Page MenuHomeDevCentral
Differential D2807

Prevent Hauk from using swap
ClosedPublic
Actions

Authored by dereckson on Feb 20 2023, 23:19.
Tags
Referenced Files
Unknown Object (File)
Wed, Sep 18, 15:19
Unknown Object (File)
Wed, Sep 18, 14:57
Unknown Object (File)
Wed, Sep 18, 14:30
Unknown Object (File)
Wed, Sep 18, 12:45
Unknown Object (File)
Wed, Sep 18, 12:43
Unknown Object (File)
Fri, Sep 6, 09:45
Unknown Object (File)
Fri, Sep 6, 07:08
Unknown Object (File)
Fri, Sep 6, 03:58
View All Files
Subscribers
None

Details

Reviewers
dereckson
Commits
rOPS93379587e03c: Prevent Hauk from using swap
Summary

For privacy purpose, don't allow the container to use swap.
Geolocalisation will so only stored on RAM, never on disk.

Reference: https://docs.docker.com/config/containers/resource_constraints/

Test Plan
  • deploy container on docker-002
  • docker stats hauk should show /256M as memory limit
  • docker inspect hauk should show both values

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Passed
Unit
No Test Coverage
Branch
hauk-memory
Build Status
Buildable 4450
Build 4717: arc lint + arc unit

Event Timeline

dereckson requested review of this revision.Feb 20 2023, 23:19
dereckson created this revision.
Harbormaster completed remote builds in B4448: Diff 7124.Feb 20 2023, 23:19
dereckson edited the test plan for this revision. (Show Details)Feb 20 2023, 23:20
dereckson added a project: privacy.
dereckson added a comment.Feb 20 2023, 23:38

Not really the expected values:

$ salt docker-002 state.sls_id hauk roles/paas-docker/containers/hauk test=True                                                                                                (git)-[deploy]
docker-002:
----------
          ID: hauk
    Function: docker_container.running
      Result: None
     Comment: Container 'hauk' would be replaced
     Started: 23:37:19.584131
    Duration: 1290.788 ms
     Changes:
              ----------
              container:
                  ----------
                  HostConfig:
                      ----------
                      Memory:
                          ----------
                          new:
                              268435456
                          old:
                              0
                      MemorySwap:
                          ----------
                          new:
                              536870912
                          old:
                              0

Summary for docker-002
------------
Succeeded: 1 (unchanged=1, changed=1)
Failed:    0
------------
Total states run:     1
Total run time:   1.291 s
dereckson updated this revision to Diff 7128.Feb 20 2023, 23:49

Use docker-py keys for memory

Harbormaster completed remote builds in B4450: Diff 7128.Feb 20 2023, 23:49
dereckson accepted this revision.Feb 20 2023, 23:49
This revision is now accepted and ready to land.Feb 20 2023, 23:49
Closed by commit rOPS93379587e03c: Prevent Hauk from using swap (authored by dereckson). · Explain WhyFeb 20 2023, 23:50
This revision was automatically updated to reflect the committed changes.
dereckson added a commit: rOPS93379587e03c: Prevent Hauk from using swap.

Revision Contents
Changeset List

PathSize
roles/
paas-docker/
containers/
5 lines

Diff 7128

View Options

roles/paas-docker/containers/hauk.sls

Loading...
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator