Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Critical
Fix Version/s: 4.20.0
Affects Version/s: 4.20
Component/s: Node / CRI-O
Labels:
None

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Story Points:
None
Severity:
None
Regression:
Yes

Target Backport Versions:
None
Target Version:

4.20.z
Release Blocker:
Rejected
Sprint:
None

RH Private Keywords:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Impact Score:

Release Note Status:
Proposed
Release Note Type:
Known Issue
Release Note Text:

Hide
* Starting with OCP 4.20, there is a decrease in the default maximum open files soft limit for containers. As a consequence, end users may experience application failures. To work around this problem, increase the container runtimes (CRI-O) ulimit configuration. (OCPBUGS-62095).

Show
* Starting with OCP 4.20, there is a decrease in the default maximum open files soft limit for containers. As a consequence, end users may experience application failures. To work around this problem, increase the container runtimes (CRI-O) ulimit configuration. ( OCPBUGS-62095 ).

Escape Reason:
None
Escape Impact:
None
Corrective Measures:
None
SDLC stage when should've been found:
None

Description of problem:

On recent OCP 4.20 buids, the containes seem to have tighter limits on max open files (ulimit -n) than previous OCP version (1024 vs 1048576)

This breaks existing applications.

Version-Release number of selected component (if applicable):

    4.20.0-0.nightly-2025-09-19-231410

How reproducible:

    Always

Steps to Reproduce:

# Create

oc create -f - <<EOF
apiVersion: batch/v1
kind: Job
metadata:
  name: ulimit-check
spec:
  template:
    spec:
      containers:
      - name: ulimit
        image: quay.io/fedora/fedora:42
        command: ["ulimit", "-n"]
      restartPolicy: Never
  backoffLimit: 0
EOF

# Check logs of the container

Actual results:

Expected results:

Additional info:

This seem to break things, specifically,  I have noticed this while testing the Serverless Operator, its kourier-gateway crashes due to its inability to open new sockets even during parallel e2e test runs, not just performance tests)

causes

SRVKS-1330 On OCP 4.20, 3scale-kourier-gateway crashing due to "socket(2) failed, got error: Too many open files"

depends on

OCPBUGS-62327 [4.21] "ulimit -n" just 1024 (instead of 1048576)

Verified

is cloned by

OCPBUGS-62327 [4.21] "ulimit -n" just 1024 (instead of 1048576)

Verified

links to

openshift/machine-config-operator#5308: OCPBUGS-62095: CRI-O: set hard/soft file descriptor ulimits to `1048576`

Assignee:: Sascha Grunert

Reporter:: Marek Schmidt

Need Info From:: None

Contributors:: None

QA Contact:: Min Li

Doc Contact:: Katie Drake

Votes:: 0 Vote for this issue

Watchers:: 13 Start watching this issue

Created:: 2025/09/23 10:11 AM

Updated:: 2025/10/15 4:50 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates