Hi Maximilian,
can you please check, if you can still reproduce the issue on bullseye,
where cgroupv2, i.e. unified, is the default cgroup hierarchy.
Regards,
Michael
Am 25.10.2019 um 16:35 schrieb Maximilian Philipps:
hi
I can now reliably trigger the 8 exabyte issue. When I start a
libvirt-lxc container, libvirts sets the memory limit.
This can be seen with:
cat
/sys/fs/cgroup/memory/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope/memory.limit_in_bytes
2147483648
If I now call systemctl daemon-reload on the host the memory limit jumpsĀ to
9223372036854771712
I can prevent this with by setting MaxMemory for the scope on the host:
systemctl set-property --runtime
"machine-lxc\x2d27166\x2dhost.domain.tld.scope" MemoryMax=2147483648
I need to know the pid used in the machine name and therefor can really
only set it at runtime.
However this isn't enough to prevent the 8 exabyte issue. For some
reason when I do a systemctl daemon-reload on the host systemd also
changes cgroup membership of some processes. Prior to reloading there
were 3 processes directly in the machine-lxc...scope. A
/usr/lib/libvirt/libvirt_lxc process, the /sbin/init process of the
container and other process that I can't find in /proc/. Maybe a pid
from within the container?
After reloading only the /sbin/init process remains in the scope, the
libvirt_lxc process gets kicked back to the libvirtd.service cgroup and
the "ghost" task disappears.
Befor reload:
11:blkio:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
10:freezer:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
9:perf_event:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
8:pids:/system.slice/libvirtd.service
7:cpu,cpuacct:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
6:rdma:/
5:devices:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
4:memory:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
2:cpuset:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
1:name=systemd:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
0::/system.slice/libvirtd.service
After reload:
11:blkio:/system.slice/libvirtd.service
10:freezer:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
9:perf_event:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
8:pids:/system.slice/libvirtd.service
7:cpu,cpuacct:/system.slice/libvirtd.service
6:rdma:/
5:devices:/system.slice/libvirtd.service
4:memory:/system.slice/libvirtd.service
3:net_cls,net_prio:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
2:cpuset:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
1:name=systemd:/machine.slice/machine-lxc\x2d27166\x2dhost.domain.tld.scope
0::/system.slice/libvirtd.service
