Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Special case memory-swap=-1 #5098

Merged
merged 1 commit into from
Feb 6, 2020
Merged

Special case memory-swap=-1 #5098

merged 1 commit into from
Feb 6, 2020

Conversation

rhatdan
Copy link
Member

@rhatdan rhatdan commented Feb 5, 2020

We document that memory-swap==-1 means unlimited, but currently we
won't allow the user to specify the -1 value.

Fixes: #5091

Signed-off-by: Daniel J Walsh dwalsh@redhat.com

@rhatdan
Special case memory-swap=-1
100d2fd 
We document that memory-swap==-1 means unlimited, but currently we
won't allow the user to specify the -1 value.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
@rhatdan
Copy link
Member Author

rhatdan commented Feb 5, 2020

@s-winter does this fix your problem?

@openshift-ci-robot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rhatdan

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 5, 2020
@s-winter
Copy link

s-winter commented Feb 5, 2020

@s-winter does this fix your problem?

Thank you for looking into the issue. Unfortunately, I cannot tell if your change fixed my problem or not. I just tried running podman built from your fork of libpod and it fails. I tried merging containers/libpod master and it fails. I spent around an hour googling for the error messages, applying fixes and workarounds here and there and it still fails. I will look into this again when I find more time.

@giuseppe
Copy link
Member

giuseppe commented Feb 6, 2020

Thank you for looking into the issue. Unfortunately, I cannot tell if your change fixed my problem or not. I just tried running podman built from your fork of libpod and it fails. I tried merging containers/libpod master and it fails. I spent around an hour googling for the error messages, applying fixes and workarounds here and there and it still fails. I will look into this again when I find more time.

can you please share the error message? It might be related to crun and how the memory-swap is mapped to cgroups v2, as it works differently from cgroup v1.

Done some work recently in this area: containers/crun#226

@s-winter
Copy link

s-winter commented Feb 6, 2020

can you please share the error message? It might be related to crun and how the memory-swap is mapped to cgroups v2, as it works differently from cgroup v1.

Invoking podman run -it --rm --memory=500m --memory-swap=-1 docker.io/library/ubuntu I get

Error: invalid configuration, cannot specify resource limits without cgroups v2 and --cgroup-manager=systemd

When I add --cgroup-manager=systemd to my command line I get

ERRO[0000] could not find slirp4netns, the network namespace won't be configured: exec: "slirp4netns": executable file not found in $PATH 
Error: sd-bus add match: Operation not permitted: OCI runtime permission denied error

Adding --net host mutes the error for now and I get

Error: sd-bus add match: Operation not permitted: OCI runtime permission denied error

@giuseppe
Copy link
Member

giuseppe commented Feb 6, 2020

When I add --cgroup-manager=systemd to my command line I get

looks like there is no systemd user session that you can use.

How has the rootless user logged in? Through sudo?

You need to make sure there is a systemd user session, you either need to login through ssh/desktop so that the pam session is created, or you need to use loginctl enable-linger $UID

@rhatdan
Copy link
Member Author

rhatdan commented Feb 6, 2020

@mheon @giuseppe @baude @TomSweeneyRedHat @QiWang19 PTAL
This at least gets us closer to the solution.

@giuseppe
Copy link
Member

giuseppe commented Feb 6, 2020

LGTM

Tested locally:

$ podman run --rm --memory=500m --memory-swap=-1 fedora cat /sys/fs/cgroup/memory.swap.max
max

@baude
Copy link
Member

baude commented Feb 6, 2020

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Feb 6, 2020
@s-winter
Copy link

s-winter commented Feb 6, 2020

looks like there is no systemd user session that you can use.

How has the rootless user logged in? Through sudo?

Direct login via ssh.

You need to make sure there is a systemd user session, you either need to login through ssh/desktop so that the pam session is created, or you need to use loginctl enable-linger $UID

As I wrote I directly log in via ssh. I also tried loginctl enable-linger $UID, but that does not change anything about the error.

I recall that I had the same issue when I was playing with podman earlier, around mid November. I do not recall what I did to resolve it back then or if I resolved it at all. But I was very happy that everything was running out of the box and without problems when I ran version 1.7.0 from the installed Ubuntu package this week. I am surprised that I'm now facing the issue again when switching to a build from libpod's master branch to test the fix proposed by rhatdan.

@openshift-merge-robot openshift-merge-robot merged commit 62111bc into containers:master Feb 6, 2020
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 25, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 25, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@TomSweeneyRedHat TomSweeneyRedHat Awaiting requested review from TomSweeneyRedHat

@vrothberg vrothberg Awaiting requested review from vrothberg

Assignees

@baude baude

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

podman run chokes on --memory-swap=-1
6 participants
@rhatdan @openshift-ci-robot @s-winter @giuseppe @baude @openshift-merge-robot