{"id":84928,"date":"2021-02-16T23:17:39","date_gmt":"2021-02-16T20:17:39","guid":{"rendered":"https:\/\/computingforgeeks.com\/?p=84928"},"modified":"2023-08-21T13:17:54","modified_gmt":"2023-08-21T10:17:54","slug":"change-pids-limit-value-in-openshift","status":"publish","type":"post","link":"https:\/\/computingforgeeks.com\/change-pids-limit-value-in-openshift\/","title":{"rendered":"How to change pids_limit value in OpenShift 4.x"},"content":{"rendered":"\n<p>In OpenShift 4.x environment, each container running will be limited to the default maximum PID value of <strong>1024<\/strong>. If there is a need to run applications with more than <em>1024<\/em> processes within one single container, the OpenShift Container Platform Cluster operator is required to adjust the default maximum PID value to a higher number.<\/p>\n\n\n\n<p><strong>pids_limit<\/strong> is the maximum number of processes allowed in a container, and it can be viewed by running the command below in an OpenShift node:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ <span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-pale-pink-color\">sudo crio-status config | grep <\/span><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-pale-cyan-blue-color\">pid<\/mark>\npids_limit = 1024<\/code><\/pre>\n\n\n\n<p>In OpenShift, it is NOT recommended to change the value directly by editing <strong>crio.conf<\/strong> file:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ <span style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-luminous-vivid-amber-color\">grep  pids_limit \/etc\/crio\/crio.conf<\/span>\npids_limit = <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-pale-cyan-blue-color\">1024<\/mark><\/code><\/pre>\n\n\n\n<p> It is recommended to follow the correct way that depends on the OCP version in use. I&#8217;m running OpenShift 4.4 and in this version,&nbsp;<code>ContainerRuntimeConfig<\/code>&nbsp;custom resource was introduced. You can check&nbsp;<a aria-label=\" (opens in a new tab)\" href=\"https:\/\/access.redhat.com\/solutions\/5133191\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">KCS Article 5133191<\/a>.<\/p>\n\n\n\n<p>Create <em>ContainerRuntimeConfig<\/em> custom resource for configuring cri-o <em>pidsLimit<\/em><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cat &lt;&lt;EOF > custom-pidslimit.yaml\napiVersion: machineconfiguration.openshift.io\/v1\nkind: ContainerRuntimeConfig\nmetadata:\n name: custom-pidslimit\nspec:\n machineConfigPoolSelector:\n   matchLabels:\n     custom-crio: custom-pidslimit\n containerRuntimeConfig:\n   pidsLimit: <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-purple-color\">4096<\/mark>\nEOF<\/code><\/pre>\n\n\n\n<p>You can update the configuration file before applying:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>vim custom-pidslimit.yaml<\/code><\/pre>\n\n\n\n<p>Apply configuration:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ <span class=\"has-inline-color has-pale-pink-color\">oc create -f custom-pidslimit.yaml<\/span>\ncontainerruntimeconfig.machineconfiguration.openshift.io\/custom-pidslimit created<\/code><\/pre>\n\n\n\n<p>Verify the resource has been created<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ <span class=\"has-inline-color has-pale-pink-color\">oc get ctrcfg<\/span>\nNAME               AGE\ncustom-pidslimit   44s<\/code><\/pre>\n\n\n\n<p>Once the custom resource is created, we need to roll out the pidslimit changes to all the worker nodes in the cluster.<\/p>\n\n\n\n<p>Let&#8217;s add custom-crio: custom-pidslimit under labels in the machineConfigPool config<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ <span class=\"has-inline-color has-luminous-vivid-amber-color\">oc edit machineconfigpool worker<\/span>\napiVersion: machineconfiguration.openshift.io\/v1\nkind: MachineConfigPool\nmetadata:\n  creationTimestamp: \"2020-07-15T08:29:58Z\"\n  generation: 7\n  labels:\n    custom-crio: custom-pidslimit      #add this line<\/code><\/pre>\n\n\n\n<p>Check to ensure that a new 99-worker-XXX-containerruntime is created and that a new rendered worker is created:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ <span class=\"has-inline-color has-pale-pink-color\">oc get machineconfigs | grep containerruntime<\/span>\n99-worker-261cdd8d-c387-4f61-b1ce-b9ab2d025f09-containerruntime   601c2285f497bf7c73d84737b9977a0e697cb86a   2.2.0             93s<\/code><\/pre>\n\n\n\n<p>The changes should now be rolled out to each node in the worker pool via that new rendered-worker machine config.<\/p>\n\n\n\n<p>You can verify by checking that the latest rendered-worker machine-config has been rolled out to the pools successfully:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ <span class=\"has-inline-color has-pale-pink-color\">oc get mcp<\/span>\nNAME     CONFIG                                             UPDATED   UPDATING   DEGRADED   MACHINECOUNT   READYMACHINECOUNT   UPDATEDMACHINECOUNT   DEGRADEDMACHINECOUNT   AGE\nmaster   rendered-master-238bb9ffd94d526621cba8ee876c3ac8   True      False      False      5              5                   5                     0                      216d\nworker   rendered-worker-6c236aa19af4d88fa0acdbc8f6ff53f3   False     True       True       10             0                   0                     7                      216d<\/code><\/pre>\n\n\n\n<p>Once a worker node is rebooted you can login and confirm the current setting:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ <span class=\"has-inline-color has-luminous-vivid-amber-color\">oc debug node\/<\/span><span class=\"has-inline-color has-vivid-green-cyan-color\">&lt;workernode&gt;<\/span>\nsh-4.4# <span class=\"has-inline-color has-pale-pink-color\">chroot \/host<\/span>\nsh-4.4# <span class=\"has-inline-color has-vivid-purple-color\">grep pids_limit \/etc\/crio\/crio.conf<\/span><\/code><\/pre>\n\n\n\n<p>I hope this short guide was helpful in changing the default value of <strong>pids_limit<\/strong> in your OpenShift 4.x cluster.<\/p>\n\n\n\n<p>Reference:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/docs.openshift.com\/container-platform\/4.13\/rest_api\/machine_apis\/containerruntimeconfig-machineconfiguration-openshift-io-v1.html\" target=\"_blank\" rel=\"noreferrer noopener\">OpenShift Container runtime configuration<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/access.redhat.com\/solutions\/5133191\" target=\"_blank\" aria-label=\"Updating container runtime configurations using Custom Resource (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Updating container runtime configurations using Custom Resource<\/a><\/li>\n<\/ul>\n\n\n\n<p>More guides on OpenShift:<\/p>\n\n\n\n<p><a aria-label=\" (opens in a new tab)\" href=\"https:\/\/computingforgeeks.com\/deploy-ubuntu-pod-in-kubernetes-openshift\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Deploy Ubuntu Pod in Kubernetes|OpenShift<\/a><\/p>\n\n\n\n<p><a aria-label=\" (opens in a new tab)\" href=\"https:\/\/computingforgeeks.com\/configure-static-ipv4-openshift-coreos-servers\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"rank-math-link\">Configure Static IPv4 Address in OpenShift 4.x CoreOS Servers<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/computingforgeeks.com\/list-and-approve-pending-csr-in-openshift\/\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"rank-math-link\">How To List and Approve Pending CSR in OpenShift 4.x<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In OpenShift 4.x environment, each container running will be limited to the default maximum PID value of 1024. If there is a need to run applications with more than 1024 processes within one single container, the OpenShift Container Platform Cluster operator is required to adjust the default maximum PID value to a higher number. pids_limit &#8230; <a title=\"How to change pids_limit value in OpenShift 4.x\" class=\"read-more\" href=\"https:\/\/computingforgeeks.com\/change-pids-limit-value-in-openshift\/\" aria-label=\"Read more about How to change pids_limit value in OpenShift 4.x\">Read more<\/a><\/p>\n","protected":false},"author":3,"featured_media":76554,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[316,299,317,6745],"tags":[318,4677,35712,3897],"class_list":["post-84928","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-containers","category-how-to","category-kubernetes","category-openshift","tag-kubernetes","tag-openshift","tag-pids","tag-processes"],"_links":{"self":[{"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/posts\/84928","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/comments?post=84928"}],"version-history":[{"count":0,"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/posts\/84928\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/media\/76554"}],"wp:attachment":[{"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/media?parent=84928"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/categories?post=84928"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/computingforgeeks.com\/wp-json\/wp\/v2\/tags?post=84928"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}