how to in increase number of tcp connection above 65536 in Docker -


description

i have did tcp connect test, start tcp server in host, , start other host run containers in containers connect tcp server.

when total number of connections (sum connectoin number of containers) reach 65535 (eg: 64512 now), other tcp connection throw exception "connection timeout".

i tried use 3 hosts without docker connect tcp server each 60k connections ok, said tcp server 180k connections ok.

steps reproduce issue: 1. start tcp server in host 2. start container c1 in host b 3. start 60k connection tcp server in c1 4. start container c2 in host b 5. start 60k connection tcp server in c2

describe results received:

total tcp connection more less 120k

describe results expected:

each 60k connection in 2 container total 120k connection made.

additional information deem important (e.g. issue happens occasionally):

host configurations:

in host ``` root@debian:~# ulimit -n 800000

net.ipv4.ip_local_port_range = 5000     65535 net.ipv4.tcp_mem = 8388608      12582912        16777216 net.ipv4.netfilter.ip_conntrack_max = 1000000 net.netfilter.nf_conntrack_max = 1000000 net.netfilter.nf_conntrack_count = 64515 net.nf_conntrack_max = 1000000                total       used       free     shared    buffers     cached mem:          986m       808m       178m       8.5m       5.0m       132m -/+ buffers/cache:       670m       316m swap:         1.0g       872k       1.0g

```

in container ``` ulimit -n 800000

net.ipv4.ip_local_port_range = 1024     65535 net.ipv4.netfilter.ip_conntrack_max = 1000000 net.netfilter.nf_conntrack_max = 1000000 net.netfilter.nf_conntrack_count = 6653 ```

output of docker version:

``` client: version: 17.03.1-ce api version: 1.27 go version: go1.7.5 git commit: c6d412e built: mon mar 27 17:07:28 2017 os/arch: linux/amd64

server:  version:      17.03.1-ce  api version:  1.27 (minimum version 1.12)  go version:   go1.7.5  git commit:   c6d412e  built:        mon mar 27 17:07:28 2017  os/arch:      linux/amd64  experimental: false

```

output of docker info:

containers: 6 running: 2 paused: 0 stopped: 4 images: 15 server version: 17.03.1-ce storage driver: aufs root dir: /var/lib/docker/aufs backing filesystem: extfs dirs: 27 dirperm1 supported: true logging driver: json-file cgroup driver: cgroupfs plugins: volume: local network: bridge host macvlan null overlay swarm: inactive runtimes: runc default runtime: runc init binary: docker-init containerd version: 4ab9917febca54791c5f071a9d1f404867857fcc runc version: 54296cf40ad8143b62dbcaa1d90e520a2136ddfe init version: 949e6fa kernel version: 3.16.0-4-amd64 operating system: debian gnu/linux 8 (jessie) ostype: linux architecture: x86_64 cpus: 1 total memory: 986.9 mib name: debian id: geug:dukw:fdxq:dfup:goi7:s4yo:gih7:rx55:sq6z:zzfq:mexb:2ehp docker root dir: /var/lib/docker debug mode (client): false debug mode (server): false registry: https://index.docker.io/v1/ warning: no memory limit support warning: no swap limit support warning: no kernel memory limit support warning: no oom kill disable support warning: no cpu cfs quota support warning: no cpu cfs period support experimental: false insecure registries: 127.0.0.0/8 live restore enabled: false


Comments

Post a Comment

Popular posts from this blog

inversion of control - Autofac named registration constructor injection -

does autofac support specifying registration name in components' constructors? example: ninject's namedattribute . you need use autofac.extras.attributed package on top achieve this so let's have 1 interface , 2 classes: public interface ihello { string sayhello(); } public class englishhello : ihello { public string sayhello() { return "hello"; } } public class frenchhello : ihello { public string sayhello() { return "bonjour"; } } then have consumer class, in want select instance injected: public class helloconsumer { private readonly ihello helloservice; public helloconsumer([withkey("en")] ihello helloservice) { if (helloservice == null) { throw new argumentnullexception("helloservice"); } this.helloservice = helloservice; } public string sayhello() { return this.helloservice.sayhello()...
Read more

verilog - Systemverilog dynamic casting issues -

i've code snippet following in testbench function void write_to_port( my_data_type_base data ); my_data_type_extended data_ext; if(!$cast(data_ext, data)); `uvm_error(get_type_name(), "failed cast"); `uvm_info(get_name(), $psprintf("data_ext :\n%s", data_ext.sprint()), uvm_medium) // write data_ext out port.... endfunction when run it, i'm getting uvm_error "failed cast." i'm not quire sure why $cast not returning 1. can see, i'm printing out extended class data item after casting uvm_info. can see it's being cast properly. if don't use $cast if condition, don't runtime error. isn't coding practice use if dynamic cast check if $cast returning 1 ? what might reason behind cast not returning 1 in above case? i think semicolon on line 'if' not belong? i think consumes if statement, , uvm_error executes regardless of how if evaluates: if(!$cast(data_ext, data)); <- no semico...
Read more

ios - Change Storyboard View using Seague -

i have following code checks connection server, , depending on want change views if no connection found. nsstring *connect = [nsstring stringwithcontentsofurl:[nsurl urlwithstring:@"http://myserver.com"] encoding:nsutf8stringencoding error:nil]; if (connect == null) { [self performseguewithidentifier:@"network_failure" sender:self]; } else { // other code here } my problem not change views. have added storyboard segue between 2 views identifier of network_failure . not have navigation controller or that, problem? thanks help! no not problem. first of all, in objectivec exists nil object oriented null . must use that. so: if(connect == nil) or better: if(!connect) so due fact nil not same of null , probably code does't enter in if scope . you have been able discover breakpoint. anyway: be sure set trigger segue (line) 2 view controller , , name network_failure (that not best name. should instead view1toview2 ) as, m...
Read more