Skip to content

feat(base): disable proactive memory compaction in guest#2553

Merged
ValentaTomas merged 1 commit intomainfrom
feat/disable-proactive-compaction-base
May 4, 2026
Merged

feat(base): disable proactive memory compaction in guest#2553
ValentaTomas merged 1 commit intomainfrom
feat/disable-proactive-compaction-base

Conversation

@ValentaTomas
Copy link
Copy Markdown
Member

@ValentaTomas ValentaTomas commented May 4, 2026

Adds vm.compaction_proactiveness=0 to the base template's /etc/sysctl.conf so kcompactd no longer runs background page migrations in the guest.

With 2 MiB host-side hugepage backing of guest RAM, every migration dirties a destination hugepage from the host UFFD's perspective and lands in the next memfile diff — with no snapshot-aligned benefit. The pre-pause compact_memory write (#2551) does the work deterministically right before we capture state.

Existing templates inherit the change on rebuild.

@ValentaTomas
feat(base): disable proactive memory compaction in guest
479a399 
kcompactd's background migrations dirty destination 2 MiB host hugepages
without producing a snapshot-aligned benefit, inflating memfile diffs.
We trigger compaction explicitly pre-pause instead.
@cursor
Copy link
Copy Markdown

cursor Bot commented May 4, 2026
edited
Loading

PR Summary

Medium Risk
Kernel memory-tuning change applied to all rebuilt base templates could increase memory fragmentation or allocation latency under certain workloads; no direct security impact.

Overview
Updates the base template provisioning to append vm.compaction_proactiveness=0 to /etc/sysctl.conf, disabling kcompactd’s background memory compaction so snapshot diffs aren’t inflated by host-visible page migrations and compaction can be triggered deterministically before pause.

Reviewed by Cursor Bugbot for commit 479a399. Bugbot is set up for automated code reviews on this repo. Configure here.

@ValentaTomas ValentaTomas mentioned this pull request May 4, 2026
Open
@ValentaTomas ValentaTomas marked this pull request as ready for review May 4, 2026 01:42
claude[bot]
claude Bot reviewed May 4, 2026
View reviewed changes
Copy link
Copy Markdown

@claude claude Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, simple sysctl tweak with clear rationale tied to the pre-pause compaction trigger.

Extended reasoning...

Overview

Single-line addition to packages/orchestrator/pkg/template/build/phases/base/provision.sh that appends vm.compaction_proactiveness=0 to /etc/sysctl.conf in the base template, disabling kcompactd background page migration in the guest.

Security risks

None. This is a kernel tunable inside the guest VM that controls when the kernel does background memory compaction. It does not affect auth, isolation, or any host-facing surface.

Level of scrutiny

Low. The change is purely a guest-side performance/snapshot-size optimization with a well-explained rationale: with 2 MiB hugepage backing, kcompactd-driven page migrations dirty destination hugepages from the host UFFD perspective and bloat memfile diffs without workload benefit. The PR description references the companion PR (#2551) that adds an explicit pre-pause compact_memory write so compaction still happens deterministically at the right moment.

Other factors

The pattern matches the existing fs.inotify.max_user_watches line directly above it, the comment explains the why clearly, and existing templates inherit the change only on rebuild so rollout is gradual. No bug reports were filed.

@ValentaTomas ValentaTomas enabled auto-merge (squash) May 4, 2026 01:44
@ValentaTomas ValentaTomas requested a review from arkamar May 4, 2026 08:52
matthewlouisbrockman
matthewlouisbrockman approved these changes May 4, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@matthewlouisbrockman matthewlouisbrockman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, we need to make sure 2551 goes out at same time/first?

@ValentaTomas ValentaTomas merged commit 0892051 into main May 4, 2026
48 checks passed
@ValentaTomas ValentaTomas deleted the feat/disable-proactive-compaction-base branch May 4, 2026 18:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@claude claude[bot] claude[bot] left review comments

@matthewlouisbrockman matthewlouisbrockman matthewlouisbrockman approved these changes

@jakubno jakubno Awaiting requested review from jakubno jakubno is a code owner

@dobrac dobrac Awaiting requested review from dobrac dobrac is a code owner

@arkamar arkamar Awaiting requested review from arkamar

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ValentaTomas @matthewlouisbrockman @tvi @dobrac