diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2020-05-11 14:10:05 +0200 |
---|---|---|
committer | Giuseppe Scrivano <gscrivan@redhat.com> | 2020-05-12 11:00:54 +0200 |
commit | 45e712a2c651f9baf41e89c94433bcfbfea7173b (patch) | |
tree | 5d7ee462405df755d295e11e7cfdb67b36d884b2 /cmd/podman | |
parent | 7837bf3c071f1259bc08d8f9e52ed2b4edbda428 (diff) | |
download | podman-45e712a2c651f9baf41e89c94433bcfbfea7173b.tar.gz podman-45e712a2c651f9baf41e89c94433bcfbfea7173b.tar.bz2 podman-45e712a2c651f9baf41e89c94433bcfbfea7173b.zip |
rootless: do not set pids limits with cgroupfs
and enable events tests.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'cmd/podman')
-rw-r--r-- | cmd/podman/common/specgen.go | 28 | ||||
-rw-r--r-- | cmd/podman/containers/create.go | 3 |
2 files changed, 18 insertions, 13 deletions
diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go index 664e66df8..1fabff378 100644 --- a/cmd/podman/common/specgen.go +++ b/cmd/podman/common/specgen.go @@ -8,12 +8,14 @@ import ( "strings" "time" + "github.com/containers/common/pkg/config" "github.com/containers/image/v5/manifest" "github.com/containers/libpod/cmd/podman/parse" "github.com/containers/libpod/libpod/define" ann "github.com/containers/libpod/pkg/annotations" envLib "github.com/containers/libpod/pkg/env" ns "github.com/containers/libpod/pkg/namespaces" + "github.com/containers/libpod/pkg/rootless" "github.com/containers/libpod/pkg/specgen" systemdGen "github.com/containers/libpod/pkg/systemd/generate" "github.com/containers/libpod/pkg/util" @@ -126,20 +128,23 @@ func getIOLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string) ( return io, nil } -func getPidsLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string) (*specs.LinuxPids, error) { +func getPidsLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string) *specs.LinuxPids { pids := &specs.LinuxPids{} - hasLimits := false - if c.CGroupsMode == "disabled" && c.PIDsLimit > 0 { - return nil, nil + if c.CGroupsMode == "disabled" && c.PIDsLimit != 0 { + return nil + } + if c.PIDsLimit < 0 { + if rootless.IsRootless() && containerConfig.Engine.CgroupManager != config.SystemdCgroupsManager { + return nil + } + pids.Limit = containerConfig.PidsLimit() + return pids } if c.PIDsLimit > 0 { pids.Limit = c.PIDsLimit - hasLimits = true + return pids } - if !hasLimits { - return nil, nil - } - return pids, nil + return nil } func getMemoryLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string) (*specs.LinuxMemory, error) { @@ -464,10 +469,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string if err != nil { return err } - s.ResourceLimits.Pids, err = getPidsLimits(s, c, args) - if err != nil { - return err - } + s.ResourceLimits.Pids = getPidsLimits(s, c, args) s.ResourceLimits.CPU, err = getCPULimits(s, c, args) if err != nil { return err diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go index 2ecdda2e0..5058cdfe5 100644 --- a/cmd/podman/containers/create.go +++ b/cmd/podman/containers/create.go @@ -168,6 +168,9 @@ func createInit(c *cobra.Command) error { if c.Flag("pid").Changed { cliVals.PID = c.Flag("pid").Value.String() } + if !c.Flag("pids-limit").Changed { + cliVals.PIDsLimit = -1 + } if c.Flag("cgroupns").Changed { cliVals.CGroupsNS = c.Flag("cgroupns").Value.String() } |