Introduction
With the shift towards cloud-native architectures, containers are now critical to modern application development and deployment. Container performance is crucial not only for Oracle Cloud Infrastructure (OCI), but also for common customer scenarios such as DevOps pipelines, and other short-lived workloads where faster startup improves scaling responsiveness, accelerates deployment, and increases efficiency. While overall system performance is crucial, container startup time is particularly important for these short-lived workloads, as every second saved translates into faster builds, quicker iterations, and smoother scaling.
We have identified a kernel tunable in UEK8 that can reduce the bulk container startup time by up to 32%. In this blog, we share our findings and make recommendations for optimizing the container startup time.
Recommendations
Enable ‘favordynmods’ on UEK8 for situations where container boot time is the top priority – either via a kernel built with ‘CONFIG_CGROUP_FAVOR_DYNMODS=y’ (default-on) or by mounting the cgroup v2 hierarchy with the ‘favordynmods’ option.
What is favordynmods option?
Control groups (cgroups) are a core feature of the Linux kernel that governs how processes use system resources. Containers rely heavily on cgroups to manage resources during startup and runtime. Enabling ‘favordynmods’ prioritizes writes over reads, which reduces the latency for cgroup task migrations, and improve container startup time. The tradeoff, however, is that it makes forks and exits more expensive and increases the latency for reads – more common operations in most workloads. To address this, starting with kernel v6.0, ‘favordynmods’ was introduced as a tunable instead of a fixed compile-time choice, i.e., the option can be changed dynamically without requiring a reboot. Thus, giving users the flexibility to favor writes over reads as needed. If your kernel already includes ‘CONFIG_CGROUP_FAVOR_DYNMODS=y’, the optimization is active automatically. Otherwise, you must mount the cgroup v2 hierarchy with the ‘favordynmods’ option to enable it. Since this tunable applies to the entire hierarchy (not individual cgroups), it must be set at the top-level cgroup v2 mount.
Experimental Setup
Our test setup was comprised of 8-core Intel, AMD and Ampere based OCI virtual machines, each running Oracle Linux 9 with kernel version 6.12.0-103.40.4.2. For measuring the startup time, we used a workload which calculated the time required to start 100 containers using podman with the following scripts:
# Versions
podman version 5.4.0
crun version 1.23.1
# Pull the image
podman pull oraclelinux:9-slim
# Create 100 containers
cnt=100
for (( i=1;i<=$cnt; i++))
do
podman create --cpus 2 -m 4g --name test$i oraclelinux:9-slim
done
# start_podman.sh
# Start 100 containers, created above
cnt=100
for (( i=1;i<=$cnt; i++))
do
podman start test$i > /dev/null
done$ time bash ./start_podman.shImpact of favordynmods
The following figure shows the comparison for the startup time of 100 containers with ‘favordynmods’ disabled and enabled. The graph clearly shows that enabling ‘favordynmods’ improves performance across all tested systems, i.e., 15% for AMD, 20% for Intel and 32% for Ampere instances.
How to enable favordynmods?
So if ‘favordynmods’ can deliver these performance gains, the next question is: how easy is it to enable? The good news – it only takes a couple of simple steps. There are two ways to enable the feature for cgroups v2 (default on OL9):
- Build time: Recompile the kernel with ‘CONFIG_CGROUP_FAVOR_DYNMODS’ flag enabled. The feature will then be enabled automatically for all cgroup v2 mounts.
- Run time: If the kernel was not built with the option enabled, mount the cgroup v2 hierarchy with ‘favordynmods’ option.
# Default mount options for cgroup
mount | grep cgroup
cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,seclabel,nsdelegate,memory_recursiveprot)
# Mount with favordynmods
sudo mount -o remount,favordynmods /sys/fs/cgroup# Check whether cgroup is mounted with favordynmods
mount | grep cgroup
cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,seclabel,nsdelegate,<b>favordynmods</b>,memory_recursiveprot)A couple of points to note:
- The runtime mount option is not persistent across reboots, so it must be re-applied unless configured through a startup script or service unit.
- For cgroups v1, remounting with ‘favordynmods’ is not available, and the option has to be set at boot time by adding
cgroup_favordynmods=trueto the kernel command line in GRUB.
Summary
As containerized workloads continue to drive modern cloud applications, both system and startup performance matters. In this blog, we show that enabling ‘favordynmods’ option in UEK8 can significantly improve bulk container startup time by up to 32%. For containerized environments, where containers are frequently being created and destroyed to run short-lived workloads, we recommend enabling ‘favordynmods’ either by mounting cgroups with the option or by building the kernel with CONFIG_CGROUP_FAVOR_DYNMODS. These optimizations ensure faster container operations on Oracle Linux.