From 39e2041c6947c654dbef50c751b4a9f39812e38b Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 31 Aug 2018 12:45:07 +0200 Subject: [PATCH] systemd: set Limit* to infinity There is a not-insignificant performance overhead for all containers (if containerd is a child of Docker, which is the current setup) if systemd sets rlimits on the main Docker daemon process (because the limits propogate to all children). Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 68e15413dce8d6e8f428ac286641a9482d30aabc) Signed-off-by: Eli Uriegas Upstream-commit: 1246dedcd55058a2856c7042509fb0badcefbf91 Component: packaging --- components/packaging/systemd/docker.service | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/components/packaging/systemd/docker.service b/components/packaging/systemd/docker.service index ff042cb774..0c414c275b 100644 --- a/components/packaging/systemd/docker.service +++ b/components/packaging/systemd/docker.service @@ -17,6 +17,10 @@ Restart=always # /opt/containerd/bin is in front so dockerd grabs the correct runc binary Environment="PATH=/opt/containerd/bin:/sbin:/usr/bin:/usr/local/bin:$PATH" +# Having non-zero Limit*s causes performance problems due to accounting overhead +# in the kernel. We recommend using cgroups to do container-local accounting. +LimitNOFILE=infinity +LimitNPROC=infinity LimitCORE=infinity [Install]