cgroup_memory.v3.CgroupMemoryConfig is not able to read current memory
#40,668 opened on 2025年8月11日
Repository metrics
- Stars
- (27,997 stars)
- PR merge metrics
- (平均マージ 8d) (30d で 378 merged PRs)
説明
If you are reporting any crash or any potential security issue, do not open an issue in this repo. Please report the issue via emailing envoy-security@googlegroups.com where the issue will be triaged appropriately.
Title: cgroup_memory.v3.CgroupMemoryConfig is not able to read current memory from cgroups files.
Description: After specifying cgroup monitor there're errors visible in envoy logs. I verified that envoy user has access to the following file.
Repro steps: Run envoy with config that has cgroup_memory resource monitor specified. I could reproduce it in k8s and also in local Docker.
Admin and Stats Output: N/A
Config:
admin:
address:
socket_address: { address: 127.0.0.1, port_value: 9901 }
static_resources:
listeners:
- name: listener_0
address:
socket_address: { address: 127.0.0.1, port_value: 10000 }
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
codec_type: AUTO
route_config:
name: local_route
virtual_hosts:
- name: local_service
domains: ["*"]
routes:
- match: { prefix: "/" }
route: { cluster: some_service }
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
clusters:
- name: some_service
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: some_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: 1234
overload_manager:
refresh_interval: 0.1s
resource_monitors:
- name: "envoy.resource_monitors.cgroup_memory"
typed_config:
"@type": type.googleapis.com/envoy.extensions.resource_monitors.cgroup_memory.v3.CgroupMemoryConfig
actions:
- name: "envoy.overload_actions.stop_accepting_requests"
triggers:
- name: "envoy.resource_monitors.cgroup_memory"
threshold:
value: 0.9
Logs:
[2025-08-11 11:38:50.178][1][info][main] [source/server/overload_manager_impl.cc:754] Failed to update resource envoy.resource_monitors.cgroup_memory: Unable to read memory stats file at /sys/fs/cgroup/memory.current
[2025-08-11 11:38:50.279][1][info][main] [source/server/overload_manager_impl.cc:754] Failed to update resource envoy.resource_monitors.cgroup_memory: Unable to read memory stats file at /sys/fs/cgroup/memory.current
[2025-08-11 11:38:50.380][1][info][main] [source/server/overload_manager_impl.cc:754] Failed to update resource envoy.resource_monitors.cgroup_memory: Unable to read memory stats file at /sys/fs/cgroup/memory.current