From: Zhang Haoyu <yuzhou-e3F2ONz+ghBBDgjK7y7TUQ@public.gmane.org>
To: Zefan Li <lizefan-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
LKML <linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: pidns: Make pid accounting and pid_max per namespace
Date: Sat, 10 Oct 2015 12:40:32 +0800 [thread overview]
Message-ID: <561896C0.20600@mogujie.com> (raw)
In-Reply-To: <56188774.1040000-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
On 10/10/15 11:35, Zefan Li wrote:
> On 2015/10/9 18:29, Zhang Haoyu wrote:
>> I started multiple docker containers in centos6.6(linux-2.6.32-504.16.2),
>> and there's one bad program was running in one container.
>> This program produced many child threads continuously without free, so more and
>> more pid numbers were consumed by this program, until hitting the pix_max limit (32768
>> default in my system ).
>>
>> What's worse is that containers and host share the pid numbers resource, so new program
>> cannot be produced any more in host and other containers.
>>
>> And, I clone the upstream kernel source from
>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
>> This problem is still there, I'm not sure.
>>
>> IMO, we should isolate the pid accounting and pid_max between pid namespaces,
>> and make them per pidns.
>> Below post had request for making pid_max per pidns.
>> http://thread.gmane.org/gmane.linux.kernel/1108167/focus=1111210
>>
>
> Mainline kernel already supports per-cgroup pid limit, which should solve
> your problem.
>
What about pid accounting?
If one pidns consume too many pids, dose it influence the other pid namespaces?
Thanks,
Zhang Haoyu
next prev parent reply other threads:[~2015-10-10 4:40 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-09 10:29 pidns: Make pid accounting and pid_max per namespace Zhang Haoyu
[not found] ` <56179700.3010703-e3F2ONz+ghBBDgjK7y7TUQ@public.gmane.org>
2015-10-10 3:35 ` Zefan Li
[not found] ` <56188774.1040000@huawei.com>
[not found] ` <56188774.1040000-hv44wF8Li93QT0dZR+AlfA@public.gmane.org>
2015-10-10 4:40 ` Zhang Haoyu [this message]
[not found] ` <561896C0.20600-e3F2ONz+ghBBDgjK7y7TUQ@public.gmane.org>
2015-10-10 4:46 ` Zhang Haoyu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=561896C0.20600@mogujie.com \
--to=yuzhou-e3f2onz+ghbbdgjk7y7tuq@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=lizefan-hv44wF8Li93QT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox