Thanks,
Zhang Haoyu
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: pidns: Make pid accounting and pid_max per namespace
2015-10-10 4:40 ` Zhang Haoyu
@ 2015-10-10 4:46 ` Zhang Haoyu
-1 siblings, 0 replies; 8+ messages in thread
From: Zhang Haoyu @ 2015-10-10 4:46 UTC (permalink / raw)
To: Zefan Li; +Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA, LKML
On 10/10/15 12:40, Zhang Haoyu wrote:
> On 10/10/15 11:35, Zefan Li wrote:
>> On 2015/10/9 18:29, Zhang Haoyu wrote:
>>> I started multiple docker containers in centos6.6(linux-2.6.32-504.16.2),
>>> and there's one bad program was running in one container.
>>> This program produced many child threads continuously without free, so more and
>>> more pid numbers were consumed by this program, until hitting the pix_max limit (32768
>>> default in my system ).
>>>
>>> What's worse is that containers and host share the pid numbers resource, so new program
>>> cannot be produced any more in host and other containers.
>>>
>>> And, I clone the upstream kernel source from
>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
>>> This problem is still there, I'm not sure.
>>>
>>> IMO, we should isolate the pid accounting and pid_max between pid namespaces,
>>> and make them per pidns.
>>> Below post had request for making pid_max per pidns.
>>> http://thread.gmane.org/gmane.linux.kernel/1108167/focus=1111210
>>>
>> Mainline kernel already supports per-cgroup pid limit, which should solve
>> your problem.
>>
> What about pid accounting?
> If one pidns consume too many pids, dose it influence the other pid namespaces?
I found it, thanks very much.
>
> Thanks,
> Zhang Haoyu
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: pidns: Make pid accounting and pid_max per namespace
@ 2015-10-10 4:46 ` Zhang Haoyu
0 siblings, 0 replies; 8+ messages in thread
From: Zhang Haoyu @ 2015-10-10 4:46 UTC (permalink / raw)
To: Zefan Li; +Cc: containers, LKML
On 10/10/15 12:40, Zhang Haoyu wrote:
> On 10/10/15 11:35, Zefan Li wrote:
>> On 2015/10/9 18:29, Zhang Haoyu wrote:
>>> I started multiple docker containers in centos6.6(linux-2.6.32-504.16.2),
>>> and there's one bad program was running in one container.
>>> This program produced many child threads continuously without free, so more and
>>> more pid numbers were consumed by this program, until hitting the pix_max limit (32768
>>> default in my system ).
>>>
>>> What's worse is that containers and host share the pid numbers resource, so new program
>>> cannot be produced any more in host and other containers.
>>>
>>> And, I clone the upstream kernel source from
>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
>>> This problem is still there, I'm not sure.
>>>
>>> IMO, we should isolate the pid accounting and pid_max between pid namespaces,
>>> and make them per pidns.
>>> Below post had request for making pid_max per pidns.
>>> http://thread.gmane.org/gmane.linux.kernel/1108167/focus=1111210
>>>
>> Mainline kernel already supports per-cgroup pid limit, which should solve
>> your problem.
>>
> What about pid accounting?
> If one pidns consume too many pids, dose it influence the other pid namespaces?
I found it, thanks very much.
>
> Thanks,
> Zhang Haoyu
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2015-10-10 4:51 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-10-09 10:29 pidns: Make pid accounting and pid_max per namespace Zhang Haoyu
2015-10-09 10:29 ` Zhang Haoyu
[not found] ` <56179700.3010703-e3F2ONz+ghBBDgjK7y7TUQ@public.gmane.org>
2015-10-10 3:35 ` Zefan Li
2015-10-10 3:35 ` Zefan Li
[not found] ` <56188774.1040000-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2015-10-10 4:40 ` Zhang Haoyu
2015-10-10 4:40 ` Zhang Haoyu
[not found] ` <561896C0.20600-e3F2ONz+ghBBDgjK7y7TUQ@public.gmane.org>
2015-10-10 4:46 ` Zhang Haoyu
2015-10-10 4:46 ` Zhang Haoyu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.