Launch container with CPU limit

dc2 · May 29, 2023, 1:59pm

Hi All,

I know we can launch containers with a limit on RAM use - i.e. a high threshold for the total RAM consumed by all containers (please confirm this is total and not per-container)…

Can we apply a similar CPU limit?

I currently have one container I want to run and limit that to 1 vCPU. In Docker Engine I will typically test with

 docker run --memory="200m" --cpus="1" container-name

Thank you.

optio · May 29, 2023, 7:42pm

That feature is not implemented in ROS afaik, but some services can have parallel threads limit in their configuration, which actually limits cores usage. If you have several containers running you cannot limit like that.

antonsb · May 30, 2023, 1:29pm

what would be the use case for such limitation?

optio · May 30, 2023, 1:43pm

Does container processes have lower cpu priority from ROS internal processes? If not, you can with containers cores limitation for eg. reserve at least 1 core to be available for ROS processes if containers can have high cpu usage.

pe1chl · May 30, 2023, 1:49pm

In Linux it is not like in some other OSes, that a process demanding CPU at the same (default) priority will automatically starve other processes.
In fact, when a process is demanding a lot of CPU, its priority is automatically decreased a little, so that other processes will go first and it gets the remainder of CPU time available.

optio · May 30, 2023, 2:26pm

But if both ROS process and container process demands high cpu at same time then are both in same priority, you cannot prioritize ROS processes or reserve core(s) for eg. to prioritize ROS process performance agains containers. Did not test it, but I will try in one container create high cpu usage on all cores and see how will ROS perform on userspace, we will see…

optio · May 30, 2023, 3:57pm

It seems that there is some impact on ROS performance. Tested on some mine heavy script with command:

> :put [/system/clock get time]; /system/script/run sms-read; global smsRead; :local smsList [$smsRead]; set smsRead; :put ("--------\r\nSms count: ".[:len $smsList]."\r\n--------"); :put [/system/clock get time]

ROS on idle:

> /system/resource/monitor                                                                                 
          cpu-used: 1%
  cpu-used-per-cpu: 1%,4%,0%,0%
       free-memory: 69580KiB
-- [Q quit|D dump|C-z pause]

Command result:

17:17:21
--------
Sms count: 4
--------
17:17:27

On high cpu usage when in container running:

# stress-ng --cpu 4 --aggressive

ROS on heavy load:

 > /system/resource/monitor                                                                                 
          cpu-used: 100%
  cpu-used-per-cpu: 100%,100%,100%,100%
       free-memory: 69240KiB
-- [Q quit|D dump|C-z pause]

Command result:

17:17:37
--------
Sms count: 4
--------
17:17:44

Each time I run script on heavy load, script returns 1s slower.

pe1chl · May 30, 2023, 4:59pm

I’m sure you can always find scenarios and cook up tests that show a problem.
My only remark is that in normal situations it will not be that much of a problem.

dzeiwa · August 15, 2023, 1:51am

Dear antonsb, I have seven containers running on a RouterOs v7.11rc on an x86, I got 2 CCR2116 which will also run these containers, four of these containers are used by Zabbix, and it is devouring cpus, it would be very useful to limit the usage cpus, just like you did with memory usage.
For example:
memory-limit: 8GB // this one already exists
cpus-limit: 0.7 // that would be 70% for containers and the remaining 30% is for RouterOs
…
Resources usually:
cpu-used: 3%
cpu-used-per-cpu: 4%,2%,0%,7%
free-memory: 14033348KiB
Resourses when refreshing Zabbix:
cpu-used: 100%
cpu-used-per-cpu: 100%,100%,100%,100%
free-memory: 13635712KiB
This is harming the operation of RouterOs.

Please consider this request and include cpus limit, it would bring RouterOs containers to a higher level.
SUP ticket number: SUP-125273

Thank you very much.

dzievamarcos · January 30, 2024, 10:37pm

what would be the use case for such limitation?

Dear antonsb, I have seven containers running on a RouterOs v7.11rc on an x86, I got 2 CCR2116 which will also run these containers, four of these containers are used by Zabbix, and it is devouring cpus, it would be very useful to limit the usage cpus, just like you did with memory usage.
For example:
memory-limit: 8GB // this one already exists
cpus-limit: 0.7 // that would be 70% for containers and the remaining 30% is for RouterOs
…
Resources usually:
cpu-used: 3%
cpu-used-per-cpu: 4%,2%,0%,7%
free-memory: 14033348KiB
Resourses when refreshing Zabbix:
cpu-used: 100%
cpu-used-per-cpu: 100%,100%,100%,100%
free-memory: 13635712KiB
This is harming the operation of RouterOs.

Please consider this request and include cpus limit, it would bring RouterOs containers to a higher level.
SUP ticket number: SUP-125273

Thank you very much.

I have been using containers since version 7.4, it is scary to see the processing at 100%, but I have noticed that this does not affect the router’s performance.
But this feature would be very welcome, and there would be no reason to worry about the cpu anymore.

nalafod · March 3, 2024, 8:39pm

I think it is really important as Routeros users will start using more and more docker containers to be able to set limits such as CPU but also important memory limits

https://docs.docker.com/config/containers/resource_constraints/

Is there plans from MikroTik to expose such options in the docker containers. I totally agree this will protect us from overcapacity in CPU and memory.

antonsb · March 4, 2024, 10:46am

we are looking into adding swap and other features, but keep in mind that this is not docker running on RouterOS, not all options can be added that easily.