Is -XX:MaxRAMFraction=1 safe for production in a containered environment?
Java 8/9 brought support for -XX:+UseCGroupMemoryLimitForHeap (with -XX:+UnlockExperimentalVMOptions). This sets -XX:MaxRAM to the cgr
-
We did some simple testing which showed that setting
-XX:MaxRAM=$QUOTAand-XX:MaxRAMFraction=1results in killed containers under load. The JVM allocates more than 900M heap, which is way too much.-XX:MaxRAMFraction=2seems safe(ish).Keep in mind that you may want to leave headroom for other processes like getting a debug shell (
docker exec) or diagnostics in the container.
Edit: we've written up what we've learned in detail in an article. Money quotes:
TL'DR: Java memory management and configuration is still complex. Although the JVM can read cgroup memory limits and adapt memory usage accordingly since Java 9/8u131, it’s not a golden bullet. You need to know what
-XX:+UseCGroupMemoryLimitForHeapdoes and you need to fine tune some parameters for every deployment. Otherwise you risk wasting resources and money or getting your containers killed at the worst time possible.-XX:MaxRAMFraction=1is especially dangerous. Java 10+ brings a lot of improvements but still needs manual configuration. To be safe, load test your stuff.and
The most elegant solution is to upgrade to Java 10+. Java 10 deprecates
-XX:+UseCGroupMemoryLimitForHeap(11) and introduces-XX:+UseContainerSupport(12), which supersedes it. It also introduces-XX:MaxRAMPercentage(13) which takes a value between 0 and 100. This allows fine grained control of the amount of RAM the JVM is allowed to allocate. Since+UseContainerSupportis enabled by default, everything should work out of the box.
Edit #2: we've written a little bit more about
-XX:+UseContainerSupportJava 10 introduced
+UseContainerSupport(enabled by default) which makes the JVM use sane defaults in a container environment. This feature is backported to Java 8 since 8u191, potentially allowing a huge percentage of Java deployments in the wild to properly configure their memory.
加载中...
- 热议问题