From 3a3c19cf5118896edc6d0c60a826e722c1e64bfa Mon Sep 17 00:00:00 2001 From: Egor Lazarchuk Date: Thu, 14 Aug 2025 13:34:22 +0100 Subject: [PATCH] chore: add a note about jailer performance scaling Jailer startup time is dependent on the number of mount points in the system and number of jailers starting in parallel. Signed-off-by: Egor Lazarchuk --- docs/jailer.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/jailer.md b/docs/jailer.md index 2495039b5cf..5fda82154e7 100644 --- a/docs/jailer.md +++ b/docs/jailer.md @@ -279,6 +279,14 @@ Note: default value for `` is `/run/firecracker.socket`. ### Known limitations +- The time it takes to create a jail depends on the number of mount points in + the system and the number of jailers starting at the same time. Due to the + number of mount points playing a bigger role in jailer slowdown, it is + recommended to keep the number of mount points in a system to a minimum. The + approximate slowdown of the jail creation time is: + - 2x when 10 jails are created in parallel with 0 mount points in the system + - 10x when 10 jails are created in parallel with 500 mount points in the + system. - When passing the --daemonize option to Firecracker without the --new-ns-pid option, the Firecracker process will have a different PID than the Jailer process and killing the Jailer will not kill the Firecracker process. As a