[lxc-devel] Fork-bomb test
Tamas Papp
tompos at martos.bme.hu
Thu Nov 20 08:24:26 UTC 2014
On 11/20/2014 05:19 AM, Nishant Agrawal wrote:
> Hi Folks,
>
> I am trying to run fork bomb test inside a container to measure the
> extent of isolation containers provide. I am observing that even after
> putting all the available limits my host system becomes unresponsive
> after some time. Can someone throw light what should be the issue?
> Doesn't LXC handles situations like forkbomb?
>
> I am running linux kernel 3.13.0.36generic.
> I am setting below limits on the program,
>
> memory.limit_in_bytes 2G
> memory.soft_limit_in_bytes 1G
> memory.memsw.limit_in_bytes 3G
> memory.kmem.limit_in_bytes - 1G
>
> Any help is appreciated.
IMO the problem is that the number of processes are not and cannot be
limited.
There was a kernel patch but as far as I can it was not accepted on LKML.
However, you may try to run an unprivileged container and control the
resource usage via ulimit.
cheers,
tamas
More information about the lxc-devel
mailing list