Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
03-28-2023 12:53 AM
Hello,
We're trying to avoid using too many containers. In order to reduce it, we have come up with two options for the automation:
Which of them will fit better?
Thanks,
Josep
04-11-2023 12:18 PM
Hi @Josep , I would love to understand what led you to want to limit containers. You can reference these Docker Server Configurations, particularly the containers.high.water.mark to understand how Cortex XSOAR handles containers per docker image. You may change this from the default of 20 to a lower number if you wish. The way to avoid docker memory issues would be through utilizing docker hardening. You can find detailed steps to do so here - https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Docker...
04-12-2023 03:53 AM
@amore we host 30 tenants in 3 hosts. Each host has more than 500 containers. I followed the documentation and restarted docker service and after that it dropped to 200s. Is an additional host the best way to handle all the these loads? Any other recommendation is greatly appreciated
04-12-2023 09:36 AM
Hi @EnesOzdemir , 200 containers is still high. Are your hosts meeting the MT sizing requirements stated here? The general recommendation is 1 tenant per host. If you have multiple tenants on a single host, you need to multiply the single tenant requirement by the times of tenants to find the host resource requirements. Highly recommend keeping the master in it's own host. For more detailed guidance please reach out to your Customer Success Architect available through our Premium Success offering.
04-13-2023 11:34 AM
We'd like to use fewer containers in order to control the containers perfomance. It's supposed not to use more than 200 ones. So the point is to try to create containers that can execute many automations/tasks without creating new ones.
04-19-2023 12:18 AM
We are constantly checking the resource usage and adding more resources as additional tenants are created.High container count is something we can't get rid of. Does the container count matter if you have enough resources?
04-19-2023 11:41 AM
Hi Josep,
Just following up on the previous suggestion. The containers.high.water.mark configuration adds an upper limit to the number of containers per image that will remain active and containers.low.water.mark is the corresponding lower limit. This means that at any point, there will be a number of active containers that correspond to the low water mark, in order to avoid the overhead of cold starting the container. Depending on your use cases, the containers required to process them may also vary with respect to dependencies. So, a single image solution is not the most effective one.
As per the previous recommendation, I would start by hardening docker (https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.10/Cortex-XSOAR-Administrator-Guide/Docker...) to keep docker in check.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
