Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How do I limit the number of pids that a single pod can start #78930

Open
timyinshi opened this issue Jun 12, 2019 · 4 comments

Comments

Projects
None yet
4 participants
@timyinshi
Copy link

commented Jun 12, 2019

/kind bug
/sig node
/sig apps

What happened:
I found a problem: a pod for the database postgres, because the daemon kept pulling up the service, took up a lot of pids until it ate up the pids on the node where the pod was, making the node unavailable
I wonder if there is any way to limit the number of pids that a single pod can start, and what needs to be done?

What you expected to happen:
I wonder if there is any way to limit the number of pids that a single pod can start, and what needs to be done?

Environment:

  • Kubernetes version (use kubectl version):1.12.1
  • OS (e.g: cat /etc/os-release):ubuntu16.04.5
  • Kernel (e.g. uname -a):4.4.0-116-generic
@Pingan2017

This comment has been minimized.

Copy link
Member

commented Jun 12, 2019

start kubelet with --pod-max-pids

--pod-max-pids int Set the maximum number of processes per pod. If -1, the kubelet defaults to the node allocatable pid capacity. (default -1) (DEPRECATED: This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information.)

@timyinshi

This comment has been minimized.

Copy link
Author

commented Jun 12, 2019

@Pingan2017 thanks.
another problem,what is the value of pod-max-pids,How much do I need to set?

@mattjmcnaughton

This comment has been minimized.

Copy link
Contributor

commented Jun 12, 2019

You probably already saw this blog post (it was posted on slack), but linking here in case anyone looks at this issue in the future :)

https://kubernetes.io/blog/2019/04/15/process-id-limiting-for-stability-improvements-in-kubernetes-1.14/

@timyinshi

This comment has been minimized.

Copy link
Author

commented Jun 13, 2019

@mattjmcnaughton thanks,I would like to know what value of pod-max-pids needs to be appropriate?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.