opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-08-06 03:19:52 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove --kernel-memory options

Browse Source 
Kernel memory option has been depracated in runtime-spec,  It is
believed that it will not work properly on certain kernels.  runc
ignores it.

This PR removes documentation of the flag and also prints a warning if
a user uses it.

[NO NEW TESTS NEEDED]

Helps Fix: https://github.com/containers/podman/issues/12045

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
Daniel J Walsh
2021-10-20 10:54:13 -04:00
parent 54f2c9a540
commit 8e3760c29f
4 changed files with 7 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
docs/source/markdown/podman-create.1.md
View File

@ -487,18 +487,6 @@ Default is to create a private IPC namespace (POSIX SysV IPC) for the container
`host`: use the host shared memory,semaphores and message queues inside the container. Note: the host mode gives the container full access to local shared memory and is therefore considered insecure.
`ns:<path>` path to an IPC namespace to join.
#### **--kernel-memory**=*number[unit]*
Kernel memory limit (format: `<number>[<unit>]`, where unit = b (bytes), k (kilobytes), m (megabytes), or g (gigabytes))
Constrains the kernel memory available to a container. If a limit of 0
is specified (not using `--kernel-memory`), the container's kernel memory
is not limited. If you specify a limit, it may be rounded up to a multiple
of the operating system's page size and the value can be very large,
millions of trillions.
This flag is not supported on cgroups V2 systems.
#### **--label**, **-l**=*label*
Add metadata to a container (e.g., --label com.example.key=value)

12
docs/source/markdown/podman-run.1.md
View File

@ -512,18 +512,6 @@ a private IPC namespace.
- **host**: use the host shared memory,semaphores and message queues inside the container. Note: the host mode gives the container full access to local shared memory and is therefore considered insecure.
- **ns:**_path_: path to an IPC namespace to join.
#### **--kernel-memory**=_number_[_unit_]
Kernel memory limit. A _unit_ can be **b** (bytes), **k** (kilobytes), **m** (megabytes), or **g** (gigabytes).
Constrains the kernel memory available to a container. If a limit of 0
is specified (not using *--kernel-memory*), the container's kernel memory
is not limited. If you specify a limit, it may be rounded up to a multiple
of the operating system's page size and the value can be very large,
millions of trillions.
This flag is not supported on cgroups V2 systems.
#### **--label**, **-l**=*key*=*value*
Add metadata to a container.