What does docker mean when it says "Memory limited without swap"

I found the solution for Docker is the following:

On your docker build machine, create a sysctl.conf file with the following entry: 

vm.nr_hugepages=128

(128 is what I chose, you can change accordingly)

Next in your Dockerfile - add the following into the process.

COPY /folderlocation/sysctl.conf /etc/sysctl.conf

This will copy the sysctl file into the correct directory in the docker image.

This worked for my docker XMRig solution.


For above issue, Docker installation on Ubuntu 16.04 we not be capable of setting limits. This is because cgroups swapping is disabled by default.

When attempting to set limits you will be given the following error.

root@ubuntuserver:~# docker container run -d -ti --hostname testcontainer -- name testubuntu2 --restart=always --memory="50m" --memory-swap=0 --cpus="0.5" ubuntu:16.04 WARNING: Your kernel does not support swap limit capabilities or the cgroup is not mounted. Memory limited without swap. 1fb75aba88e61cf4ca7c96fdd6db939b474d80c0d923233bcb176bf81224dc44 root@ubuntuserver:~#

In order resolve the above issue, update the grub file with below entry:

root@ubuntuserver:~# cat /etc/default/grub |grep GRUB_CMDLINE_LINUX
GRUB_CMDLINE_LINUX_DEFAULT="maybe-ubiquity"
GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"

Now update-grub:

root@ubuntuserver:~# update-grub
Sourcing file `/etc/default/grub'
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-4.15.0-74-generic
Found initrd image: /boot/initrd.img-4.15.0-74-generic
done
root@ubuntuserver:~#

Reboot machine once has done and create container with memory limit:

root@ubuntuserver:~# docker container run -d -ti --hostname testcontainer -- 
name testubuntu2 --restart=always --memory="50m" --memory-swap=0 --cpus="0.5" 
ubuntu:16.04
93969354be0445f3458999259747d82231b4084728c3ccf8801dc89be8aadaa3
root@ubuntuserver:~#

Here's what I found.

Swap isn't used by default. You can check this on Ubuntu/Debian containers at /sys/fs/cgroup/memory/memory.stat. Check the swap value, you'll see it's set to 0 (bytes). No swap usage.

You can enable and limit swap usage with the --memory and --memory-swap flags typically, and here's where this WARNING seems like it would get you. From Docker's documentation regarding a very similar warning:

If you don’t need these capabilities, you can ignore the warning. You can enable these capabilities on Ubuntu or Debian by following these instructions.

tl;dr: swap is disabled by default. If the cgroup is disabled or container swap limits are otherwise compromised like this warning indicates, you won't be able to set those limits.


Docker daemon relies on the following virtual files to implement memory and swap limits:

/sys/fs/cgroup/memory/memory.limit_in_bytes
/sys/fs/cgroup/memory/memory.memsw.limit_in_bytes

If your kernel does not support swap memory limit, the second file won't be there, and docker run won't impose any limitations on the use of the swap space. That way the container is even allowed to use more swap than the -m, --memory setting, as if --memory-swap had been set to -1. Obviously, the container can't use more swap space than you have configured on your system.

However, the warning message is also trying to say that option -m, --memory will still take effect, and the maximum amount of user memory (including file cache) will be set as intended.

The mentioned cgroup mount point may differ, consult /proc/self/mounts.

Tags:

Docker

Recent Posts