Docker.io's ugly power grab

I recently spent a little while troubleshooting the battery life on my vintage ThinkPad x230 which is running Debian linux buster, as the power drain seemed to be mysteriously high. After poking around with the diagnostic tools, I was suprised to find according to powertop an ethernet device called nic:docker0 was consuming between 2-4W of power according to PowerTOP. This was occuring even with the docker service stopped or disabled and with docker network listing no networks.

That's a lot of power! I was a bit confused as to why this is happening, and internet searches turned up a few other people noticing the same, but little practical discussion about it, occasionally suggesting that PowerTOP is reading false results. I'm not so sure. From my light testing, the power drain is real, but fortunately it's not too hard to stop it.

Assuming you're not actively using docker, and you'd like to keep your battery consumption down, you can just disable the interface. On my debian laptop, this is as simple as running /sbin/ifconfig docker0 down . The interface goes away, the system power drain drops accordingly, and so far, I seem to be getting ~20% or so better battery life for unplugged usage, although I have not yet run any formal benchmarks.

What even is docker0?

So what is this mystery power hog? It's an ethernet bridge device. Docker is using it to join it's virtual container networks to your computer's usual networks, so you can network between them and the 'real world'. My assumption is that in the default configuration it's causing the physical network adapter in my laptop (which I almost never use, but I presume is GigE), to be somehow 'live', and it's drawing power even though it's not transmitting or receiving any packets or connected up to any wiring. Looks like the bridge gets setup when docker is installed, and the device subsequently isn't ever set 'down' when it isn't running.

I assume, like most docker things, the default networking setup is configured to be the most broadly useful and trouble free, and tweaking is reserved for the expert. I am fine with this. Broadly speaking this would seem to be the docker ethos, and it's got them a long way. It's always worth remembering that the 'docker magic' involves a whole bunch of things running below the abstractions, and if you use it a lot it's probably worth learning up on how it fits together to avoid being suprised.

I don't actually use docker very much, but I occasionally run a couple of things that want it, and it's a useful tool to have in the toolbox. Accordingly I am running the version packaged with debian buster, which reports itself as version 18.09.1 . I have done no particular further configuration of the networking or docker service.

My LXC doesn't seem to have the same issue.

I do use lxc/lxd a lot and I have a similar bridge device configured for my lxc containers to use. This does not seem to consume any particular power even when in use with containers running. I have been actively using LXC for years it's an essential part of my developer workflow (I use it to sandbox everything for reproducible builds or service testing, run database servers, etc.), so although I think I'm using the out-of-the-box packaged lxc-net service now, I have most certainly spent a lot of time carefully setting up my lxc-bridging by hand in the past, and I may have inherited some of that customisation through to the present day. I don't actually think this is true, but I mention it in the interest of full and fair disclosure.

sub-reddit for replies

posted by cms on 2019-03-17

tagged as