如何在Docker中增加65536以上的TCP连接数

描述

我做了一个tcp连接testing,在主机上启动一个tcp服务器,并启动其他主机运行容器,在容器中连接到tcp服务器。

当连接总数(所有容器的所有连接数总和)几乎达到65535(例如:刚才的64512)时,另一个tcp连接抛出exception“连接超时”。

我试图用3个主机没有docker连接TCP服务器每个60K连接是好的,它说,TCP服务器做180K连接是好的。

重现问题的步骤: 1.在主机A中启动tcp服务器2.在主机B中启动容器C1 3.在C1中启动60K连接到tcp服务器4.启动主机B中的容器C2 5.在C2中启动60K连接到tcp服务器

描述你收到的结果:

总的TCP连接多于120K

描述你期望的结果:

每个60K连接在两个容器中共计120K连接而成。

您认为重要的其他信息(例如问题偶尔会发生):

主机configuration:

在主机“`root @ debian:〜#ulimit -n 800000 

net.ipv4.ip_local_port_range = 5000 65535 net.ipv4.tcp_mem = 8388608 12582912 16777216 net.ipv4.netfilter.ip_conntrack_max = 1000000 net.netfilter.nf_conntrack_max = 1000000 net.netfilter.nf_conntrack_count = 64515 net.nf_conntrack_max = 1000000 total used free shared buffers cached Mem: 986M 808M 178M 8.5M 5.0M 132M -/+ buffers/cache: 670M 316M Swap: 1.0G 872K 1.0G

“`

在容器“`ulimit -n 800000 

 net.ipv4.ip_local_port_range = 1024 65535 net.ipv4.netfilter.ip_conntrack_max = 1000000 net.netfilter.nf_conntrack_max = 1000000 net.netfilter.nf_conntrack_count = 6653 ```

docker version输出:

“`客户端:版本:17.03.1-ce API版本:1.27 Go版本:go1.7.5 Git commit:c6d412e内置:Mon Mar 27 17:07:28 2017 OS / Arch:linux / amd64 

 Server: Version: 17.03.1-ce API version: 1.27 (minimum version 1.12) Go version: go1.7.5 Git commit: c6d412e Built: Mon Mar 27 17:07:28 2017 OS/Arch: linux/amd64 Experimental: false

“`

docker info输出:

Containers: 6 Running: 2 Paused: 0 Stopped: 4 Images: 15 Server Version: 17.03.1-ce Storage Driver: aufs Root Dir: /var/lib/docker/aufs Backing Filesystem: extfs Dirs: 27 Dirperm1 Supported: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host macvlan null overlay Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: 4ab9917febca54791c5f071a9d1f404867857fcc runc version: 54296cf40ad8143b62dbcaa1d90e520a2136ddfe init version: 949e6fa Kernel Version: 3.16.0-4-amd64 Operating System: Debian GNU/Linux 8 (jessie) OSType: linux Architecture: x86_64 CPUs: 1 Total Memory: 986.9 MiB Name: debian ID: GEUG:DUKW:FDXQ:DFUP:GOI7:S4YO:GIH7:RX55:SQ6Z:ZZFQ:MEXB:2EHP Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ WARNING: No memory limit support WARNING: No swap limit support WARNING: No kernel memory limit support WARNING: No oom kill disable support WARNING: No cpu cfs quota support WARNING: No cpu cfs period support Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false

    Interesting Posts

    如何限制容器可用的Docker文件系统空间

    如何在Docker容器中设置核心文件大小?

    为正在运行的守护程序启用PAMconfiguration(limits.conf)

    Mongodb在内存不足时终止

    使用Docker-Compose和存储选项(大小)