Do not enable kmem on RHEL7 kernels#38128
Merged
thaJeztah merged 2 commits intomoby:masterfrom Nov 12, 2018
Merged
Conversation
Contributor
Author
|
CI failure in janky (probably unrelated but I haven't seen it before) |
AkihiroSuda
approved these changes
Nov 2, 2018
Member
|
Should we update the Makefile and Dockerfile to set the correct build-flag for the 3.10 kernels? |
thaJeztah
added
area/runtime
Contributor
Author
I think this belongs to packaging -- specifically, when we create packages for RHEL7. I was looking at it (in https://github.com/docker/docker-ce-packaging) but got lost :( Sure we can do it here instead. |
Member
Yes, definitely also is needed in packaging. My train of thought here was that;
|
Changes: opencontainers/runc@a00bf01...9f1e944 Signed-off-by: Kir Kolyshkin <[email protected]>
In case we're running on RHEL7 kernel, which has non-working and broken kernel memory controller, add 'nokmem' build tag so that runc never enables kmem accounting. For more info, see the following runc commit: opencontainers/runc@6a2c1559684 This behavior can be overriden by having `RUNC_NOKMEM` environment variable set (e.g. to empty value to disable setting nokmem). Signed-off-by: Kir Kolyshkin <[email protected]>
Codecov Report
@@ Coverage Diff @@
## master #38128 +/- ##
=========================================
Coverage ? 36.11%
=========================================
Files ? 610
Lines ? 45216
Branches ? 0
=========================================
Hits ? 16331
Misses ? 26646
Partials ? 2239 |
Contributor
Author
|
@thaJeztah makes sense. Please see added commit. |
thaJeztah
approved these changes
Nov 6, 2018
Member
|
Let's merge this; looks good to me, but @tianon if there's anything to improve/address in the installer script, let me know 🤗 |
This was referenced Nov 12, 2018
richardwhiuk
added a commit
to Metaswitch/docker-ce-packaging
that referenced
this pull request
Mar 5, 2019
This applies the fix developed in moby/moby#38128 to CentOS 7 RPMs, which are currently built without the correct flag. This avoids kernel memory being leaked as described in https://bugzilla.redhat.com/show_bug.cgi?id=1507149
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
1. bump runc
Changes: opencontainers/runc@a00bf01...9f1e944
This is primarily to pull in opencontainers/runc#1921
2. runc.installer: add nokmem build tag for rhel7 kernel
In case we're running on RHEL7 kernel, which has non-working
and broken kernel memory controller, add 'nokmem' build tag
so that runc never enables kmem accounting.
For more info, see the following runc commit:
opencontainers/runc@6a2c1559684
This behavior can be overriden by having
RUNC_NOKMEMenvironmentvariable set (e.g. to empty value to disable setting nokmem).