[Devel] [PATCH RH9 5/5] ve/fs/inotify: do not impose limit on the number of instances by default

Kirill Tkhai ktkhai at virtuozzo.com
Tue Oct 12 13:48:45 MSK 2021 

From: Vladimir Davydov <vdavydov.dev at gmail.com>

In Vz7 we haven't switched to user ns yet. As a result, all containers
use the same user_struct for the same user id. This leads to hitting
fs.inotify.max_user_instances sysctl limit quickly (it equals 128 by
default) and failing to start a container. This patch sets the default
limit to INT_MAX. This is a temporary solution and should be reverted
once we start using user ns.

In PCS6 there is no such problem, because we actually create a user ns
per container there. Although its functionality is basic in comparison
to Vz7, it still results in creating a new user_struct for each user
inside a container so that the inotify limit is containerized.

https://jira.sw.ru/browse/PSBM-39048

Signed-off-by: Vladimir Davydov <vdavydov at parallels.com>

khorenko@: to be reverted once we support userns in Virtuozzo 7
(cherry picked from 78c91a02de6b6f0423e12e12128f9433934d7c61)
Signed-off-by: Valeriy Vdovin<valeriy.vdovin at virtuozoo.com>

https://jira.sw.ru/browse/PSBM-131634
Signed-off-by: Valeriy Vdovin <valeriy.vdovin at virtuozzo.com>

khorenko@:
TODO: we have to review all places along this path of using inotifies
and make sure all allocations are accounted to Containers.
Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
 fs/notify/inotify/inotify_user.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/notify/inotify/inotify_user.c b/fs/notify/inotify/inotify_user.c
index 62051247f6d2..d30a459136b6 100644
--- a/fs/notify/inotify/inotify_user.c
+++ b/fs/notify/inotify/inotify_user.c
@@ -847,8 +847,8 @@ static int __init inotify_user_setup(void)
 					       SLAB_PANIC|SLAB_ACCOUNT);
 
 	inotify_max_queued_events = 16384;
-	init_user_ns.ucount_max[UCOUNT_INOTIFY_INSTANCES] = 128;
-	init_user_ns.ucount_max[UCOUNT_INOTIFY_WATCHES] = watches_max;
+	init_user_ns.ucount_max[UCOUNT_INOTIFY_INSTANCES] = INT_MAX;
+	init_user_ns.ucount_max[UCOUNT_INOTIFY_WATCHES] = INT_MAX;
 
 	return 0;
 }

More information about the Devel mailing list