How does a container use more memory than the limit?

Question

How does a container use more memory than the limit?

My project can be an overloaded system, and I have to increase reliability by specifying a suitable container limit by which the shared mem from node should not be shared. But I am confused with the following statements in the Kubernetes v1.1 Qos Resource document :

Incompressible resource guarantees
if they exceed their memory request, they can be killed (if any other container needs memory)
Containers will be killed if they use more memory than their limit.

and the docker stats shows "LIMIT" for each container:

I think this means that containers will not use mems more than "LIMIT", since I sometimes met with MEM% 100% , so how and when are the containers killed?

Update

I think OOM Killer is enabled with a default value of 0 .

 > cat /proc/sys/vm/oom_kill_allocating_task 0

0

docker kubernetes

Yang Feb 29 '16 at 8:51

source share

1 answer

Jan garaj · Answer 1 · 2016-02-29T09:11:04+0000

The cgroup memory limit function is used, so I recommend reading the cgroup document:

Tasks that attempt to consume more memory than they are solved are immediately killed by the OOM killer.

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Resource_Management_Guide/sec-memory.html

How does a container use more memory than the limit?

Incompressible resource guarantees

Update

More articles: