Understanding the Basics of Docker Resource Limits

By default, Docker doesn’t limit set any resource limits so docker containers have full access to the CPU and RAM of the host. So without limiting these factors in a production environment will lead docker to utilise all the system resources which gradually brings other kernel processes down.In this tutorial we are going to learn the basic of docker resources limits and how it helps in our production applications.

Checkout our previous docker blogs

Docker blogs

Why do we need resource limits in docker?

We need to set the limit for running containers because if a running container consumes too much memory and if the Linux kernel detects that there is not enough memory to perform other important tasks it will start killing the process in order to free up memory this is called OOME(Out of memory expectation). So it might kill other useful processes running on the server. So we need to define limits for each container in order to avoid this.

There are 2 ways in which we can limit our container’s resources

1: Limiting docker memory access

2: Limiting docker CPU access.

Next, we are going to learn how to set these limits for the containers.

Limiting docker memory access

Docker can enforce 2 limits on a container one is a hard limit which doesn’t allow the container to not use more than the memory specified and the other is a soft limit which allows the container to use as much memory unless a certain condition is met.

There are several memory limitations in docker.

  • Setting maximum memory for a container. (Hard limit)
  • Setting up soft limit
  • Setting swap to disk memory limit

1: Setting maximum memory for a container. (Hard limit)

For example, if you want to set a maximum memory limit for an ubuntu container use the
–memory or the –m command along with the docker run command.

-m or –memory = The maximum amount of memory the container can use. The minimum value is 6M so you need to set a value greater than this

Syntax

sudo docker run -it –memory=”[memory_limit]” [docker_image]

sudo docker run -d -it –memory=”1g” ubuntu

Now the ubuntu container is running on the memory limit we defined in order to confirm it use the docker inspect command and you can see fields similar to the below image.

2: Setting up soft limit.

Memory reservation allows you to specify a soft limit smaller than –memory which is activated when Docker detects contention or low memory on the host machine.
The soft limit must be lower than the hard limit.

For example in order to set the ubuntu container memory reservation of 500M and maximum memory to 1GB use the below command. So whenever there is low memory on the host machine the docker detects it and activates the soft limit for the container so automatically if the container’s memory is at its peak it gets lowered over a period of limitation.

sudo docker run -it –memory=”1g” –memory-reservation=”500m” ubuntu

3: Setting swap to disk memory limit

If the container exhausted all the RAM allocated to it by hard limit it can still write excessive memory requirements to disk memory (swap). This is not recommended in production use cases as it will slow down the performance.

In order to use the swap memory you need to already define the hard limit of the container using the –memory of the -m flag.
Swap memory = total amount of swap + the total amount of non-swap memory (–memory controls the non-swap memory)

The container will still continue to write memory to swap disk even if the memory limit of 1GB is reached for example, if you want to define –1 GB of swap memory for a ubuntu container use the below syntax

sudo docker run -it –memory=”[memory_limit]” –memory-swap=”[memory_limit]” [docker_image]

sudo docker run -d -ti –memory=”1g” –memory-swap=”2g” ubuntu

Limiting docker CPU access

Similar to ram by default docker container doesn’t have a limit for the CPU.So giving containers unlimited CPU resources can bring down the system.

Suppose we are having 2 CPU’s in our system we can limit our containers to only use 1 CPU in order to run using the command -cpus="1.0".

sudo docker run -it –cpus=”1.0″ ubuntu

Here’s a sample docker-compose.yml file that pulls the official nginx image from Docker Hub and sets CPU and memory limits

version: '3'

services:
  web:
    image: nginx
    restart: always
    ports:
      - "80:80"
    deploy:
      resources:
        limits:
          cpus: '0.5'
          memory: '256m'

In this file, we define a service called web that uses the nginx image. We also set the service to always restart in case of failure. The ports section maps port 80 of the container to port 80 of the host.

In the deploy section, we specify the resources that this service can use. Specifically, we set a CPU limit of 0.5 and a memory limit of 256 megabytes.

Summary:
In this article, we have learned how to set a docker resource limit for a container
For more details regarding resources, and limitations check out the docker official documentation.
https://docs.docker.com/config/containers/resource_constraints/

Leave a Reply

Your email address will not be published. Required fields are marked *