mirror of
https://github.com/containers/podman.git
synced 2025-11-30 18:18:18 +08:00
5ebba75dbd
the previous implementation was expecting the rlimits to be set for the entire process and clamping the values only when running as rootless. Change the implementation to always specify the expected values in the OCI spec file and do the clamping only when running as rootless and using the default values. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
29 lines
1.1 KiB
Markdown
29 lines
1.1 KiB
Markdown
####> This option file is used in:
|
|
####> podman create, run
|
|
####> If file is edited, make sure the changes
|
|
####> are applicable to all of those.
|
|
#### **--ulimit**=*option*
|
|
|
|
Ulimit options. Sets the ulimits values inside of the container.
|
|
|
|
--ulimit with a soft and hard limit in the format <type>=<soft limit>[:<hard limit>]. For example:
|
|
|
|
$ podman run --ulimit nofile=1024:1024 --rm ubi9 ulimit -n
|
|
1024
|
|
|
|
Set -1 for the soft or hard limit to set the limit to the maximum limit of the current
|
|
process. In rootful mode this is often unlimited.
|
|
|
|
|
|
If nofile and nproc are unset, a default value of 1048576 will be used, unless overridden
|
|
in containers.conf(5). However, if the default value exceeds the hard limit for the current
|
|
rootless user, the current hard limit will be applied instead.
|
|
|
|
Use **host** to copy the current configuration from the host.
|
|
|
|
Don't use nproc with the ulimit flag as Linux uses nproc to set the
|
|
maximum number of processes available to a user, not to a container.
|
|
|
|
Use the --pids-limit option to modify the cgroup control to limit the number
|
|
of processes within a container.
|