• [6.8.3] docker image huge amount of unnecessary writes on cache


    S1dney
    • Solved Urgent

    EDIT (March 9th 2021):

    Solved in 6.9 and up. Reformatting the cache to new partition alignment and hosting docker directly on a cache-only directory brought writes down to a bare minimum.

     

    ###

     

    Hey Guys,

     

    First of all, I know that you're all very busy on getting version 6.8 out there, something I'm very much waiting on as well. I'm seeing great progress, so thanks so much for that! Furthermore I won't be expecting this to be on top of the priority list, but I'm hoping someone of the developers team is willing to invest (perhaps after the release).

     

    Hardware and software involved:

    2 x 1TB Samsung EVO 860, setup with LUKS encryption in BTRFS RAID1 pool.

     

    ###

    TLDR (but I'd suggest to read on anyway 😀)

    The image file mounted as a loop device is causing massive writes on the cache, potentially wearing out SSD's quite rapidly.

    This appears to be only happening on encrypted caches formatted with BTRFS (maybe only in RAID1 setup, but not sure).

    Hosting the Docker files directory on /mnt/cache instead of using the loopdevice seems to fix this problem.

    Possible idea for implementation proposed on the bottom.

     

    Grateful for any help provided!

    ###

     

    I have written a topic in the general support section (see link below), but I have done a lot of research lately and think I have gathered enough evidence pointing to a bug, I also was able to build (kind of) a workaround for my situation. More details below.

     

    So to see what was actually hammering on the cache I started doing all the obvious, like using a lot of find commands to trace files that were written to every few minutes and also used the fileactivity plugin. Neither was able trace down any writes that would explain 400 GBs worth of writes a day for just a few containers that aren't even that active.

     

    Digging further I moved the docker.img to /mnt/cach/system/docker/docker.img, so directly on the BTRFS RAID1 mountpoint. I wanted to check whether the unRAID FS layer was causing the loop2 device to write this heavy. No luck either.

    This gave me a situation I was able to reproduce on a virtual machine though, so I started with a recent Debian install (I know, it's not Slackware, but I had to start somewhere ☺️). I create some vDisks, encrypted them with LUKS, bundled them in a BTRFS RAID1 setup, created the loopdevice on the BTRFS mountpoint (same of /dev/cache) en mounted it on /var/lib/docker. I made sure I had to NoCow flags set on the IMG file like unRAID does. Strangely this did not show any excessive writes, iotop shows really healthy values for the same workload (I migrated the docker content over to the VM).

     

    After my Debian troubleshooting I went back over to the unRAID server, wondering whether the loopdevice is created weirdly, so I took the exact same steps to create a new image and pointed the settings from the GUI there. Still same write issues. 

     

    Finally I decided to put the whole image out of the equation and took the following steps:

    - Stopped docker from the WebGUI so unRAID would properly unmount the loop device.

    - Modified /etc/rc.d/rc.docker to not check whether /var/lib/docker was a mountpoint

    - Created a share on the cache for the docker files

    - Created a softlink from /mnt/cache/docker to /var/lib/docker

    - Started docker using "/etc/rd.d/rc.docker start"

    - Started my BItwarden containers.

     

    Looking into the stats with "iotstat -ao" I did not see any excessive writing taking place anymore.

    I had the containers running for like 3 hours and maybe got 1GB of writes total (note that on the loopdevice this gave me 2.5GB every 10 minutes!)

     

    Now don't get me wrong, I understand why the loopdevice was implemented. Dockerd is started with options to make it run with the BTRFS driver, and since the image file is formatted with the BTRFS filesystem this works at every setup, it doesn't even matter whether it runs on XFS, EXT4 or BTRFS and it will just work. I my case I had to point the softlink to /mnt/cache because pointing it /mnt/user would not allow me to start using the BTRFS driver (obviously the unRAID filesystem isn't BTRFS). Also the WebGUI has commands to scrub to filesystem inside the container, all is based on the assumption everyone is using docker on BTRFS (which of course they are because of the container 😁)

    I must say that my approach also broke when I changed something in the shares, certain services get a restart causing docker to be turned off for some reason. No big issue since it wasn't meant to be a long term solution, just to see whether the loopdevice was causing the issue, which I think my tests did point out.

     

    Now I'm at the point where I would definitely need some developer help, I'm currently keeping nearly all docker container off all day because 300/400GB worth of writes a day is just a BIG waste of expensive flash storage. Especially since I've pointed out that it's not needed at all. It does defeat the purpose of my NAS and SSD cache though since it's main purpose was hosting docker containers while allowing the HD's to spin down.

     

    Again, I'm hoping someone in the dev team acknowledges this problem and is willing to invest. I did got quite a few hits on the forums and reddit without someone actually pointed out the root cause of issue.

     

    I missing the technical know-how to troubleshoot the loopdevice issues on a lower level, but have been thinking on possible ways to implement a workaround. Like adjusting the Docker Settings page to switch off the use of a vDisk and if all requirements are met (pointing to /mnt/cache and BTRFS formatted) start docker on a share on the /mnt/cache partition instead of using the vDisk.

    In this way you would still keep all advantages of the docker.img file (cross filesystem type) and users who don't care about writes could still use it, but you'd be massively helping out others that are concerned over these writes.

     

    I'm not attaching diagnostic files since they would probably not point out the needed.

    Also if this should have been in feature requests, I'm sorry. But I feel that, since the solution is misbehaving in terms of writes, this could also be placed in the bugreport section.

     

    Thanks though for this great product, have been using it so far with a lot of joy! 

    I'm just hoping we can solve this one so I can keep all my dockers running without the cache wearing out quick,

     

    Cheers!

     

    • Like 3
    • Thanks 17



    User Feedback

    Recommended Comments



    1 hour ago, Squid said:

    image.thumb.png.b7cb26a8bd493be3f7dc4750316f8c12.png

    I'm guessing this is from the 6.9 beta, but are we now assuming that best practice after 6.9 is to repartition to resolve the block allocations and not use a loopback for docker, but a share in the same way we would with anything else?

    Thus removing excess ssd wear at both the usual culprits with unraid?

    Link to comment

    Absolutely.  Seems to me though that anytime a loopback is used, there's always going to be a write penalty.  The other changes significantly reduced the writes.  The folder option should only remove them down to the absolute minimum.  It also solves some other problems (namely the image filling up if users have no idea how to properly configure a container)

    Link to comment
    1 hour ago, Squid said:

    Absolutely.  Seems to me though that anytime a loopback is used, there's always going to be a write penalty.  The other changes significantly reduced the writes.  The folder option should only remove them down to the absolute minimum.  It also solves some other problems (namely the image filling up if users have no idea how to properly configure a container)

    Fair enough, hopefully 6.9 wont be too long away and the migration path from old model to new wont be too impactful either.  

    Link to comment

    Just to add my two pence:

    image.png.edaafd1f9fa048823bfcfc0d63de4a30.png

     

    That's 141TB on a 128GB drive in 296.5 days. Basically the drive is a dead drive walking. 128 GB M.2 NVME in less than a year.

    Link to comment
    1 minute ago, OFark said:

    Just to add my two pence:

    image.png.edaafd1f9fa048823bfcfc0d63de4a30.png

     

    That's 141TB on a 128GB drive in 296.5 days. Basically the drive is a dead drive walking. 128 GB M.2 NVME in less than a year.

    Does it say how many bad or reallocated sectors it has on the drive?

     

    I have seen quite a few people in this thread with drives well over the rated TBW amounts and it got me curious how fast they degrade once you surpass it.

    Link to comment
    18 minutes ago, -Daedalus said:

    What utility are you guys using for those stats?

    It's in the SMART data for NVMe devices.

    Link to comment
    1 minute ago, mgutt said:

    Did you already disable HEALTHCHECK(s) and monitored the traffic that is targeting your docker.img as explained here?

    That's not the problem for me, it's mostly a VM, but since the fixes in v6.9 beta it's writing much less, the large number of writes happened before, with v6.8 it was writing around 3TB per day.

    Link to comment
    3 minutes ago, JorgeB said:

    it's mostly a VM

    Then you should consider passthroughing a (partition of an) USB drive instead of using a VM image file.

    Link to comment
    12 minutes ago, mgutt said:

    Then you should consider passthroughing a (partition of an) USB drive

    I don't use USB for array/pools, and currently is writing much less and an amount that I find acceptable, as it was before the NVMe would be at 1PB written by now.

    Link to comment

    Q: Post 6.9 RC2 upgrade, should we rebuilding/formatting the cache as XFS or BTRFS?

    Equally, what about the new settings in docker for data-root format? XFX or BTRFS?

    Link to comment

    A pool HAS to use BTRFS if it includes (or will in the future include) more than 1 drive.   If a pool is always going to be a single drive then XFS is more efficient and more resilient against crashes, but BTRFS has additional functionality.

    Link to comment
    1 hour ago, boomam said:

    Equally, what about the new settings in docker for data-root format? XFX or BTRFS?

    No fundamental difference between them.  The big difference is between the img (either XFS or BTRFS), or as a folder on the XFS / BTRFS device

    Link to comment
    13 minutes ago, itimpi said:

    A pool HAS to use BTRFS if it includes (or will in the future include) more than 1 drive.   If a pool is always going to be a single drive then XFS is more efficient and more resilient against crashes, but BTRFS has additional functionality.

     

    Just now, Squid said:

    No fundamental difference between them.  The big difference is between the img (either XFS or BTRFS), or as a folder on the XFS / BTRFS device

    Thanks.

    Both pool and docker.img are formatted at BTRFS, and the user script workaround on array start for 6.8.3 has been disabled.

    I assume from a write amplification bug, that this is as 'solved' as it gets? Or is there more for me to do?

    Link to comment
    1 minute ago, boomam said:

    Or is there more for me to do?

     

    You can (optionally) elect with the 6.9.0-rc2 release to not use an image file at all for docker containers and store the files directly on the target drive.

    Link to comment
    5 minutes ago, itimpi said:

     

    You can (optionally) elect with the 6.9.0-rc2 release to not use an image file at all for docker containers and store the files directly on the target drive.

    I saw that.

    What's the advantage to doing that?

    Link to comment
    4 minutes ago, boomam said:

    I saw that.

    What's the advantage to doing that?

     

    Not tried it myself so I do not really know.   Have been waiting to see feedback from those who have tried it do get a feel.

    Link to comment
    15 minutes ago, boomam said:

    What's the advantage to doing that?

    The absolute least amount of write-amplification, no pre-determined size of the image, but rather it'll grow / shrink according to its needs.

    • Like 2
    Link to comment
    4 minutes ago, Squid said:

    The absolute least amount of write-amplification, no pre-determined size of the image, but rather it'll grow / shrink according to its needs.

    That could be an advantage i suppose for those containers that by default, write their temp files into their own image, such as NextCloud.  

    May have to experiment once i've got everything behaving again.

    Link to comment
    6 hours ago, Squid said:

    The absolute least amount of write-amplification, no pre-determined size of the image, but rather it'll grow / shrink according to its needs.

    Is it as simple as a folder delete to destroy what was previously an image file ?

    Link to comment
    On 11/3/2020 at 2:50 AM, JorgeB said:

    image.png.f68b470cef2c5b832b835e38cb4278b9.png

    Still going strong for now.

    How are you getting those Tb amounts in the attribute screen?

    Link to comment



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Restore formatting

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Status Definitions

     

    Open = Under consideration.

     

    Solved = The issue has been resolved.

     

    Solved version = The issue has been resolved in the indicated release version.

     

    Closed = Feedback or opinion better posted on our forum for discussion. Also for reports we cannot reproduce or need more information. In this case just add a comment and we will review it again.

     

    Retest = Please retest in latest release.


    Priority Definitions

     

    Minor = Something not working correctly.

     

    Urgent = Server crash, data loss, or other showstopper.

     

    Annoyance = Doesn't affect functionality but should be fixed.

     

    Other = Announcement or other non-issue.