Dell Automation Platform: Java-Based Containers "OOMKilled" starting from at Kernel 6.12
Samenvatting: Java-based containerized applications (such as Keycloak) may experience unexpected termination due to out-of-memory (OOM) errors when running on Linux Kernel 6.12 or later. This issue stems from changes in how the kernel exposes "cgroup" memory limits. These changes affect the Java Virtual Machine's (JVM) ability to detect and respect container memory constraints correctly. ...
Dit artikel is van toepassing op
Dit artikel is niet van toepassing op
Dit artikel is niet gebonden aan een specifiek product.
Niet alle productversies worden in dit artikel vermeld.
Symptomen
For NativeEdge Dell Automation Platform 1.0, keycloak is getting OOMKilled during initialization. For example it may happen during the helm installation, when the keycloak pod is coming up.
Logs inside the keycloak end with:
Appending additional Java properties to JAVA_OPTS Changes detected in configuration. Updating the server image. Updating the configuration and installing your custom providers, if any. Please wait.
The description of the container shows:
State: Waiting Reason: CrashLoopBackOff Last State: Terminated Reason: OOMKilled
For other environments, it could be:
- The system terminates Java containers (for example,
keycloak, Kafka, Elasticsearch) with anOOMKilledstatus. - JVM reports unexpectedly high heap size estimates, often matching host memory rather than container limits.
- Memory tuning flags like
-XX:MaxRAMPercentageappear ineffective. - Logs may show messages such as:
[debug][os,container] controller memory is not enabled[debug][os,container] One or more required controllers disabled at kernel level
Oorzaak
Starting with Linux Kernel 6.12, the kernel no longer exposes
cgroup controller information by /proc/cgroups, which the JVM previously relied on to detect container memory limits. This change breaks container awareness in affected JVM versions, causing them to assume they have access to the full host memory. As a result, the JVM allocates more memory than the container allows, triggering the kernel's OOMkiller.
There are several issues for this in open-source projects:
Ubuntu 24.04.3 does not use the 6.12 Kernel by default. But some images are updated with 6.12, 6.13, 6.14 versions already (for example, in the AWS image library).
Oplossing
This issue is resolved from Dell Automated Platform 1.1 and later
If the issue is encountered on Dell Automated Platform 1.0 there are two possible quick workarounds.
- Temporarily increase the memory limits for the container. For example, here are steps to proceed with the installation of Dell Automation Platform, doubling the memory limit for the
keycloakcontainer.
To do so, you must run the following command (check your orchestrator namespace, for example, below
dapo is the default orchestrator namespace:
kubectl edit sts keycloak -n dapo
Find the memory limits and requests, and double them.
keycloak consumes lots of memory on the preparation step. This increase allowed us to pass this initialization step.
- Explicitly Set JVM Memory Limits
Use startup flags to manually restrict memory usage:
extraEnvVars:
- name: JAVA_OPTS_KC_HEAP
value: "-XX:MaxRAMPercentage=70 -XX:MinRAMPercentage=70 -XX:InitialRAMPercentage=50 -XX:MaxRAM=1G"Getroffen producten
Dell Automation Platform, NativeEdge Solutions, Dell Automation Platform Components, NativeEdgeArtikeleigenschappen
Artikelnummer: 000369678
Artikeltype: Solution
Laatst aangepast: 23 mei 2026
Versie: 4
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.