Hello!
Some days ago I had a node of our production Proxmox VE 5.4-13 7-nodes cluster allocating much more RAM than the sum of the RAM limits configured for the VMs running on it. Using top command I found out that the KVM process of a VM having a limit of 4 GB was allocating 60 GB!!! I'd expected a little bit of overhead...so 4,5 GB would have been OK, but 60 GB clearly shows that something's wrong and it could also be a threat to cluster stability. I had to shutdown and restart the VM and now the KVM process is allocating 4 GB of RAM, but I'm worried that the problem might recur or show up on other machines.
Here is the detail of the 2898189 process, which was allocating 60 GB:
And here you can find the machine configuration:
I have to say that this VM is particular: it's an old Windows Server 2003 that has been "physical-to-virtualized" (a P2V software running on the old physical server generated an image which we converted using qemu-img convert and then mounted as boot disk on the VM), but honestly nothing happening inside the guest should make the host allocate so much RAM, this can be a security flaw.
Do you have any idea how to prevent this from happening again?
Thank you!
Some days ago I had a node of our production Proxmox VE 5.4-13 7-nodes cluster allocating much more RAM than the sum of the RAM limits configured for the VMs running on it. Using top command I found out that the KVM process of a VM having a limit of 4 GB was allocating 60 GB!!! I'd expected a little bit of overhead...so 4,5 GB would have been OK, but 60 GB clearly shows that something's wrong and it could also be a threat to cluster stability. I had to shutdown and restart the VM and now the KVM process is allocating 4 GB of RAM, but I'm worried that the problem might recur or show up on other machines.
Here is the detail of the 2898189 process, which was allocating 60 GB:
And here you can find the machine configuration:
I have to say that this VM is particular: it's an old Windows Server 2003 that has been "physical-to-virtualized" (a P2V software running on the old physical server generated an image which we converted using qemu-img convert and then mounted as boot disk on the VM), but honestly nothing happening inside the guest should make the host allocate so much RAM, this can be a security flaw.
Do you have any idea how to prevent this from happening again?
Thank you!