lxc / incus

Powerful system container and virtual machine manager
https://linuxcontainers.org/incus
Apache License 2.0
2.83k stars 225 forks source link

high CPU usage by snapd in incus containers #434

Closed mcesaro closed 10 months ago

mcesaro commented 10 months ago

Issue description

In my development system I migrated to incus from lxd, I removed the lxd snap and the snap package. However, I found that incus containers, just like lxd, are using the snapd service that eats a lot of CPU time.

image

By looking at the dmesg log, it seems that there might be a relation with apparmor, and if this is the case is there a way to get rid of it?

Thanks

stgraber commented 10 months ago

What snap packages are you running in the container?

mcesaro commented 10 months ago

None, I avoid snap packages as much as possible. Note that on htop I get the same issue with all the containers, not just with riak1. And I masked the snapd service. image

And this is what I get from ps output:

 ps -edalf | grep snapd
1 S 1000000     1757    1601  0  80   0 -  1192 -      14:49 ?        00:00:01 snapfuse /var/lib/snapd/snaps/snapd_19993.snap /snap/snapd/19993 -o ro,nodev,allow_other,suid
1 S 1000000     2082    1937  0  80   0 -  1124 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/bare_5.snap /snap/bare/5 -o ro,nodev,allow_other,suid
1 S 1000000     2083    1937  0  80   0 -  1209 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core20_2105.snap /snap/core20/2105 -o ro,nodev,allow_other,suid
1 S 1000000     2084    1937  0  80   0 -  1124 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/gnome-3-38-2004_140.snap /snap/gnome-3-38-2004/140 -o ro,nodev,allow_other,suid
1 S 1000000     2085    1937  0  80   0 -  1124 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core20_2015.snap /snap/core20/2015 -o ro,nodev,allow_other,suid
1 S 1000000     2087    1937  0  80   0 -  1157 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/gnome-3-38-2004_143.snap /snap/gnome-3-38-2004/143 -o ro,nodev,allow_other,suid
1 S 1000000     2088    1937  0  80   0 -  1124 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/snapd_20290.snap /snap/snapd/20290 -o ro,nodev,allow_other,suid
1 S 1000000     2090    1937  0  80   0 -  1157 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/gtk-common-themes_1535.snap /snap/gtk-common-themes/1535 -o ro,nodev,allow_other,suid
1 S 1000000     2092    1937  0  80   0 -  1191 -      14:49 ?        00:00:02 snapfuse /var/lib/snapd/snaps/snapd_20671.snap /snap/snapd/20671 -o ro,nodev,allow_other,suid
1 S 1000000     2093    1937  0  80   0 -  1174 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/lxd_24322.snap /snap/lxd/24322 -o ro,nodev,allow_other,suid
0 S 1000000     2169    1937  0  80   0 - 514644 -     14:49 ?        00:00:00 /usr/lib/snapd/snapd
1 S 1000000     2709    2426  0  80   0 -  1185 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core20_2105.snap /snap/core20/2105 -o ro,nodev,allow_other,suid
1 S 1000000     2710    2426  0  80   0 -  1193 -      14:49 ?        00:00:02 snapfuse /var/lib/snapd/snaps/snapd_20671.snap /snap/snapd/20671 -o ro,nodev,allow_other,suid
1 S 1000000     2711    2426  0  80   0 -  1124 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/snapd_20290.snap /snap/snapd/20290 -o ro,nodev,allow_other,suid
1 S 1000000     2712    2426  0  80   0 -  1124 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core20_2015.snap /snap/core20/2015 -o ro,nodev,allow_other,suid
1 S 1000000     2713    2426  0  80   0 -  1174 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/lxd_24322.snap /snap/lxd/24322 -o ro,nodev,allow_other,suid
0 S 1000000     2863    2426  0  80   0 - 514580 -     14:49 ?        00:00:00 /usr/lib/snapd/snapd
1 S 1000000     3849    3296  0  80   0 -  1183 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core20_2105.snap /snap/core20/2105 -o ro,nodev,allow_other,suid
1 S 1000000     3850    3296  0  80   0 -  1174 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/lxd_24322.snap /snap/lxd/24322 -o ro,nodev,allow_other,suid
1 S 1000000     3851    3296  0  80   0 -  1124 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/snapd_20290.snap /snap/snapd/20290 -o ro,nodev,allow_other,suid
1 S 1000000     3852    3296  0  80   0 -  1124 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core20_2015.snap /snap/core20/2015 -o ro,nodev,allow_other,suid
1 S 1000000     3853    3296  0  80   0 -  1183 -      14:49 ?        00:00:02 snapfuse /var/lib/snapd/snaps/snapd_20671.snap /snap/snapd/20671 -o ro,nodev,allow_other,suid
1 S 1000000     3902    3494  0  80   0 -  1083 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core20_2015.snap /snap/core20/2015 -o ro,nodev,allow_other,suid
1 S 1000000     3903    3494  0  80   0 -  1116 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core22_1033.snap /snap/core22/1033 -o ro,nodev,allow_other,suid
1 S 1000000     3904    3494  0  80   0 -  1116 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/lxd_26200.snap /snap/lxd/26200 -o ro,nodev,allow_other,suid
1 S 1000000     3913    3494  0  80   0 -  1083 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/snapd_20290.snap /snap/snapd/20290 -o ro,nodev,allow_other,suid
1 S 1000000     3914    3494  0  80   0 -  1152 -      14:49 ?        00:00:01 snapfuse /var/lib/snapd/snaps/snapd_20671.snap /snap/snapd/20671 -o ro,nodev,allow_other,suid
1 S 1000000     3920    3494  0  80   0 -  1083 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/lxd_26093.snap /snap/lxd/26093 -o ro,nodev,allow_other,suid
1 S 1000000     3923    3494  0  80   0 -  1083 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core22_864.snap /snap/core22/864 -o ro,nodev,allow_other,suid
1 S 1000000     3926    3494  0  80   0 -  1083 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core20_2105.snap /snap/core20/2105 -o ro,nodev,allow_other,suid
0 S 1000000     4133    3296  0  80   0 - 532949 -     14:49 ?        00:00:00 /usr/lib/snapd/snapd
0 S 1000000     4169    3494  0  80   0 - 477745 -     14:49 ?        00:00:00 /usr/lib/snapd/snapd
1 S 1000000     4328    3593  0  80   0 -  1124 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core20_2015.snap /snap/core20/2015 -o ro,nodev,allow_other,suid
1 S 1000000     4329    3593  0  80   0 -  1191 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/avahi_316.snap /snap/avahi/316 -o ro,nodev,allow_other,suid
1 S 1000000     4338    3593  0  80   0 -  1124 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/avahi_310.snap /snap/avahi/310 -o ro,nodev,allow_other,suid
1 S 1000000     4339    3593  0  80   0 -  1192 -      14:49 ?        00:00:02 snapfuse /var/lib/snapd/snaps/snapd_20671.snap /snap/snapd/20671 -o ro,nodev,allow_other,suid
1 S 1000000     4342    3593  0  80   0 -  1228 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core20_2105.snap /snap/core20/2105 -o ro,nodev,allow_other,suid
1 S 1000000     4343    3593  0  80   0 -  1174 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/lxd_24322.snap /snap/lxd/24322 -o ro,nodev,allow_other,suid
1 S 1000000     4345    3593  0  80   0 -  1124 -      14:49 ?        00:00:00 snapfuse /var/lib/snapd/snaps/snapd_20290.snap /snap/snapd/20290 -o ro,nodev,allow_other,suid
0 S 1000000     4544    3593  0  80   0 - 496211 -     14:49 ?        00:00:00 /usr/lib/snapd/snapd
1 S 1000000     5903    3837  0  80   0 -  1178 -      14:49 ?        00:00:02 snapfuse /var/lib/snapd/snaps/snapd_19993.snap /snap/snapd/19993 -o ro,nodev,allow_other,suid
0 S 1000000     6045    3837 75  80   0 - 891513 -     14:50 ?        00:04:35 /usr/lib/snapd/snapd
1 S 1000000     6882    3837  0  80   0 -  1184 -      14:51 ?        00:00:00 snapfuse /var/lib/snapd/snaps/core20_2015.snap /snap/core20/2015 -o ro,nodev,allow_other,suid
0 S 1000000     6899    1601 12  80   0 - 786410 -     14:52 ?        00:00:30 /usr/lib/snapd/snapd
stgraber commented 10 months ago

Then you should just remove the snapd package from that container. apt remove --purge snapd

Note that the images that we produce do not include snapd out of the box, so newer containers shouldn't have this problem.

mcesaro commented 10 months ago

@stgraber That solved it! My bad for not figuring out that the images from canonical included snapd by default. Thank you very much.