opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-21 17:16:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #11794 from umohnani8/pid

Browse Source 
Allow a value of -1 to set unlimited pids limit
This commit is contained in:
OpenShift Merge Robot
2021-09-30 15:14:28 -04:00
committed by GitHub
parent 1f3e2ed74f c25cc7230f
commit 5c2204b5ce
5 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/podman/common/create.go
View File

@ -421,7 +421,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions,
pidsLimitFlagName := "pids-limit" pidsLimitFlagName := "pids-limit"
createFlags.Int64( createFlags.Int64(
pidsLimitFlagName, pidsLimit(), pidsLimitFlagName, pidsLimit(),
"Tune container pids limit (set 0 for unlimited, -1 for server defaults)", "Tune container pids limit (set -1 for unlimited)",
) )
_ = cmd.RegisterFlagCompletionFunc(pidsLimitFlagName, completion.AutocompleteNone) _ = cmd.RegisterFlagCompletionFunc(pidsLimitFlagName, completion.AutocompleteNone)

4
cmd/podman/containers/create.go
View File

@ -235,6 +235,10 @@ func CreateInit(c *cobra.Command, vals entities.ContainerCreateOptions, isInfra
if c.Flags().Changed("pids-limit") { if c.Flags().Changed("pids-limit") {
val := c.Flag("pids-limit").Value.String() val := c.Flag("pids-limit").Value.String()
// Convert -1 to 0, so that -1 maps to unlimited pids limit
if val == "-1" {
val = "0"
}
pidsLimit, err := strconv.ParseInt(val, 10, 32) pidsLimit, err := strconv.ParseInt(val, 10, 32)
if err != nil { if err != nil {
return vals, err return vals, err

2
docs/source/markdown/podman-create.1.md
View File

@ -732,7 +732,7 @@ Default is to create a private PID namespace for the container
#### **--pids-limit**=*limit* #### **--pids-limit**=*limit*
Tune the container's pids limit. Set `0` to have unlimited pids for the container. (default "4096" on systems that support PIDS cgroups). Tune the container's pids limit. Set `-1` to have unlimited pids for the container. (default "4096" on systems that support PIDS cgroups).
#### **--platform**=*OS/ARCH* #### **--platform**=*OS/ARCH*

2
docs/source/markdown/podman-run.1.md
View File

@ -756,7 +756,7 @@ The default is to create a private PID namespace for the container.
#### **--pids-limit**=*limit* #### **--pids-limit**=*limit*
Tune the container's pids limit. Set to **0** to have unlimited pids for the container. The default is **4096** on systems that support "pids" cgroup controller. Tune the container's pids limit. Set to **-1** to have unlimited pids for the container. The default is **4096** on systems that support "pids" cgroup controller.
#### **--platform**=*OS/ARCH* #### **--platform**=*OS/ARCH*

3
pkg/specgen/generate/validate.go
View File

@ -72,10 +72,9 @@ func verifyContainerResourcesCgroupV1(s *specgen.SpecGenerator) ([]string, error
// Pids checks // Pids checks
if s.ResourceLimits.Pids != nil { if s.ResourceLimits.Pids != nil {
pids := s.ResourceLimits.Pids
// TODO: Should this be 0, or checking that ResourceLimits.Pids // TODO: Should this be 0, or checking that ResourceLimits.Pids
// is set at all? // is set at all?
if pids.Limit > 0 && !sysInfo.PidsLimit { if s.ResourceLimits.Pids.Limit >= 0 && !sysInfo.PidsLimit {
warnings = append(warnings, "Your kernel does not support pids limit capabilities or the cgroup is not mounted. PIDs limit discarded.") warnings = append(warnings, "Your kernel does not support pids limit capabilities or the cgroup is not mounted. PIDs limit discarded.")
s.ResourceLimits.Pids = nil s.ResourceLimits.Pids = nil
} }