-
Notifications
You must be signed in to change notification settings - Fork 230
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Request to address zombie/defunct processes by modifying container main process #517
Comments
I also thought that these days, most applications running on Kubernetes shouldn't need it. The pause container and sharing the process namespaces should be able to cover many responsibilities that tini/dumb-init had: https://www.ianlewis.org/en/almighty-pause-container But having seen bunch of those zombie processes, this doesn't seem to be the case. Dockerfile update would be:
FWIW: here is a Docker example of zombie processes: To make Docker use tini, just add the
From
|
@andy108369 I think the goal is to get rid of the practice of using I will reconsider the approach to using
|
@Dimokus88 yeah, that's right. |
Hey @Dimokus88 ! We only need to ensure to add the Here is example PR to show how I addressed the base-ssh container images: @Dimokus88 please proceed updating the Dockerfiles (and SDL if applicable) accordingly. Make sure to test they can actually run after updating & building them locally. |
Issue with
sleep infinity
in awesome-akash repoProblem Description
In the
awesome-akash
repository, several containers are configured to runsleep infinity
as their main process. This configuration can lead to unintended behavior, particularly the accumulation of zombie or defunct processes. This occurs becausesleep infinity
does not handle child processes properly, causing them to remain in a defunct state.Here's an example where
sleep infinity
is used:Impact
It is possible for certain deployments to initiate subprocesses that do not properly implement the wait() function. This improper handling can result in the formation of
<defunct>
processes, also known as “zombie” processes. Zombie processes occur when a subprocess completes its task but still remains in the system’s process table due to the parent process not reading its exit status. Over time, if not managed correctly, these zombie processes have the potential to accumulate and occupy all available process slots in the system, leading to resource exhaustion.These zombie processes aren’t too harmful much (they don’t occupy cpu/mem / nor impact cgroup cpu/mem limits) unless they take up the whole process table space so no new processes will be able to spawn, i.e. the limit:
If
sleep infinity
is set as the main container process (PID 1), it fails to properly reap child processes, leading to their accumulation as zombie processes. Containers with such configurations may be terminated by the zombie killer cron job, implemented by some providers to handle these defunct processes.Proposed Solutions
/usr/sbin/sshd -D
is preferable tosleep infinity
.tini
,dumb-init
, orrunit
, which are designed to handle child processes correctly:Additional Resources
Request for Action
I suggest reviewing the current use of
sleep infinity
across the repository and discussing potential alternatives for better process management. This change could improve the stability and performance of deployments using this repository.The text was updated successfully, but these errors were encountered: