Automatically set GOMEMLIMIT based on cgroups memory limits#8814
Merged
naemono merged 2 commits intoelastic:mainfrom Sep 8, 2025
Merged
Automatically set GOMEMLIMIT based on cgroups memory limits#8814naemono merged 2 commits intoelastic:mainfrom
naemono merged 2 commits intoelastic:mainfrom
Conversation
Signed-off-by: Michael Montgomery <mmontg1@gmail.com>
naemono
requested review from
barkbay,
Copilot,
kvalliyurnatt,
pebrc and
rhr323
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds the automemlimit library to automatically set GOMEMLIMIT to 90% of the container's cgroup memory limit, making Go's garbage collector more aggressive as memory usage approaches the defined container limit.
- Adds automemlimit dependency to automatically manage Go's memory limit
- Imports the library with a blank import to activate its side effects
- Includes documentation comment explaining the 90% memory limit behavior
Reviewed Changes
Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| go.mod | Adds automemlimit and memory dependencies as indirect imports |
| cmd/main.go | Imports automemlimit library with blank import and explanatory comment |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
Collaborator
🎉 Snyk checks have passed. No issues have been found so far.✅ security/snyk check is complete. No issues have been found. (View Details) ✅ license/snyk check is complete. No issues have been found. (View Details) |
Signed-off-by: Michael Montgomery <mmontg1@gmail.com>
🔍 Preview links for changed docs |
kvalliyurnatt
approved these changes
Sep 8, 2025
alexlebens
pushed a commit
to alexlebens/infrastructure
that referenced
this pull request
Oct 31, 2025
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [eck-operator](https://github.com/elastic/cloud-on-k8s) | minor | `3.1.0` -> `3.2.0` | --- ### Release Notes <details> <summary>elastic/cloud-on-k8s (eck-operator)</summary> ### [`v3.2.0`](https://github.com/elastic/cloud-on-k8s/releases/tag/v3.2.0) [Compare Source](elastic/cloud-on-k8s@v3.1.0...v3.2.0) ### Elastic Cloud on Kubernetes 3.2.0 - [Quickstart guide](https://www.elastic.co/docs/deploy-manage/deploy/cloud-on-k8s#eck-quickstart) ##### Release Highlights ##### Automatic pod disruption budget (Enterprise feature) ECK now offers better out-of-the-box PodDisruptionBudgets that automatically keep your cluster available as Pods move across nodes. The new policy calculates the number of Pods per tier that can sustain replacement and automatically generates a PodDisruptionBudget for each tier, enabling the Elasticsearch cluster to vacate Kubernetes nodes more quickly, while considering cluster health, without interruption. ##### User Password Generation (Enterprise feature) ECK will now generate longer passwords by default for the administrative user of each Elasticsearch cluster. The password is 24 characters in length by default (can be configured to a maximum of 72 characters), incorporating alphabetic and numeric characters, to make password complexity stronger. ##### Features and enhancements - Enable certificate reloading for stack monitoring Beats [#​8833](elastic/cloud-on-k8s#8833) (issue: [#​5448](elastic/cloud-on-k8s#5448)) - Allow configuration of file-based password character set and length [#​8817](elastic/cloud-on-k8s#8817) (issues: [#​2795](elastic/cloud-on-k8s#2795), [#​8693](elastic/cloud-on-k8s#8693)) - Automatically set GOMEMLIMIT based on cgroups memory limits [#​8814](elastic/cloud-on-k8s#8814) (issue: [#​8790](elastic/cloud-on-k8s#8790)) - Introduce granular PodDisruptionBudgets based on node roles [#​8780](elastic/cloud-on-k8s#8780) (issue: [#​2936](elastic/cloud-on-k8s#2936)) ##### Fixes - Gate advanced Fleet config logic to Agent v8.13 and later [#​8869](elastic/cloud-on-k8s#8869) - Ensure Agent configuration and state persist across restarts in Fleet mode [#​8856](elastic/cloud-on-k8s#8856) (issue: [#​8819](elastic/cloud-on-k8s#8819)) - Do not set credentials label on Kibana config secret [#​8852](elastic/cloud-on-k8s#8852) (issue: [#​8839](elastic/cloud-on-k8s#8839)) - Allow elasticsearchRef.secretName in Kibana helm validation [#​8822](elastic/cloud-on-k8s#8822) (issue: [#​8816](elastic/cloud-on-k8s#8816)) ##### Documentation improvements - Update Logstash recipes from to filestream input [#​8801](elastic/cloud-on-k8s#8801) - Recipe for exposing Fleet server to outside of the Kubernetes cluster [#​8788](elastic/cloud-on-k8s#8788) - Clarify secretName restrictions [#​8782](elastic/cloud-on-k8s#8782) - Update ES\_JAVA\_OPTS comments and explain auto-heap behavior [#​8753](elastic/cloud-on-k8s#8753) ##### Dependency updates - github.com/gkampitakis/go-snaps v0.5.13 => v0.5.15 - github.com/hashicorp/vault/api v1.20.0 => v1.22.0 - github.com/KimMachineGun/automemlimit => v0.7.4 - github.com/prometheus/client\_golang v1.22.0 => v1.23.2 - github.com/prometheus/common v0.65.0 => v0.67.1 - github.com/sethvargo/go-password v0.3.1 => REMOVED - github.com/spf13/cobra v1.9.1 => v1.10.1 - github.com/spf13/pflag v1.0.6 => v1.0.10 - github.com/spf13/viper v1.20.1 => v1.21.0 - github.com/stretchr/testify v1.10.0 => v1.11.1 - golang.org/x/crypto v0.40.0 => v0.43.0 - k8s.io/api v0.33.2 => v0.34.1 - k8s.io/apimachinery v0.33.2 => v0.34.1 - k8s.io/client-go v0.33.2 => v0.34.1 - k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 => v0.0.0-20250604170112-4c0f3b243397 - sigs.k8s.io/controller-runtime v0.21.0 => v0.22.2 - sigs.k8s.io/controller-tools v0.18.0 => v0.19.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNTUuNCIsInVwZGF0ZWRJblZlciI6IjQxLjE1NS40IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJjaGFydCJdfQ==--> Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/1911 Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net> Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resolves #8790
This adds automemlimit to the ECK operator to automatically set GOMEMLIMIT to 90% of the CGroup's memory limit. This essentially makes golang's garbage collector more aggressive once memory usage has hit 90% of the defined memory limit for the container.
More information about GOMEMLIMIT here.
TODO