Merge pull request #2073 from akto-api-security/feature/dashboard_mem…

…_fix calculate xmx memory dynamically
akto-api-security · Feb 10, 2025 · 9e60d36 · 9e60d36
2 parents f1be8f6 + ec3b0ab
commit 9e60d36
Show file tree

Hide file tree

Showing 3 changed files with 52 additions and 2 deletions.
diff --git a/apps/dashboard/Dockerfile b/apps/dashboard/Dockerfile
@@ -1,10 +1,17 @@
 FROM jetty:9.4-jre8
 USER root
 RUN apt-get update -y
-RUN apt-get install -y --no-install-recommends libpcap-dev
+RUN apt-get install -y --no-install-recommends libpcap-dev procps
 ADD ./target/dashboard.war /var/lib/jetty/webapps/root.war
 RUN echo "--module=http-forwarded" > /var/lib/jetty/start.d/http-forwarded.ini
 RUN echo "jetty.httpConfig.sendServerVersion=false" > /var/lib/jetty/start.d/server.ini
 RUN echo "org.slf4j.simpleLogger.log.org.eclipse.jetty.annotations.AnnotationParser=ERROR" >> /var/lib/jetty/start.d/server.ini
-ENV JAVA_OPTIONS="-XX:+ExitOnOutOfMemoryError"
+
+COPY set_xmx.sh /var/lib/jetty/set_xmx.sh
+RUN chmod +x /var/lib/jetty/set_xmx.sh
+
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]
 EXPOSE 8080
diff --git a/apps/dashboard/entrypoint.sh b/apps/dashboard/entrypoint.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# Run the memory calculation script to set JAVA_OPTIONS
+source /var/lib/jetty/set_xmx.sh
+
+# Start Jetty normally
+exec /docker-entrypoint.sh "$@"
diff --git a/apps/dashboard/set_xmx.sh b/apps/dashboard/set_xmx.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+echo "Running memory detection script..."
+
+# 1. Detect and read cgroup memory limits
+if [ -f /sys/fs/cgroup/memory.max ]; then
+    # cgroup v2
+    MEM_LIMIT_BYTES=$(cat /sys/fs/cgroup/memory.max)
+elif [ -f /sys/fs/cgroup/memory/memory.limit_in_bytes ]; then
+    # cgroup v1
+    MEM_LIMIT_BYTES=$(cat /sys/fs/cgroup/memory/memory.limit_in_bytes)
+else
+    # Fallback to free -b (bytes) if cgroup file not found
+    echo "Neither cgroup v2 nor v1 memory file found, defaulting to free -m"
+    MEM_LIMIT_BYTES=$(free -b | awk '/Mem:/ {print $2}')
+fi
+
+# 2. Handle edge cases: "max" means no strict limit or a very large limit
+if [ "$MEM_LIMIT_BYTES" = "max" ]; then
+    echo "Cgroup memory limit set to 'max', defaulting to free memory"
+    MEM_LIMIT_BYTES=$(free -b | awk '/Mem:/ {print $2}')
+fi
+
+# 3. Convert the memory limit from bytes to MB (integer division)
+MEM_LIMIT_MB=$((MEM_LIMIT_BYTES / 1024 / 1024))
+echo "Detected container memory limit: ${MEM_LIMIT_MB} MB"
+
+# 4. Calculate 80% of that limit for Xmx
+XMX_MEM=$((MEM_LIMIT_MB * 80 / 100))
+echo "Calculated -Xmx value: ${XMX_MEM} MB"
+
+# Export JAVA_OPTIONS so Jetty picks it up
+export JAVA_OPTIONS="-XX:+ExitOnOutOfMemoryError -Xmx${XMX_MEM}m"
+
+# Log the final JAVA_OPTIONS value
+echo "JAVA_OPTIONS set to: $JAVA_OPTIONS"