Configure the container memory limit support without swap limit capabilities.
When a container exceeds the specified amount of memory, the container starts to swap. Not all Linux distributions have the swap limit support enabled by default.
Red Hat distributions usually have swap limit support enabled by default.
Debian and Ubuntu distributions usually have swap limit support disabled by default.
To check if your system supports swap limit capabilities, in the engine machine run the following command:
sudo docker run --rm -it --memory=1g demisto/python:1.3-alpine true
If swap limit capabilities
is enabled, Configure the Memory Limitation . To test the memory, see Test the Memory Limit.
If you see the WARNING: Your kernel does not support swap limit capabilities or the cgroup is not mounted. Memory limited without swap.
message in the output (the message may vary between Docker versions), you have two options:
Configure
swap limit capabilities
by following the Docker documentation.Follow the procedure set out below.
To protect the host from a container using too many system resources (either because of a software bug or a DoS attack), limit the resources available for each container. In the engine configuration file, some of these settings are set using the advanced parameter: python.pass.extra.keys
. This key receives as a parameter full docker run
options, separated with the ##
string.
If you see the WARNING: No swap limit support
you can configure memory support without swap limit capabilities
.
To set the docker run
option --memory-swap
option to -1
(disables swap memory enforcement):
Add the following key:
"python.pass.extra.keys": "--memory=1g##--memory-swap=-1"
If you have the
python.pass.extra.keys
already set up with a value, add the vlaue after the##
separator.Save the changes.
Restart the demisto service on the engine machine.
sudo systemctl start d1
(Ubuntu/DEB)
sudo service d1 restart