1 files changed, 22 insertions, 6 deletions

diff --git a/cmd/kpod/spec.go b/cmd/kpod/spec.go
index d31f9c8ed..5033e9d09 100644
--- a/cmd/kpod/spec.go
+++ b/cmd/kpod/spec.go
@@ -7,6 +7,7 @@ import (
 
 	"github.com/docker/docker/daemon/caps"
 	"github.com/docker/docker/pkg/mount"
+	"github.com/docker/go-units"
 	spec "github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/opencontainers/runtime-tools/generate"
 	"github.com/pkg/errors"
@@ -16,6 +17,22 @@ import (
 	"golang.org/x/sys/unix"
 )
 
+func addRlimits(config *createConfig, g *generate.Generator) error {
+	var (
+		ul  *units.Ulimit
+		err error
+	)
+
+	for _, u := range config.resources.ulimit {
+		if ul, err = units.ParseUlimit(u); err != nil {
+			return errors.Wrapf(err, "ulimit option %q requires name=SOFT:HARD, failed to be parsed", u)
+		}
+
+		g.AddProcessRlimits("RLIMIT_"+strings.ToUpper(ul.Name), uint64(ul.Soft), uint64(ul.Hard))
+	}
+	return nil
+}
+
 func setupCapabilities(config *createConfig, configSpec *spec.Spec) error {
 	var err error
 	var caplist []string
@@ -131,6 +148,10 @@ func createConfigToOCISpec(config *createConfig) (*spec.Spec, error) {
 		g.AddProcessEnv(name, val)
 	}
 
+	if err := addRlimits(config, &g); err != nil {
+		return nil, err
+	}
+
 	configSpec := g.Spec()
 
 	if config.seccompProfilePath != "" && config.seccompProfilePath != "unconfined" {
@@ -154,12 +175,7 @@ func createConfigToOCISpec(config *createConfig) (*spec.Spec, error) {
 	}
 
 	/*
-				// Rlimits []PosixRlimit // Where does this come from
-				// Type string
-				// Hard uint64
-				// Limit uint64
-				OOMScoreAdj: &config.resources.oomScoreAdj,
-			},
+			OOMScoreAdj: &config.resources.oomScoreAdj,
 			Hooks: &configSpec.Hooks{},
 			//Annotations
 				Resources: &configSpec.LinuxResources{