Uploaded image for project: 'Couchbase Kubernetes'
  1. Couchbase Kubernetes
  2. K8S-389

Ability to Set Ulimits

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 0.8.0, 1.0.0
    • Fix Version/s: not-targeted
    • Component/s: kubernetes
    • Labels:

      Description

      For Production we recommend setting ulmits

      docker run -d --ulimit nofile=40960:40960 --ulimit core=100000000:100000000 --ulimit memlock=100000000:100000000 --name db -p 8091-8094:8091-8094 -p 11210:11210 couchbase

       

      However there doesn't appear to be a way to pass these Args into the container from Pod. It appears support for this is still pending in kubernetes core.  https://github.com/kubernetes/kubernetes/issues/3595#issuecomment-378120067

       

      Here are the default ulimits set (minkube deployment)

      ulimit -a
       
      core file size          (blocks, -c) unlimited
       
      data seg size           (kbytes, -d) unlimited
       
      scheduling priority             (-e) 0
       
      file size               (blocks, -f) unlimited
       
      pending signals                 (-i) 23096
       
      max locked memory       (kbytes, -l) 64
       
      max memory size         (kbytes, -m) unlimited
       
      open files                      (-n) 1048576
       
      pipe size            (512 bytes, -p) 8
       
      POSIX message queues     (bytes, -q) 819200
       
      real-time priority              (-r) 0
       
      stack size              (kbytes, -s) 8192
       
      cpu time               (seconds, -t) unlimited
       
      max user processes              (-u) unlimited
       
      virtual memory          (kbytes, -v) unlimited
       
      file locks                      (-x) unlimited

       

      Maxfiles should be unlimited, but is 64!

      As this can cause issues under heavy load we'll need to figure out the way to set limits.

       

        Attachments

          Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            Activity

            Hide
            mikew Mike Wiederhold [X] (Inactive) added a comment -

            Moving out to 1.1.0. Kubernetes currently doesn't support setting these on containers and we can work around the situation by setting the proper ulimits on the machine running Kubernetes.

            Show
            mikew Mike Wiederhold [X] (Inactive) added a comment - Moving out to 1.1.0. Kubernetes currently doesn't support setting these on containers and we can work around the situation by setting the proper ulimits on the machine running Kubernetes.
            Hide
            mikew Mike Wiederhold [X] (Inactive) added a comment -

            Description for release notes:

            Known Issue: Kubernetes does not allow setting of ulimit parameters on individual containers.

            Workaround: Users can set ulimits on the physical machine that Kubernetes is running on and the ulimit parameters will be inherited by the containers.

            Show
            mikew Mike Wiederhold [X] (Inactive) added a comment - Description for release notes: Known Issue: Kubernetes does not allow setting of ulimit parameters on individual containers. Workaround: Users can set ulimits on the physical machine that Kubernetes is running on and the ulimit parameters will be inherited by the containers.
            Hide
            eric.schneider Eric Schneider (Inactive) added a comment -

            Description for release notes:

            Summary: Known Issue Kubernetes doesn't allow the setting of ulimit parameters on individual containers.

            Workaround: You can set ulimits on the physical machine that Kubernetes is running on; the ulimit parameters will be inherited by the containers.

            Show
            eric.schneider Eric Schneider (Inactive) added a comment - Description for release notes: Summary: Known Issue Kubernetes doesn't allow the setting of ulimit parameters on individual containers. Workaround : You can set ulimits on the physical machine that Kubernetes is running on; the ulimit parameters will be inherited by the containers.
            Hide
            mikew Mike Wiederhold [X] (Inactive) added a comment -

            We've documented this issue, but need support for kubernetes in order to set the ulimit so I'm moving this to the bug backlog.

            Show
            mikew Mike Wiederhold [X] (Inactive) added a comment - We've documented this issue, but need support for kubernetes in order to set the ulimit so I'm moving this to the bug backlog.
            Hide
            simon.murray Simon Murray added a comment -

            I don't think this will ever happen, ulimits are set by the system administrator at a cluster level for security reasons.  Being able to override these becomes a security risk.  Certainly not a bug, so downgrading to a possible future feature.

            Show
            simon.murray Simon Murray added a comment - I don't think this will ever happen, ulimits are set by the system administrator at a cluster level for security reasons.  Being able to override these becomes a security risk.  Certainly not a bug, so downgrading to a possible future feature.

              People

              Assignee:
              tommie Tommie McAfee
              Reporter:
              tommie Tommie McAfee
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:

                  Gerrit Reviews

                  There are no open Gerrit changes

                    PagerDuty