Re: pidns: Make pid accounting and pid_max per namespace

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Zhang Haoyu <yuzhou-e3F2ONz+ghBBDgjK7y7TUQ@public.gmane.org>
To: Zefan Li <lizefan-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
	LKML <linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: pidns: Make pid accounting and pid_max per namespace
Date: Sat, 10 Oct 2015 12:46:27 +0800	[thread overview]
Message-ID: <56189823.1030306@mogujie.com> (raw)
In-Reply-To: <561896C0.20600-e3F2ONz+ghBBDgjK7y7TUQ@public.gmane.org>


On 10/10/15 12:40, Zhang Haoyu wrote:
> On 10/10/15 11:35, Zefan Li wrote:
>> On 2015/10/9 18:29, Zhang Haoyu wrote:
>>> I started multiple docker containers in centos6.6(linux-2.6.32-504.16.2),
>>> and there's one bad program was running in one container.
>>> This program produced many child threads continuously without free, so more and
>>> more pid numbers were consumed by this program, until hitting the pix_max limit (32768
>>> default in my system ).
>>>
>>> What's worse is that containers and host share the pid numbers resource, so new program
>>> cannot be produced any more in host and other containers.
>>>
>>> And, I clone the upstream kernel source from
>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
>>> This problem is still there, I'm not sure.
>>>
>>> IMO, we should isolate the pid accounting and pid_max between pid namespaces,
>>> and make them per pidns.
>>> Below post had request for making pid_max per pidns.
>>> http://thread.gmane.org/gmane.linux.kernel/1108167/focus=1111210
>>>
>> Mainline kernel already supports per-cgroup pid limit, which should solve
>> your problem.
>>
> What about pid accounting?
> If one pidns consume too many pids, dose it influence the other pid namespaces?
I found it, thanks very much.
>
> Thanks,
> Zhang Haoyu

WARNING: multiple messages have this Message-ID (diff)

From: Zhang Haoyu <yuzhou@mogujie.com>
To: Zefan Li <lizefan@huawei.com>
Cc: containers@lists.linux-foundation.org,
	LKML <linux-kernel@vger.kernel.org>
Subject: Re: pidns: Make pid accounting and pid_max per namespace
Date: Sat, 10 Oct 2015 12:46:27 +0800	[thread overview]
Message-ID: <56189823.1030306@mogujie.com> (raw)
In-Reply-To: <561896C0.20600@mogujie.com>


On 10/10/15 12:40, Zhang Haoyu wrote:
> On 10/10/15 11:35, Zefan Li wrote:
>> On 2015/10/9 18:29, Zhang Haoyu wrote:
>>> I started multiple docker containers in centos6.6(linux-2.6.32-504.16.2),
>>> and there's one bad program was running in one container.
>>> This program produced many child threads continuously without free, so more and
>>> more pid numbers were consumed by this program, until hitting the pix_max limit (32768
>>> default in my system ).
>>>
>>> What's worse is that containers and host share the pid numbers resource, so new program
>>> cannot be produced any more in host and other containers.
>>>
>>> And, I clone the upstream kernel source from
>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
>>> This problem is still there, I'm not sure.
>>>
>>> IMO, we should isolate the pid accounting and pid_max between pid namespaces,
>>> and make them per pidns.
>>> Below post had request for making pid_max per pidns.
>>> http://thread.gmane.org/gmane.linux.kernel/1108167/focus=1111210
>>>
>> Mainline kernel already supports per-cgroup pid limit, which should solve
>> your problem.
>>
> What about pid accounting?
> If one pidns consume too many pids, dose it influence the other pid namespaces?
I found it, thanks very much.
>
> Thanks,
> Zhang Haoyu

next prev parent reply	other threads:[~2015-10-10  4:46 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-10-09 10:29 pidns: Make pid accounting and pid_max per namespace Zhang Haoyu
2015-10-09 10:29 ` Zhang Haoyu
     [not found] ` <56179700.3010703-e3F2ONz+ghBBDgjK7y7TUQ@public.gmane.org>
2015-10-10  3:35   ` Zefan Li
2015-10-10  3:35 ` Zefan Li
     [not found]   ` <56188774.1040000-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2015-10-10  4:40     ` Zhang Haoyu
2015-10-10  4:40       ` Zhang Haoyu
     [not found]       ` <561896C0.20600-e3F2ONz+ghBBDgjK7y7TUQ@public.gmane.org>
2015-10-10  4:46         ` Zhang Haoyu [this message]
2015-10-10  4:46           ` Zhang Haoyu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=56189823.1030306@mogujie.com \
    --to=yuzhou-e3f2onz+ghbbdgjk7y7tuq@public.gmane.org \
    --cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
    --cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=lizefan-hv44wF8Li93QT0dZR+AlfA@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.