search

hhvm / hhvm-docker

Dockerfiles for HHVM
MIT License
55 stars 11 forks source link

set_mempolicy: Operation not permitted in container building phase #11

Open 4406arthur opened 7 years ago

4406arthur commented 7 years ago

As the title , does it will cause the performance issue ?

I found my case will slower than php56...

mofarrell commented 7 years ago

Is there a reason you are building these images rather than using the ones we publish on docker hub? This is now relatively out of date.

fredemmott commented 7 years ago

This message also shows up when using our images, but I'v enot looked into what's causing it or what the effects are.

mofarrell commented 7 years ago

I added config options to stop the warning. Disabling the perf event system stops the warnings.

vieira commented 7 years ago

@mofarrell Would you mind sharing the config options that one can set to stop this from happening? I am still seeing this on:

$ hhvm --version
set_mempolicy: Operation not permitted
HipHop VM 3.21.0 (rel)
Compiler: tags/HHVM-3.21.0-0-gbdbaff80f67e02080f1ea377d30efee63f10126d
Repo schema: 1381c379b9e7d8cd9efa2ce49aeb6f699919dc3a
mofarrell commented 7 years ago

Our current dockerfile templates look like this: hhvm template:

FROM ubuntu:%(basever)s                                                   

ENV HHVM_DISABLE_NUMA true                                                

RUN apt-key adv --recv-keys --keyserver \                                 
  hkp://keyserver.ubuntu.com:80 0x5a16e7281be7a449                          
RUN apt-get update -y && apt-get install -y software-properties-common \
  && add-apt-repository "deb http://dl.hhvm.com/ubuntu %(distribution)s main" \
  && apt-get update -y \
  && apt-get install -y hhvm=%(version)s~%(basesys)s  \
  && apt-get clean \
  && rm -rf /var/lib/apt/lists/*

hhvm proxygen template:

FROM hhvm/hhvm:%(version)s                                                  

RUN mkdir -p /var/www/public                                                

ADD server.ini /etc/hhvm/server.ini                                         
RUN touch /etc/hhvm/site.ini                                                

EXPOSE 80                                                                   

CMD ["/usr/bin/hhvm", "-m", "server", "-c", "/etc/hhvm/server.ini", "-c", "/etc/hhvm/site.ini"]

server.ini for the hhvm proxygen image:

; php options                                                 

pid = /var/run/hhvm/pid                                       

; hhvm specific                                               

hhvm.server.port = 80                                         
hhvm.server.type = proxygen                                   
hhvm.server.allow_run_as_root = true                          
hhvm.server.default_document = index.php                      
hhvm.server.error_document404 = index.php                     
hhvm.repo.central.path = /var/run/hhvm/hhvm.hhbc              
hhvm.server.source_root=/var/www/public                       
hhvm.profile_hw_enable=false                                  

; default log location is stdout/err, which is good for docker
hhvm.log.use_log_file = true

Using settings that change users will violate docker's default security policy. Either start as the desired user, or use the allow_run_as_root option as above.

ephraimrothschild commented 6 years ago

Is there a way to get that error to go away without running docker in privileged mode? I am trying to get hhvm to run arbitrary user-generated code, and don't want to allow docker to have access to anything on the host server that it doesn't absolutely need.

mofarrell commented 6 years ago

@ephraimrothschild Are you running with our docker images? They should not have this error. The error is due to HHVM asking the system information about its numa configuration (which docker prohibits). This can't be configured using our runtime options since they are initialized after the numa configuration is setup. We created an environment variable that disables numa use entirely HHVM_DISABLE_NUMA. This is set to true in our docker images, and should stop the error.

fredemmott commented 6 years ago

@mofarrell we've regressed in 3.18.2+ - 3.21 and 3.22 seem fine:

fredemmott-fb:hhtest fredemmott$ docker run hhvm/hhvm:3.18.1 hhvm --version
HipHop VM 3.18.1 (rel)
Compiler: tags/HHVM-3.18.1-0-g4f792a827d9b6fcc4bcd7940a1b92280f3fdedc3
Repo schema: b9aebb86bbda024eeeed6f608c9a49076563f9c7
fredemmott-fb:hhtest fredemmott$ docker run hhvm/hhvm:3.18.2 hhvm --version
set_mempolicy: Operation not permitted
HipHop VM 3.18.2 (rel)
Compiler: tags/HHVM-3.18.2-0-g1e28cfedefb439554cae05f1721bd6ea60c31839
Repo schema: 7aa473404e83b5cd2d1a53c6f3200a3a9012f2f1
fredemmott-fb:hhtest fredemmott$ docker run hhvm/hhvm:3.18.5 hhvm --version
set_mempolicy: Operation not permitted
HipHop VM 3.18.5 (rel)
Compiler: tags/HHVM-3.18.5-0-g61f6a1f9a199c929980408aff866f36a7b4a1515
Repo schema: 514949365dd9d370d84ea5a6db4a3dd3b619e484