Cannot set vm.max_map_count=262144 for Azure AppService hosting docker compose container

Kostya Malich 0 Reputation points
2024-04-15T17:40:54.97+00:00

I have an Azure App Service, which is running under linux App Service plan.
I deployed custom elasticsearch image via docker-compose to the app service.

The multicontainer app can be started successfully and works fine.

But I have a warning, that
"max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]"

...which is a blocker for me for deploying to prod instance.

The documentation says, that i need to simply execute sysctl **-w vm.max_map_count=262144
**
But I cannot.

  • Tried to execute that on container level via SSH (no luck, the file is readonly)
  • via kudu bash on appservice (the same readonly)
  • added that as part of startup bash for Dockerfile (still readonly)

Is there any other possibility to set that setting?

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,900 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. ajkuma 22,401 Reputation points Microsoft Employee
    2024-04-18T14:21:27.7+00:00

    @Kostya Malich, Firstly, apologies for a delayed response.

    Based on my comprehension of your scenario, I understand that , the vm.max_map_count parameter controls the maximum number of memory map areas a process may have, and Elasticsearch leverages a mmapfs directory by default to store its indices.

    In Azure Web Apps, direct access to system-level configurations like vm.max_map_count is restricted as the underlying infrastructure is managed by Azure. Based on your requirement, to have more control on the host system, you may want to consider using Azure VM /or Azure Elasticsearch Service.

     

    Check out these docs for more info:

    Linux apps in App Service run in their own containers. You have root access to the container but no access to the host operating system. Likewise, for apps running in Windows containers, you have administrative access to the container but no access to the host operating system.

     

    Similar discussion threads:

     If the answer helped (pointed, you in the right direction) > please click Accept Answer - it will help users to find the answers quickly.

    0 comments