Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Memory and socket leak of docker daemon when using with rootless docker #3251

Open
flauschpony opened this issue Apr 11, 2024 · 0 comments
Open

Memory and socket leak of docker daemon when using with rootless docker #3251

flauschpony opened this issue Apr 11, 2024 · 0 comments

Comments

@flauschpony
Copy link

When using rootless docker every time a client is created with docker.from_env() a UNIX-STREAM socket belonging to the docker daemon is also created. Over time this can lead to hundreds or thousands of sockets and an increased memory usage of the rootless docker process. This happens even when no containers are running.

I noticed this behaviour on our Debian 12 servers, both with the Debian provided version of this library and the latest version installed with pip in a virtual environment.

client.version() output:

{
   "Platform":{
      "Name":"Docker Engine - Community"
   },
   "Components":[
      {
         "Name":"Engine",
         "Version":"26.0.0",
         "Details":{
            "ApiVersion":"1.45",
            "Arch":"amd64",
            "BuildTime":"2024-03-20T15:18:01.000000000+00:00",
            "Experimental":"false",
            "GitCommit":"8b79278",
            "GoVersion":"go1.21.8",
            "KernelVersion":"6.1.0-18-amd64",
            "MinAPIVersion":"1.24",
            "Os":"linux"
         }
      },
      {
         "Name":"containerd",
         "Version":"1.6.31",
         "Details":{
            "GitCommit":"e377cd56a71523140ca6ae87e30244719194a521"
         }
      },
      {
         "Name":"runc",
         "Version":"1.1.12",
         "Details":{
            "GitCommit":"v1.1.12-0-g51d5e94"
         }
      },
      {
         "Name":"docker-init",
         "Version":"0.19.0",
         "Details":{
            "GitCommit":"de40ad0"
         }
      },
      {
         "Name":"rootlesskit",
         "Version":"2.0.2",
         "Details":{
            "ApiVersion":"1.1.1",
            "NetworkDriver":"slirp4netns",
            "PortDriver":"builtin",
            "StateDir":"/run/user/2001/dockerd-rootless"
         }
      },
      {
         "Name":"slirp4netns",
         "Version":"1.2.0",
         "Details":{
            "GitCommit":"656041d45cfca7a4176f6b7eed9e4fe6c11e8383"
         }
      }
   ],
   "Version":"26.0.0",
   "ApiVersion":"1.45",
   "MinAPIVersion":"1.24",
   "GitCommit":"8b79278",
   "GoVersion":"go1.21.8",
   "Os":"linux",
   "Arch":"amd64",
   "KernelVersion":"6.1.0-18-amd64",
   "BuildTime":"2024-03-20T15:18:01.000000000+00:00"
}

How to check the number of sockets belonging to the docker daemon:

lsof -p [PID of docker daemon] | grep UNIX-STREAM | wc -l

Testscript to produce a large amounts of sockets:

import docker

while True:
    client = docker.from_env()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@flauschpony