aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2017-11-20 12:50:55 -0500
committerAtomic Bot <atomic-devel@projectatomic.io>2017-11-20 20:12:43 +0000
commit5d52f74d2136786c2874898ad373808e25609545 (patch)
tree9e746f03bf559e07d73af7b2c184a48fcd1e037e
parent6e0944f2f128534caaf884251d1e42fa4f1ba235 (diff)
downloadpodman-5d52f74d2136786c2874898ad373808e25609545.tar.gz
podman-5d52f74d2136786c2874898ad373808e25609545.tar.bz2
podman-5d52f74d2136786c2874898ad373808e25609545.zip
Add support for Ulimits/Rlimits to kpod create/run
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #24 Approved by: mheon
-rw-r--r--cmd/kpod/spec.go28
-rw-r--r--test/kpod_run.bats17
2 files changed, 39 insertions, 6 deletions
diff --git a/cmd/kpod/spec.go b/cmd/kpod/spec.go
index d31f9c8ed..5033e9d09 100644
--- a/cmd/kpod/spec.go
+++ b/cmd/kpod/spec.go
@@ -7,6 +7,7 @@ import (
"github.com/docker/docker/daemon/caps"
"github.com/docker/docker/pkg/mount"
+ "github.com/docker/go-units"
spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/runtime-tools/generate"
"github.com/pkg/errors"
@@ -16,6 +17,22 @@ import (
"golang.org/x/sys/unix"
)
+func addRlimits(config *createConfig, g *generate.Generator) error {
+ var (
+ ul *units.Ulimit
+ err error
+ )
+
+ for _, u := range config.resources.ulimit {
+ if ul, err = units.ParseUlimit(u); err != nil {
+ return errors.Wrapf(err, "ulimit option %q requires name=SOFT:HARD, failed to be parsed", u)
+ }
+
+ g.AddProcessRlimits("RLIMIT_"+strings.ToUpper(ul.Name), uint64(ul.Soft), uint64(ul.Hard))
+ }
+ return nil
+}
+
func setupCapabilities(config *createConfig, configSpec *spec.Spec) error {
var err error
var caplist []string
@@ -131,6 +148,10 @@ func createConfigToOCISpec(config *createConfig) (*spec.Spec, error) {
g.AddProcessEnv(name, val)
}
+ if err := addRlimits(config, &g); err != nil {
+ return nil, err
+ }
+
configSpec := g.Spec()
if config.seccompProfilePath != "" && config.seccompProfilePath != "unconfined" {
@@ -154,12 +175,7 @@ func createConfigToOCISpec(config *createConfig) (*spec.Spec, error) {
}
/*
- // Rlimits []PosixRlimit // Where does this come from
- // Type string
- // Hard uint64
- // Limit uint64
- OOMScoreAdj: &config.resources.oomScoreAdj,
- },
+ OOMScoreAdj: &config.resources.oomScoreAdj,
Hooks: &configSpec.Hooks{},
//Annotations
Resources: &configSpec.LinuxResources{
diff --git a/test/kpod_run.bats b/test/kpod_run.bats
index bcc1d816d..203fcc0cc 100644
--- a/test/kpod_run.bats
+++ b/test/kpod_run.bats
@@ -90,3 +90,20 @@ function setup() {
# echo "$output"
# [ "$status" -eq 0 ]
}
+
+IMAGE="docker.io/library/fedora:latest"
+
+@test "run limits test" {
+
+ ${KPOD_BINARY} ${KPOD_OPTIONS} pull ${IMAGE}
+
+ run ${KPOD_BINARY} ${KPOD_OPTIONS} run --ulimit rtprio=99 --cap-add=sys_nice ${IMAGE} cat /proc/self/sched
+ echo $output
+ [ "$status" -eq 0 ]
+
+ run bash -c "export FOO=BAR; ${KPOD_BINARY} ${KPOD_OPTIONS} run --ulimit nofile=2048:2048 ${IMAGE} ulimit -n | tr -d '\r'"
+ echo $output
+ [ "$status" -eq 0 ]
+ [ "$output" = 2048 ]
+
+}