Be Careful Setting Memory Limits for Docker Containers
Docker allows us to set memory limits for containers. However, it is important to be careful when setting memory limits as they can lead to system instability, containers shutting down, and other issues.
Table of Contents 📖
Docker Container Memory
When running multiple Docker containers on a system, it is essential to manage their resource usage. Because of this, Docker allows us to limit the amount of memory a container can use. However, be careful when setting memory limits on containers as if that memory limit is exceeded, Docker could shut down the container. Memory limits are set on a Docker container using the --memory flag. This flag defines how much RAM a container is allowed to use.
docker run --memory="512m" my_container
WARNING: If a container uses more memory than allocated, Docker will take the appropriate action to maintain system stability.
Exceeding Memory Limit
There are a couple ways Docker will respond to a container that has exceeded its allocated memory.
- Memory Throttling - Docker's kernel memory controller (Cgroup) throttles the container's memory, limiting the container's ability to allocate more memory.
- Container Kill - Docker will kill the container, shutting it down and exiting with a status code indicating Out of Memory (OOM). An example output is below:
Out of memory: Kill process 12345 (my_container) score 123 or sacrifice child
Killed process 12345 (my_container)
Handling OOM
Docker killing a container due to exceeding its memory limit is often essential for system stability. But this doesn't mean the situation can't be avoided. The most obvious solution is to set an appropriate memory limit. For example, consider upping the memory limit to 1 GB:
docker run --memory="1g" my_container
We can also configure swap space using the --memory-swap flag. In the command below, we limit the container to 512 MB of RAM, with an additional 512 MB of swap, making a total of 1 GB.
docker run --memory="512m" --memory-swap="1g" my_container
WARNING: While swap helps when memory demand is high, be aware that swap is much slower than RAM, so excessive swapping can lead to performance degradation.
Another approach is to set a restart policy on the container. For example, we can configure the container to restart if it exits with a non-zero exit code (such as from an OOM error).
docker run --restart=on-failure my_container
The final approach I want to mention is configuring the OOM killer behavior directly using the --oom-kill-disable flag. This flag prevents Docker from killing a container when it exceeds its memory limit.
docker run --oom-kill-disable --memory="512m" my_container
ERROR: Disabling OOM kills is not recommended, as it can lead to system instability! It might keep the container running, but it can lead to issues like excessive disk usage or system slowdowns if the container consumes too much memory.