Skip to content

Overlay size option: --overlay2=all:memory,size=1g #11723

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Overlay size option: --overlay2=all:memory,size=1g #11723

wants to merge 1 commit into from
+175 −17

Conversation

stepancheg
Copy link
Contributor

@stepancheg stepancheg commented May 13, 2025
edited
Loading

Implement #11504.

Add optional size= parameter to --overlay2 flag: when it is set, overlay upper layer is mounted with given size flag.

Tested:

sudo bazel-bin/runsc/runsc_/runsc --overlay2=all:memory,size=1m run --bundle ~/bu cont-i

root@:/# dd if=/dev/urandom of=/x bs=1k count=1000
1000+0 records in
1000+0 records out
1024000 bytes (1.0 MB, 1000 KiB) copied, 0.0109061 s, 93.9 MB/s

root@:/# dd if=/dev/urandom of=/x bs=1k count=1100
dd: error writing '/x': No space left on device
1021+0 records in
1020+0 records out
1044480 bytes (1.0 MB, 1020 KiB) copied, 0.011396 s, 91.7 MB/s

  -overlay
        DEPRECATED: use --overlay2=all:memory to achieve the same effect
  -overlay2 value
        wrap mounts with overlayfs. Format is
        * 'none' to turn overlay mode off
        * {mount}:{medium}[size={size}], where
            'mount' can be 'root' or 'all'
            'medium' can be 'memory', 'self' or 'dir=/abs/dir/path' in which filestore will be created
            'size' optional parameter overrides default overlay upper layer size
         (default root:self)
  -panic-log string
        file path where panic reports and other Go's runtime messages are written.

@stepancheg stepancheg force-pushed the overlay-size branch 4 times, most recently from c25a5c4 to 10ff226 Compare May 13, 2025 06:20
@stepancheg stepancheg marked this pull request as ready for review May 13, 2025 06:20
@stepancheg stepancheg changed the title Overlay size option: --overlay2=all:memory:size=1g Overlay size option: --overlay2=all:memory,size=1g May 15, 2025
@stepancheg
Copy link
Contributor Author

Changed syntax from

--overlay2=all:memory:size=1g

to

--overlay2=all:memory,size=1g

@stepancheg stepancheg force-pushed the overlay-size branch 2 times, most recently from 9642db8 to d7cb29a Compare May 15, 2025 20:50
ayushr2
ayushr2 reviewed May 15, 2025
View reviewed changes
Copy link
Collaborator

@ayushr2 ayushr2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please see the discussion in #11504. I'd prefer not to complicate the --overlay2 flag any further. If you really want to use memory backend via --overlay2=*:memory, then consider applying memory limits to the entire container. OR try using the file backend with self medium and setting up size limits on the host rootfs directory.

runsc/boot/vfs.go Outdated
@@ -585,6 +585,12 @@ func (c *containerMounter) configureOverlay(ctx context.Context, conf *config.Co
// filesystem specific options.
upperOpts := *lowerOpts
upperOpts.GetFilesystemOptions = vfs.GetFilesystemOptions{InternalMount: true}
if conf.GetOverlay2().Size() != "" {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In gVisor, the overlay can be configured in many scenarios:

  • Via --overlay2 flag for rootfs or even bind mounts.
  • For specific bind mounts using mount annotations

See

gvisor/runsc/container/container.go

Line 939 in d30c58e

func (c *Container) initGoferConfs(ovlConf config.Overlay2, mountHints *boot.PodMountHints, rootfsHint *boot.RootfsHint) error {

So applying the size limit to every overlay in the sandbox based on --overlay2 flag is incorrect.

@ayushr2 ayushr2 mentioned this pull request May 15, 2025
Open
@stepancheg stepancheg mentioned this pull request May 15, 2025
Closed
@stepancheg
Copy link
Contributor Author

(deleted wrong comments; let me think)

@stepancheg
Copy link
Contributor Author

New version where overlay size is passed in GoferMountConf.UpperSize.

ayushr2
ayushr2 reviewed May 19, 2025
View reviewed changes
runsc/boot/vfs.go
Comment on lines +589 to +591
if upperOpts.GetFilesystemOptions.Data != "" {
upperOpts.GetFilesystemOptions.Data += ","
}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is guaranteed to be false right? Since we just initialized upperOpts.GetFilesystemOptions on line 587 above.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. I added here so that next time someone will add another option here or above, they won't forget to add a comma. I can revert.

runsc/container/container.go
@@ -939,6 +939,7 @@ func createGoferConf(overlayMedium config.OverlayMedium, mountType string, mount
func (c *Container) initGoferConfs(ovlConf config.Overlay2, mountHints *boot.PodMountHints, rootfsHint *boot.RootfsHint) error {
// Handle root mount first.
overlayMedium := ovlConf.RootOverlayMedium()
overlaySize := ovlConf.RootOverlaySize()
mountType := boot.Bind
if rootfsHint != nil {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For similar reasons as mentioned below, if rootfs is being configured by the rootfs annotations (rootfsHint != nil), then overlaySize should be reset.

Also, I think we should extend the rootfs annotation to include specifying size:

gvisor/runsc/boot/mount_hints.go

Line 230 in d19c3bc

// RootfsHint represents extra information about rootfs that are provided via

Maybe dev.gvisor.spec.rootfs.options which has value like size=.... Later we can extend this to support more tmpfs options if need be.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added the option.

    "annotations": {
        "dev.gvisor.spec.rootfs.type": "bind",
        "dev.gvisor.spec.rootfs.source": "/",
        "dev.gvisor.spec.rootfs.overlay": "memory",
        "dev.gvisor.spec.rootfs.options": "size=1m"
    }

@stepancheg stepancheg requested a review from ayushr2 May 21, 2025 15:56
@stepancheg
Copy link
Contributor Author

Next version ready for review.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ayushr2 ayushr2 Awaiting requested review from ayushr2

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@stepancheg @ayushr2