If you are thinking of running your web apps inside Docker containers or you have already adapted to the technology than you should take care of one of the most important aspects, which is how much of the host’s resources your containers are using.
By default, there is no limit on how much memory or CPU a container can use. It can use as much as the host’s kernel scheduler allows. It is important that a running container should not be allowed to consume too much of the host machines memory or CPU. If the kernel detects that there is a very low amount of free memory left it throws an Out of Memory Exception and starts killing processes and this could result in the shut down of the whole system in some cases.
To avoid these circumstances you should always run tests on your application and find out the amount of resources required and then limit the containers to use an adequate amount of resources.
Configuring Ubuntu 18.04 to Use Docker’s Limiting Resources Feature
So let’s get started. First of all, you should check that if your kernel allows these features. For that, you need to run the following command.
$ sudo docker info
If you see the following warning at the end of the output you will have to make some changes in system files.
In this case, follow the steps below on ubuntu 18.04
- Log into Ubuntu host as a user with sudo privileges.
- Edit the /etc/default/grub file and add the following line into it.
- Save and close the file after adding the above line. You will also require to update the GRUB with the following command.
$ sudo update-grub
Changes will take effect when the system is rebooted. Confirm that changes have taken effect by again running the following command
$ sudo dockerinfo
If you don’t see the warning again, you are good to go.
Now there are two types of major resources we need to take care of.
Limiting a Container's Memory Access
While starting a container with docker run command we can specify different options. Following are the examples.
To limit a container's use of memory use --memory option. It takes a positive integer followed by a s suffix b, k, m, g. With the following command, an Ubuntu container runs with the limitation of using no more than 1 gigabyte of memory.
$ sudo docker run -it --memory=”1g” ubuntu /bin/bash
To limit a container's use of memory swap to disk use --memory-swap option. It also takes a positive integer followed by a s suffix b, k, m, g. In the following case container is allowed to use
1 gigabyte of non-swap memory and 1 gigabyte of swap memory. The total amount of swap memory allowed to a container is the difference of --memory-swap and --memory (2g - 1g). If you don’t want your container to use swap memory set both --memory and --memory-swap to equal values.
$ sudo docker run -it --memory=”1g” --memory-swap=”2g” ubuntu /bin/bash
In case docker detects low memory on the host machine and you have set --memory-reservation, its value will take precedence over --memory. But if you have not set --memory than it does not limit the container’s memory usage. It only takes effect when low memory is detected. It’s a kind of soft limitation.
$ sudo docker run -it --memory=”1g” --memory-reservation=”512m” ubuntu /bin/bash
Limiting a Container's CPU Usage
To limit a container’s CPU time use --cpus option. Setting it equal to “.5” means 50000 microseconds of CPU time.
$ sudo docker run -it --cpus=".5" ubuntu /bin/bash
To limit a container’s CPU shares use --cpus-shares option. By default, it is 1024. Increase or decrease it to allow a container to use greater or lesser portion of host machines CPU cycles. This is useful when CPU cycles are constrained by the host machine, Otherwise, containers can use as many CPU cycles as they need. This is also a kind of soft limit.
$ sudo docker run -it --cpus-shares="512" ubuntu /bin/bash
Limiting a container's resources is very much dependent on the host machine’s kernel configuration. Although it is very important to know your container's requirements and limit them accordingly you should also be familiar with the host machines environment which in this case is ubuntu 18.04. Always perform multiple tests on your apps to get a good idea of resource requirements. Using resources carefully can save a lot of costs.
You can see stats for you docker containers in running state by executing the docker stats command by specifying container name or names and verify the limits and configurations you imposed.
$ sudo docker stats ubuntu