I have a strange situation where for some VMs (lxd) the memory limit is not applied and the VM sees all the memory of the node. This happens for Centos 8 image (Opennebula marketplace) but not for Ubuntu 20.10.
The templates are identical. How can I investigate this behaviour further?
Can you verify that the container ignoring the limit has the
limits.memory attribute in the config. You can verify it by issuing on the hypervisor host a
lxc config show one-<vm_id>.
I checked the container config on the hosting node and it seemed ok. After more trials I saw it has something to do with the Security Privileged flag. If it’s set to “yes” the limit is applied. What’s odd is that it is not consistent for two VMs with different linuxes (although I reckon that should not matter).
Anyway, since I want to have the LXD containers running in unprivileged mode I ended up tweaking the ruby file that launches the containers to set the flag to false always and it is fine for now, things are working the way I want.
Thank you for replying!