diff options
Diffstat (limited to 'cmd/podman/common')
-rw-r--r-- | cmd/podman/common/create.go | 3 | ||||
-rw-r--r-- | cmd/podman/common/create_opts.go | 2 | ||||
-rw-r--r-- | cmd/podman/common/specgen.go | 29 |
3 files changed, 9 insertions, 25 deletions
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index f6fbe8e10..a26bbf718 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -330,8 +330,7 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet { "pid", "", "PID namespace to use", ) - createFlags.Int64Var( - &cf.PIDsLimit, + createFlags.Int64( "pids-limit", containerConfig.PidsLimit(), "Tune container pids limit (set 0 for unlimited, -1 for server defaults)", ) diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go index eafe7f090..a544846aa 100644 --- a/cmd/podman/common/create_opts.go +++ b/cmd/podman/common/create_opts.go @@ -66,7 +66,7 @@ type ContainerCLIOpts struct { OverrideArch string OverrideOS string PID string - PIDsLimit int64 + PIDsLimit *int64 Pod string PodIDFile string PreserveFDs uint diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go index eca0da32b..8d051ead7 100644 --- a/cmd/podman/common/specgen.go +++ b/cmd/podman/common/specgen.go @@ -7,14 +7,12 @@ import ( "strings" "time" - "github.com/containers/common/pkg/config" "github.com/containers/image/v5/manifest" "github.com/containers/libpod/v2/cmd/podman/parse" "github.com/containers/libpod/v2/libpod/define" ann "github.com/containers/libpod/v2/pkg/annotations" envLib "github.com/containers/libpod/v2/pkg/env" ns "github.com/containers/libpod/v2/pkg/namespaces" - "github.com/containers/libpod/v2/pkg/rootless" "github.com/containers/libpod/v2/pkg/specgen" systemdGen "github.com/containers/libpod/v2/pkg/systemd/generate" "github.com/containers/libpod/v2/pkg/util" @@ -127,25 +125,6 @@ func getIOLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts) (*specs.LinuxBlo return io, nil } -func getPidsLimits(c *ContainerCLIOpts) *specs.LinuxPids { - pids := &specs.LinuxPids{} - if c.CGroupsMode == "disabled" && c.PIDsLimit != 0 { - return nil - } - if c.PIDsLimit < 0 { - if rootless.IsRootless() && containerConfig.Engine.CgroupManager != config.SystemdCgroupsManager { - return nil - } - pids.Limit = containerConfig.PidsLimit() - return pids - } - if c.PIDsLimit > 0 { - pids.Limit = c.PIDsLimit - return pids - } - return nil -} - func getMemoryLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts) (*specs.LinuxMemory, error) { var err error memory := &specs.LinuxMemory{} @@ -457,7 +436,13 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string if err != nil { return err } - s.ResourceLimits.Pids = getPidsLimits(c) + if c.PIDsLimit != nil { + pids := specs.LinuxPids{ + Limit: *c.PIDsLimit, + } + + s.ResourceLimits.Pids = &pids + } s.ResourceLimits.CPU = getCPULimits(c) if s.ResourceLimits.CPU == nil && s.ResourceLimits.Pids == nil && s.ResourceLimits.BlockIO == nil && s.ResourceLimits.Memory == nil { s.ResourceLimits = nil |