Reduce Memory Consumption in Agent
Sysdig provides a configuration option called thin cointerface to reduce
the memory footprint in the agent. When the agent is installed as a
Kubernetes daemonset, you can optionally enable the thin cointerface in
- Reduces memory consumption
- Particularly useful on very large Kubernetes clusters (>10,000 pods)
- Less frequently used option which is therefore less battle-tested
- If a watch is dropped and re-list is required (e.g. in case of a network issue, and apiserver update, etc.), there is no cache to maintain the resources. In this case, the agent must process many additional events.
How It Works
In a typical Kubernetes cluster, two instances of agent daemonset are installed to retrieve the data. They are automatically connected to the Kubernetes API server to retrieve the metadata associated with the entities running on the cluster and sends the global Kubernetes state to the Sysdig backend. Sysdig uses this data to generate kube state metrics.
A delegated agent will not have a higher CPU or memory footprint than a non-delegated agent.
On very large Kubernetes clusters (in the range of 10,000 pods) or clusters with several replication controllers, the agent’s data ingestion can have a significant memory footprint on itself and on the Kubernetes API server. Thin cointerface is provided to reduce this impact.
Enabling this option changes the way the agent communicates with the API server and reduces the need to cache data, which in turn reduces the overall memory usage. Thin cointerface does this by moving some processing from the agent’s cointerface process to the dragent process. This change does not alter the data which is ultimately sent to the backend nor will it impact any Sysdig feature.
The thin cointerface feature is disabled by default.
Add the following in either the sysdig-agent’s
configmap or via