Getting out of memory warnings on host

Just in case this could be your issue: in my limited experience with docker (not LXC) even when you limit the memory for the container at the host/hypervisor level is not seen from within the container like if it were a VM. The container sees the whole 32GBs of RAM your host has, if your application within the container is not limited to a lower (or at most the same) memory size limit you set on the container itself then you might run into these OOM issues. Example:
  • You create a Wireguard LXC with a memory size limit of 4GB
  • When you start your Wireguard LXC container it can see the whole 32GBs of RAM of your host
  • Not sure what the default amount of RAM is Wireguard configured to use, let's say 8GB (or unlimited :))
  • When Wireguard tries to use more than 4GBs of memory it'll be killed due to OOM by the LXC engine (due to being limited to 4GBs in its config)
When you configure a VM (not a container) the OS of that VM is only able to see the memory size limit you configure for it, nothing more. Also, this is what I've observed in docker, there might be some better technical/logical explanation for this behavior somewhere. ;)

Some additional info can be found in this other thread: OOM Error For Ubuntu LXC Containers
 
  • Like
Reactions: nicedevil
dbuenoparedes said:
Just in case this could be your issue: in my limited experience with docker (not LXC) even when you limit the memory for the container at the host/hypervisor level is not seen from within the container like if it were a VM. The container sees the whole 32GBs of RAM your host has, if your application within the container is not limited to a lower (or at most the same) memory size limit you set on the container itself then you might run into these OOM issues. Example:
  • You create a Wireguard LXC with a memory size limit of 4GB
  • When you start your Wireguard LXC container it can see the whole 32GBs of RAM of your host
  • Not sure what the default amount of RAM is Wireguard configured to use, let's say 8GB (or unlimited :))
  • When Wireguard tries to use more than 4GBs of memory it'll be killed due to OOM by the LXC engine (due to being limited to 4GBs in its config)
When you configure a VM (not a container) the OS of that VM is only able to see the memory size limit you configure for it, nothing more. Also, this is what I've observed in docker, there might be some better technical/logical explanation for this behavior somewhere. ;)

Some additional info can be found in this other thread: OOM Error For Ubuntu LXC Containers
Click to expand...
That helped a lot!

I was able to track this issue down to my pihole LXC container running on turnkey-core, how I have to figure out how I can do anything to keep it away from doing so
 
You must log in or register to reply here.
Top Bottom