Docker containers don't pin to host CPUs

Solution Unverified - Updated -

Issue

  • Docker containers don't pin to host CPUs
  • CPU isolation has been correctly configured
$ grep CPUAffinity etc/systemd/system.conf
#CPUAffinity=1 2
CPUAffinity=0 20 40 60

$ cat proc/cmdline 
BOOT_IMAGE=/boot/vmlinuz-3.10.0-1062.el7.x86_64 root=UUID=171e4a46-fa83-43c0-b6e5-bf2121c74aac ro console=tty0 console=ttyS0,115200n8 crashkernel=auto rhgb quiet intel_idle.max_cstate=1 idle=poll isolcpus=1-19,21-39,41-59,61-79 default_hugepagesz=1GB hugepagesz=1G hugepages=350 iommu=pt intel_iommu=on skew_tick=1 nohz=on nohz_full=1-19,21-39,41-59,61-79 rcu_nocbs=1-19,21-39,41-59,61-79 tuned.non_isolcpus=10000100,00100001 intel_pstate=disable nosoftlockup
  • But docker containers are running on top of those isolated cores
# find -L /proc/[0-9]*/exe ! -type l | cut -d / -f3 | xargs -l -i sh -c 'ps -p {} -o comm=; taskset -acp {}'

<Snip>

virtlogd
pid 19993's current affinity list: 0-79
crond
pid 20019's current affinity list: 0-79
iscsid
pid 20049's current affinity list: 0-79
libvirtd
pid 20463's current affinity list: 0-79
pid 20575's current affinity list: 0-79
pid 20576's current affinity list: 0-79
pid 20577's current affinity list: 0-79
pid 20578's current affinity list: 0-79
pid 20579's current affinity list: 0-79

Environment

  • Red Hat OpenStack Platform 13

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content