在Docker容器中运行时,JVM无法映射保留的内存
[英]JVM cant map reserved memory when running in Docker container
问题描述
I cant seem to run java at all in a Docker container on my server. 
我似乎无法在我的服务器上的Docker容器中运行java。 Even when issuing java -version , I get the following error. 即使发出java -version ,我也会收到以下错误。
root@86088d679103:/# java -version
OpenJDK 64-Bit Server VM warning: INFO: os::commit_memory(0x0000035ce1000000, 2555904, 1) failed; error='Operation not permitted' (errno=1)
#
# There is insufficient memory for the Java Runtime Environment to continue.
# Native memory allocation (mmap) failed to map 2555904 bytes for committing reserved memory.
# An error report file with more information is saved as:
# //hs_err_pid17.log
According to this, java can't map 2.5Mb of space for reserved memory? 据此,java无法为预留内存映射2.5Mb的空间? This does not seem right... 这似乎不对......
I have the full log included at the end, but for the sake of some extra information, my system is reporting the following: 我在最后包含了完整的日志,但为了获得一些额外的信息,我的系统报告了以下内容:
root@86088d679103:/# uname -m
x86_64
root@86088d679103:/# free -mh
total used free shared buffers cached
Mem: 15G 9.7G 5.8G 912K 148M 8.9G
-/+ buffers/cache: 639M 14G
Swap: 15G 0B 15G
Can anyone point me in the right direction? 谁能指出我正确的方向?
Full Log: https://gist.github.com/KayoticSully/e206c44681ce261674ba 完整日志: https : //gist.github.com/KayoticSully/e206c44681ce261674ba
Update 更新
@Yobert nailed the problem and I highly suggest you read through the comments and chat log. @Yobert解决了这个问题,我强烈建议你仔细阅读评论和聊天记录。 Good info in there. 好消息在那里。
For those who want the final command that made Java work: setfattr -n user.pax.flags -v "mr" /usr/bin/java 对于那些想要使Java工作的最终命令的人: setfattr -n user.pax.flags -v "mr" /usr/bin/java
If your distro does not have setfattr installed by default it should be included in the installable package attr through paceman, apt-get, etc. 如果您的发行版默认没有安装setfattr ,它应该通过paceman,apt-get等包含在可安装包中。
3 个解决方案
解决方案1
12 已采纳 2014-12-04 17:37:26
I had this same problem when using a Grsec enabled kernel. 使用支持Grsec的内核时,我遇到了同样的问题。 For java to play nice, I had to disable MPROTECT on the java binary. 为了让java玩得很好,我不得不在java二进制文件上禁用MPROTECT。 You can use the paxctl utility for this: 您可以使用paxctl实用程序:
paxctl -m /usr/lib/jvm/java-7-openjdk/jre/bin/java
You'll need to do paxctl -c on the binary first if you've never used it on that binary before: 如果您之前从未在二进制文件上使用它,则需要先对二进制文件执行paxctl -c :
paxctl -c /usr/lib/jvm/java-7-openjdk/jre/bin/java
More information about paxctl can be found at: http://en.wikibooks.org/wiki/Grsecurity/Additional_Utilities 有关paxctl的更多信息,请访问: http : //en.wikibooks.org/wiki/Grsecurity/Additional_Utilities
解决方案2
11 2016-04-08 19:27:46
I had the same problem when running Docker on Alpine Linux, after enabling PaX soft mode it worked: 在Alpine Linux上运行Docker时遇到了同样的问题,在启用PaX软模式后它运行了:
sysctl -w kernel.pax.softmode=1
Soft mode will disable most PaX features by default, therefore it is not recommended to enable it. 默认情况下,软模式将禁用大多数PaX功能,因此不建议启用它。 The proper way is to use paxctl, as already mentioned above. 正确的方法是使用paxctl,如上所述。
Also have a look here: https://en.wikibooks.org/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options#Support_soft_mode 另请看这里: https : //en.wikibooks.org/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options#Support_soft_mode
解决方案3
1 2016-07-28 16:51:45
This happened to me as well , We reduced the RAM size on our VM and after a couple of days started getting this error and service did not came up for ever. 这也发生在我身上,我们减少了我们的VM上的RAM大小,并在几天后开始出现这个错误并且服务没有出现。
Solution :: We reduced the heap size of the application or service having this issue and the service came up fine again. 解决方案::我们减少了具有此问题的应用程序或服务的堆大小,并且服务再次恢复正常。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.