Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[dbode] Call syscall.Setrlimit to set num files open hard limit with setcap for DB docker image #1666

Merged
merged 6 commits into from
May 28, 2019

Conversation

robskillington
Copy link
Collaborator

What this PR does / why we need it:

This raises the rlimit to whatever nr_open is set to and also sets correct permissions for the docker image to set rlimit.

Special notes for your reviewer:

Does this PR introduce a user-facing and/or backwards incompatible change?:

NONE

Does this PR require updating code package or user-facing documentation?:

NONE

@@ -78,3 +83,75 @@ func validateProcessLimits() error {

return multiErr.FinalError()
}

func raiseRlimitToNROpen() error {
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thought: this maybe should be in a _linux.go file.

@@ -78,3 +83,75 @@ func validateProcessLimits() error {

return multiErr.FinalError()
}

func raiseRlimitToNROpen() error {
cmd := exec.Command("sysctl", "-a")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should just be able to check /proc/sys: https://www.kernel.org/doc/Documentation/sysctl/fs.txt

In kube:

/ # hostname
m3db-cluster-rep0-0
/ # cat /proc/sys/fs/nr_open
3000000

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah cool, yup I'll change it to this instead.

@robskillington
Copy link
Collaborator Author

I actually didn't need IPC_LOCK thankfully.

@codecov
Copy link

codecov bot commented May 26, 2019

Codecov Report

Merging #1666 into master will decrease coverage by 0.1%.
The diff coverage is 5.2%.

Impacted file tree graph

@@           Coverage Diff            @@
##           master   #1666     +/-   ##
========================================
- Coverage      72%   71.9%   -0.2%     
========================================
  Files         969     969             
  Lines       81358   81096    -262     
========================================
- Hits        58602   58312    -290     
- Misses      18913   18963     +50     
+ Partials     3843    3821     -22
Flag Coverage Δ
#aggregator 82.4% <ø> (ø) ⬆️
#cluster 85.7% <ø> (ø) ⬆️
#collector 63.7% <ø> (ø) ⬆️
#dbnode 79.9% <20%> (-0.2%) ⬇️
#m3em 73.2% <ø> (ø) ⬆️
#m3ninx 74.1% <ø> (ø) ⬆️
#m3nsch 51.1% <ø> (ø) ⬆️
#metrics 17.6% <ø> (ø) ⬆️
#msg 74.7% <ø> (ø) ⬆️
#query 66.4% <ø> (-0.1%) ⬇️
#x 85.7% <0%> (-0.6%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0cca0d2...0fb6110. Read the comment docs.

@robskillington robskillington changed the title [dbode] Use setcap to be able to set rlimit for docker image [dbode] Call syscall.Setrlimit to set num files open hard limit with setcap for DB docker image May 26, 2019
@schallert
Copy link
Collaborator

Looks good so far, just doing some sanity checking with this and the operator PR before stamping

Copy link
Contributor

@richardartoul richardartoul left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Feels kind of dirty but I understand the pragmatism. Do you think this is worth throwing behind an environment variable?

I'll leave it up to you, but I can imagine a "ATTEMPT_INCREASE_PROCESS_LIMITS" environment variable that you can set to true in the Dockerfile. The primary reason I say that is it seems fair to be doing this in the Dockerfiles we create, but I don't like the idea of the binary doing it indiscriminately regardless of where it is running.

@@ -26,5 +26,9 @@ COPY --from=builder /go/src/github.com/m3db/m3/bin/m3dbnode /bin/
COPY --from=builder /go/src/github.com/m3db/m3/src/dbnode/config/m3dbnode-local-etcd.yml /etc/m3dbnode/m3dbnode.yml
COPY --from=builder /go/src/github.com/m3db/m3/scripts/m3dbnode_bootstrapped.sh /bin/

# Use setcap and run as specific user
RUN apk add libcap && \
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Had not seen this before. Did some reading. Kind of bizarre that the capabilities get set on the file/binary level

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What does the +ep do? Can you just add a comment to this line generally also

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not opposed to adding a comment, the +e is "effective" and +p is for "permitted".

// RaiseProcessNoFileToNROpenResult captures the result of trying to
// raise the process num files open limit to the nr_open system value.
type RaiseProcessNoFileToNROpenResult struct {
RaiseRequired bool
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe RaisePerformed

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure thing.

RaiseRequired bool
NROpenValue uint64
NoFileMaxValue uint64
NoFileCurrValue uint64
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe a comment here saying that this will be the curr value before the raise was performed (if it was performed)

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's not true though, it will be the curr value (after the raise) or if no raise then it will be the curr value (unadjusted).


// RaiseProcessNoFileToNROpen attempts to raise the process num files
// open limit to the nr_open system value.
func RaiseProcessNoFileToNROpen() (RaiseProcessNoFileToNROpenResult, error) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we're gonna start doing this it might be nice to have a generic AttemptToSetProcessLimits which calls this function. That way we don't have to change server.go each time and we have an established pattern

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is that kind of method however, it is meant to be abstract and returns enough information (without taking a logger itself). That way callers can either log it as a warning or a hard error, depending on their situation.

@robskillington
Copy link
Collaborator Author

Sure thing, I'll make it opt in and used only by the docker image.

@robskillington robskillington merged commit 71b789e into master May 28, 2019
@robskillington robskillington deleted the r/raise-soft-limit-to-hard-limit branch May 28, 2019 13:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants