[libvirt] systemd-cgroups-agent not working in containers
Richard Weinberger
richard at nod.at
Thu Nov 27 13:46:24 UTC 2014
Am 26.11.2014 um 22:29 schrieb Richard Weinberger:
> Hi!
>
> I run a Linux container setup with openSUSE 13.1/2 as guest distro.
> After some time containers slow down.
> An investigation showed that the containers slow down because a lot of stale
> user sessions slow down almost all systemd tools, mostly systemctl.
> loginctl reports many thousand sessions.
> All in state "closing".
>
> The vast majority of these sessions are from crond an ssh logins.
> It turned out that sessions are never closed and stay around.
> The control group of a said session contains zero tasks.
> So I started to explore why systemd keeps it.
> After another few hours of debugging I realized that systemd never
> issues the release signal from cgroups.
> Also calling the release agent by hand did not help. i.e.
> /usr/lib/systemd/systemd-cgroups-agent /user.slice/user-0.slice/session-c324.scope
>
> Therefore systemd never recognizes that a server/session has no more tasks
> and will close it.
> First I thought it is an issue in libvirt combined with user namespaces.
> But I can trigger this also without user namespaces and also with systemd-nspawn.
> Tested with systemd 208 and 210 from openSUSE, their packages have all known bugfixes.
>
> Any idea where to look further?
> How do you run the most current systemd on your distro?
Btw: I face exactly the same issue also on fc21 (guest is fc20).
Thanks,
//richard
More information about the libvir-list
mailing list