search

microsoft / vscode-remote-release

Visual Studio Code Remote Development: Open any folder in WSL, in a Docker container, or on a remote machine using SSH and take advantage of VS Code's full feature set.
https://aka.ms/vscode-remote
Other
3.57k stars 266 forks source link

Host networking causes an explosion of Docker processes #9993

Open allsey87 opened 1 month ago

allsey87 commented 1 month ago

When I create a devcontainer with host networking and try to connect to a forwarded port, I am getting an explosion of Docker processes that keeps increasing until all memory has been consumed. I think this might be the underlying issue behind https://github.com/microsoft/vscode-remote-release/issues/4079 and https://github.com/microsoft/vscode-docker/issues/2875 too.

Setup information

$uname -a
Linux isengard 6.9.5-zen1-1-zen #1 ZEN SMP PREEMPT_DYNAMIC Sun, 16 Jun 2024 19:06:18 +0000 x86_64 GNU/Linux
$ docker --version
Docker version 26.1.4, build 5650f9b102
$code --version
1.90.2
5437499feb04f7a586f677b155b039bc2b3669eb
x64

And my version of the devcontainers extension is v0.369.0.

Minimum reproducible example

  1. Create an folder with the following content 
    $ tree -a
.
└── .devcontainer
├── devcontainer.json
└── Dockerfile

    devcontainer.json:

    {
"name": "temp",
"build": { "dockerfile": "Dockerfile" },
"runArgs": [
  "--network=host"
]
}

    Dockerfile:

    FROM python:3.11.6-slim-bookworm
  2. Forward a port such as 1234
  3. Outside of the container, connect to that port using the browser or curl https://localhost:1234/
  4. Watch the explosion of Docker processes until you shutdown curl or run out of memory and have to reboot. 
    [mallwright@isengard ~]$ ps -x | grep docker | wc -l
8
# started curl
[mallwright@isengard ~]$ ps -x | grep docker | wc -l
39
[mallwright@isengard ~]$ ps -x | grep docker | wc -l
51
[mallwright@isengard ~]$ ps -x | grep docker | wc -l
63
[mallwright@isengard ~]$ ps -x | grep docker | wc -l
74
[mallwright@isengard ~]$ ps -x | grep docker | wc -l
97
[mallwright@isengard ~]$ ps -x | grep docker | wc -l
108
# stopped curl
[mallwright@isengard ~]$ ps -x | grep docker | wc -l
8
[mallwright@isengard ~]$ ps -x | grep docker | wc -l
8

    Regarding how fast this is happening, I would say around 10 new processes are being created every second, consuming an additional 300 MB per second. I have 24 GB of RAM on my system so everything comes to a halt after about 10-15 seconds.

allsey87 commented 1 month ago

As a side note, this issue has emerged somewhat recently (in the past 2-3 months). Before that I had no problem using host networking.

chrmarti commented 3 weeks ago

I guess the port forwarding just keeps connecting to itself. The Dev Containers extension would need a way to tell VS Code that no port forwarding should be done to avoid this.

Workaround is to not forward any ports.

alexr00 commented 3 weeks ago

@chrmarti do you have an idea about why this only started a few months ago? We do have a way for the Dev Containers extension to VS Code that. Several options:

  1. Don't enable port forwarding with the setContext of forwardedPortsViewEnabled. This will not work if there's another extension, like Dev Tunnels, which also supports port forwarding installed.
  2. Register a tunnel provider that does nothing. Your tunnel provider will be used instead of VS Code's port fowarding:

https://github.com/microsoft/vscode/blob/0354163c1c66b950b0762364f5b4cd37937b624a/src/vscode-dts/vscode.proposed.tunnelFactory.d.ts#L45-L46

  1. Register a ports attributes provider and for each port return PortAutoForwardAction.Ignore:

https://github.com/microsoft/vscode/blob/fa74810f958f5896c87d538860b46a9d644e4ba3/src/vscode-dts/vscode.proposed.portsAttributes.d.ts#L98-L99

I think 2 is probably the best bet.

chrmarti commented 3 weeks ago

Sounds good. I'm not aware of changes that would explain the changed behavior.