There are many cases in which we need to limit the usage of resources on the docker host machine.
In this tutorial, we'll learn how to set the memory and CPU limit for docker containers.
2. Setting Resources Limit With docker run
We can set the resource limits directly using the docker run command. It's a simple solution. However, the limit will apply only to one specific execution of the image.
For instance, let's limit the memory that the container can use to 512 megabytes.
To constrain memory, we need to use the m parameter:
$ docker run -m 512m nginx
We can also set a soft limit called a reservation.
It's activated when docker detects low memory on the host machine:
$ docker run -m 512m --memory-reservation=256m nginx
By default, access to the computing power of the host machine is unlimited. We can set the CPUs limit using the cpus parameter.
Let's constrain our container to use at most two CPUs:
$ docker run --cpus=2 nginx
We can also specify the priority of CPU allocation.
The default is 1024, and higher numbers are higher priority:
$ docker run --cpus=2 --cpu-shares=2000 nginx
Similar to the memory reservation, CPU shares play the main role when computing power is scarce and needs to be divided between competing processes.
3. Setting Memory Limit With the docker-compose File
We can achieve similar results using docker-compose files. Remember that the format and possibilities will vary between versions of docker-compose.
3.1. Versions 3 and Newer With docker swarm
Let's give the Nginx service limit of half of CPU and 512 megabytes of memory, and reservation of a quarter of CPU and 128 megabytes of memory.
We need to create deploy and then resources segments in our service configuration:
services: service: image: nginx deploy: resources: limits: cpus: 0.50 memory: 512M reservations: cpus: 0.25 memory: 128M
To take advantage of the deploy segment in a docker-compose file, we need to use the docker stack command.
To deploy a stack to the swarm, we run the deploy command:
$ docker stack deploy --compose-file docker-compose.yml bael_stack
3.2. Version 2 With docker-compose
In older versions of docker-compose, we can put resource limits on the same level as the service's main properties.
They also have slightly different naming:
service: image: nginx mem_limit: 512m mem_reservation: 128M cpus: 0.5 ports: - "80:80"
To create configured containers, we need to run the docker-compose command:
$ docker-compose up
4. Verifying Resources Usage
After we set the limits, we can verify them using the docker stats command:
$ docker stats CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS 8ad2f2c17078 bael_stack_service.1.jz2ks49finy61kiq1r12da73k 0.00% 2.578MiB / 512MiB 0.50% 936B / 0B 0B / 0B 2
In this article, we explored ways of limiting the docker's access to the host's resources.
We looked at usage with the docker run and docker-compose commands. Finally, we controlled resource consumption with docker stats.