From 4ac3ef61aac1062c9bf25ae18b25ed327a14a25c Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Tue, 23 Jan 2024 09:59:56 +0100 Subject: [PATCH] engine: add normalized RLIMIT_NOFILE default to v25 release note Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- content/engine/release-notes/25.0.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/content/engine/release-notes/25.0.md b/content/engine/release-notes/25.0.md index 8e7b8a05bc0..3d764e12eb3 100644 --- a/content/engine/release-notes/25.0.md +++ b/content/engine/release-notes/25.0.md @@ -48,6 +48,27 @@ For a full list of pull requests and changes in this release, refer to the relev ### New +- The daemon now uses systemd's default `LimitNOFILE`. In earlier versions of + Docker Engine, this limit was set to `infinity`. This would cause issues with + recent versions of systemd, where the hard limit was increased, causing + programs that adjusted their behaviors based on ulimits to consume a high + amount of memory. [moby/moby#45534](https://github.com/moby/moby/pull/45534) + + The new setting makes containers behave the same way as programs running on + the host, but may cause programs that make incorrect assumptions based on the + soft limit to misbehave. To get the previous behavior, you can set + `LimitNOFILE=1048576`. + + This change currently only affects build containers created with `docker + build` when using BuildKit with the `docker` driver. Future versions of + containerd will also use this limit, which will cause this behavior to affect + all containers, not only build containers. + + If you're experiencing issues with the higher ulimit in systemd v240 or later, + consider adding a system `drop-in` or `override` file to configure the ulimit + settings for your setup. The [Flatcar Container Linux documentation](https://www.flatcar.org/docs/latest/setup/systemd/drop-in-units/) + has a great article covering this topic in detail. + - Add OpenTelemetry tracing. [moby/moby#45652](https://github.com/moby/moby/pull/45652), [moby/moby#45579](https://github.com/moby/moby/pull/45579) - Add support for CDI devices under Linux. [moby/moby#45134](https://github.com/moby/moby/pull/45134), [docker/cli#4510](https://github.com/docker/cli/pull/4510), [moby/moby#46004](https://github.com/moby/moby/pull/46004) - Add an additional interval to be used by healthchecks during the container start period. [moby/moby#40894](https://github.com/moby/moby/pull/40894), [docker/cli#4405](https://github.com/docker/cli/pull/4405), [moby/moby#45965](https://github.com/moby/moby/pull/45965)