[BAM-21187] Add UI option to limit memory consumption for RSS containers in Bamboo - Create and track feature requests for Atlassian products.

Type: Suggestion
Resolution: Unresolved
Fix Version/s: None
Component/s: Bamboo Specs, Docker, Publishing / RSS
Labels:
None

UIS:
1
Support reference count:
2
Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

Problem Definition

Currently there's no way to set a memory limit for RSS containers

Suggested Solution

Add option to to limit the memory for a RSS containers

Why this is important

It's possible that a malicious code can consume all system available memory and eventually bring down the instance.

Workaround

Set a limit in Docker

cat /etc/systemd/system/docker_limit.slice
```
[Unit]
Description=Slice that limits docker resources
Before=slices.target

[Slice]
CPUAccounting=true
CPUQuota=90%
MemoryAccounting=true
MemoryHigh=1G
MemoryMax=1.2G
```
- MemoryLimit (cgroupv1) may be required instead of MemoryMax (cgroupv2) depending on the cgroup version in your OS: https://www.freedesktop.org/software/systemd/man/systemd.resource-control.html

cat /etc/docker/daemon.json

{
    "exec-opts": ["native.cgroupdriver=systemd"],
    "cgroup-parent": "docker_limit.slice"
}

Additionally you can limit Maven's heap size

Create a .mvn/jvm.config in the repository stored spec:
example
```
-Xmx128m -Xms128m
```

mentioned in: Bamboo Specs scans causes server to run out of resources

There are no comments yet on this issue.

Assignee:: Unassigned

Reporter:: Ricardo

Votes:: 2 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 16/Dec/2020 8:04 PM

Updated:: 18/Apr/2025 4:20 AM