Docker Container Resource Management: CPU, RAM and IO: Part 1

Prerequisites

Clean Up Preparation

docker stop $(docker ps -a -q) #stop ALL containers
docker rm -f $(docker ps -a -q) # remove ALL containers

— memory-reservation

Allows you to specify a soft limit smaller than — memory which is activated when Docker detects contention or low memory on the host machine. If you use — memory-reservation, it must be set lower than — memory for it to take precedence. Because it is a soft limit, it does not guarantee that the container doesn’t exceed the limit.

docker container run -d --memory-reservation=250m --name mymem1 alpine:3.8 sleep 3600
docker container run -d --memory-reservation=250m --name mymem2 alpine:3.8 sleep 3602
docker container run -d --memory-reservation=250m --name mymem3 alpine:3.8 sleep 3603
docker container run -d --memory-reservation=250m --name mymem4 alpine:3.8 sleep 3604
docker container run -d --memory-reservation=250m --name mymem5 alpine:3.8 sleep 3605
PID USER        VIRT    RES    SHR S %MEM     TIME+ COMMAND
933 root 967.4m 86.0m 24.3m S 8.7 0:55.87 dockerd
940 root 582.0m 36.3m 12.3m S 3.7 0:46.50 docker-containe
13422 root 8.7m 3.3m 2.5m S 0.3 0:00.02 docker-containe
13309 root 7.3m 3.0m 2.3m S 0.3 0:00.02 docker-containe
13676 root 7.3m 2.9m 2.2m S 0.3 0:00.01 docker-containe
13540 root 7.3m 2.8m 2.1m S 0.3 0:00.01 docker-containe
13793 root 8.7m 2.7m 2.1m S 0.3 docker-containe
CONTAINER ID        NAME                CPU %               MEM USAGE / LIMIT     MEM %               NET I/O             BLOCK I/O           PIDS
a1a4bd1c226b mymem5 0.00% 1.086MiB / 985.2MiB 0.11% 578B / 0B 1.19MB / 0B 0
9ced89c63a7e mymem4 0.00% 1.105MiB / 985.2MiB 0.11% 648B / 0B 1.19MB / 0B 0
696f1cef7d57 mymem3 0.00% 1.113MiB / 985.2MiB 0.11% 648B / 0B 1.19MB / 0B 0
77d61012b5fd mymem2 0.00% 1.086MiB / 985.2MiB 0.11% 648B / 0B 1.19MB / 0B 0
fab3faa6d23d mymem1 0.00% 1.043MiB / 985.2MiB 0.11% 648B / 0B 1.19MB / 0B 0
docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
a1a4bd1c226b alpine:3.8 "sleep 3605" 2 minutes ago Up 2 minutes mymem5
9ced89c63a7e alpine:3.8 "sleep 3604" 4 minutes ago Up 4 minutes mymem4
696f1cef7d57 alpine:3.8 "sleep 3603" 5 minutes ago Up 5 minutes mymem3
77d61012b5fd alpine:3.8 "sleep 3602" 6 minutes ago Up 6 minutes mymem2
fab3faa6d23d alpine:3.8 "sleep 3600" 8 minutes ago Up 8 minutes mymem1
docker container stop mymem1 -t 0
docker container stop mymem2 -t 0
docker container stop mymem3 -t 0
docker container stop mymem4 -t 0
docker container stop mymem5 -t 0
docker container prune -f

— memory and — memory-swap (No Swapping Allowed)

docker pull python:3-alpine
docker container run -d --memory=20m --memory-swap=20m --name myPython python:3-alpine sleep 3600docker exec -it myPython /bin/sh
longstring = []
for x in range(17):
len(longstring)
longstring.append('1' * 10**6)
>>> for x in range(17):
... len(longstring)
... longstring.append('1' * 10**6)
...
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Killed
docker container stop myPython
docker container prune -f

— memory and — memory-swap (Swapping Allowed)

docker container run -d --memory=20m --memory-swap=30m --name myPython python:3-alpine sleep 3600

docker exec -it myPython /bin/sh
longstring = []
for x in range(24):
len(longstring)
longstring.append('1' * 10**6)
0 to 24 shown ... no killing
top - 13:20:38 up  4:41,  2 users,  load average: 0.11, 0.05, 0.06
Tasks: 119 total, 1 running, 118 sleeping, 0 stopped, 0 zombie
%Cpu(s): 0.2 us, 0.3 sy, 0.0 ni, 99.5 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
MiB Mem : 985.219 total, 466.879 free, 190.812 used, 327.527 buff/cache
MiB Swap: 1499.996 total, 1490.078 free, 9.918 used. 618.730 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND SWAP
933 root 20 0 967.4m 91.5m 24.3m S 9.3 0:45.46 dockerd
940 root 20 0 579.9m 33.1m 12.3m S 0.3 3.4 0:36.73 docker-containe
11900 root 20 0 253.5m 19.1m 10.5m S 1.9 0:00.25 docker
11941 root 20 0 39.1m 17.4m S 1.8 0:00.39 python3 9.5m
longstring = []
for x in range(26):
len(longstring)
longstring.append('1' * 10**6)
it gets killed
docker container stop myPython
docker container prune -f

— oom-kill-disable

docker container run -d --oom-kill-disable --memory=20m --memory-swap=30m --name myPython python:3-alpine sleep 3600
docker exec -it myPython /bin/sh
python3a = []
for x in range(26):
len(a)
a.append('1' * 10**6)
PID USER      PR  NI    VIRT    RES    SHR S  %CPU %MEM     TIME+ COMMAND             SWAP
12317 root 20 0 41.0m 17.6m 0.0m D 1.8 0:00.32 python3 10.7m
docker exec -it myPython /bin/sh
docker inspect myPython

— cpu-shares

— cpu-shares: Set this flag to a value greater or less than the default of 1024 to increase or reduce the container’s weight, and give it access to a greater or lesser proportion of the host machine’s CPU cycles.
This is only enforced when CPU cycles are constrained. When plenty of CPU cycles are available, all containers use as much CPU as they need. In that way, this is a soft limit. — cpu-shares does not prevent containers from being scheduled in swarm mode.
It prioritizes container CPU resources for the available CPU cycles. It does not guarantee or reserve any specific CPU access.

docker container run -d --cpu-shares=1024 --name mycpu1024 alpine:3.8 /bin/sh -c 'time dd if=/dev/urandom bs=1M count=100 | md5sum'
docker container run -d --cpu-shares=500 --name mycpu500 alpine:3.8 /bin/sh -c 'time dd if=/dev/urandom bs=1M count=100 | md5sum'
docker container run -d --cpu-shares=100 --name mycpu100 alpine:3.8 /bin/sh -c 'time dd if=/dev/urandom bs=1M count=100 | md5sum'
docker logs mycpu1024
docker logs mycpu500
docker logs mycpu100
docker logs mycpu1024
real 0m 15.29s
user 0m 0.00s
sys 0m 14.51s
docker logs mycpu500
real 0m 18.65s
user 0m 0.00s
sys 0m 15.28s
docker logs mycpu100
real 0m 23.28s
user 0m 0.00s
sys 0m 13.09s
docker container prune -f

— cpu-shares Identically Allocated

— cpu-shares: Set this flag to increase or reduce the container’s weight, and give it access to a greater or lesser proportion of the host machine’s CPU cycles.

docker container run -d --cpu-shares=1024 --name mycpu1024a alpine:3.8 /bin/sh -c 'time dd if=/dev/urandom bs=1M count=100 | md5sum'
docker container run -d --cpu-shares=1024 --name mycpu1024b alpine:3.8 /bin/sh -c 'time dd if=/dev/urandom bs=1M count=100 | md5sum'
docker container run -d --cpu-shares=1024 --name mycpu1024c alpine:3.8 /bin/sh -c 'time dd if=/dev/urandom bs=1M count=100 | md5sum'
CONTAINER ID        NAME                CPU %               MEM USAGE / LIMIT     MEM %               NET I/O             BLOCK I/O           PIDS
c4625617f339 mycpu1024c 63.79% 1.262MiB / 985.2MiB 0.13% 648B / 0B 1.33MB / 0B 0
44362316e33a mycpu1024b 68.44% 1.254MiB / 985.2MiB 0.13% 648B / 0B 1.33MB / 0B 0
a704aca5c0d7 mycpu1024a 66.27% 1.254MiB / 985.2MiB 0.13% 648B / 0B 1.35MB / 0B 0
docker logs mycpu1024a
docker logs mycpu1024b
docker logs mycpu1024c
docker logs mycpu1024a
real 0m 21.25s
user 0m 0.00s
sys 0m 14.72s
docker logs mycpu1024b
real 0m 22.53s
user 0m 0.00s
sys 0m 15.21s
docker logs mycpu1024c
real 0m 21.45s
user 0m 0.00s
sys 0m 15.09s
docker container prune -f

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store