From f393d32e9612b5ce140671ba3767e67d45b0d7fe Mon Sep 17 00:00:00 2001 From: Jordan Christiansen Date: Sat, 24 Oct 2020 22:35:29 -0500 Subject: Document how to enable CPU limit delegation Signed-off-by: Jordan Christiansen --- docs/source/markdown/podman-build.1.md | 12 ++++++++++-- docs/source/markdown/podman-create.1.md | 12 ++++++++++++ docs/source/markdown/podman-run.1.md | 12 ++++++++++++ 3 files changed, 34 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/source/markdown/podman-build.1.md b/docs/source/markdown/podman-build.1.md index 821324f84..83fc5f4ff 100644 --- a/docs/source/markdown/podman-build.1.md +++ b/docs/source/markdown/podman-build.1.md @@ -115,6 +115,10 @@ Limit the CPU CFS (Completely Fair Scheduler) period Limit the container's CPU usage. This flag tell the kernel to restrict the container's CPU usage to the period you specify. +On some systems, changing the CPU limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error + **--cpu-quota**=*limit* Limit the CPU CFS (Completely Fair Scheduler) quota @@ -123,6 +127,10 @@ Limit the container's CPU usage. By default, containers run with the full CPU resource. This flag tell the kernel to restrict the container's CPU usage to the quota you specify. +On some systems, changing the CPU limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error + **--cpu-shares**, **-c**=*shares* CPU shares (relative weight) @@ -787,9 +795,9 @@ registries.conf is the configuration file which specifies which container regist ## Troubleshooting -If you are using a useradd command within a Containerfile with a large UID/GID, it will create a large sparse file `/var/log/lastlog`. This can cause the build to hang forever. Go language does not support sparse files correctly, which can lead to some huge files being created in your container image. +### lastlog sparse file -### Solution +If you are using a useradd command within a Containerfile with a large UID/GID, it will create a large sparse file `/var/log/lastlog`. This can cause the build to hang forever. Go language does not support sparse files correctly, which can lead to some huge files being created in your container image. If you are using `useradd` within your build script, you should pass the `--no-log-init or -l` option to the `useradd` command. This option tells useradd to stop creating the lastlog file. diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md index 1f229a3a0..a5622e0df 100644 --- a/docs/source/markdown/podman-create.1.md +++ b/docs/source/markdown/podman-create.1.md @@ -107,6 +107,10 @@ Limit the CPU CFS (Completely Fair Scheduler) period Limit the container's CPU usage. This flag tell the kernel to restrict the container's CPU usage to the period you specify. +On some systems, changing the CPU limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error + **--cpu-quota**=*limit* Limit the CPU CFS (Completely Fair Scheduler) quota @@ -115,6 +119,10 @@ Limit the container's CPU usage. By default, containers run with the full CPU resource. This flag tell the kernel to restrict the container's CPU usage to the quota you specify. +On some systems, changing the CPU limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error + **--cpu-rt-period**=*microseconds* Limit the CPU real-time period in microseconds @@ -171,6 +179,10 @@ PID container CPU CPU share Number of CPUs. The default is *0.0* which means no limit. +On some systems, changing the CPU limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error + **--cpuset-cpus**=*cpus* CPUs in which to allow execution (0-3, 0,1) diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index b86c9b363..f46c0009e 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -120,6 +120,10 @@ Write the pid of the **conmon** process to a file. As **conmon** runs in a separ Limit the container's CPU usage by setting CPU CFS (Completely Fair Scheduler) period. +On some systems, changing the CPU limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error + **--cpu-quota**=*limit* Limit the CPU CFS (Completely Fair Scheduler) quota. @@ -128,6 +132,10 @@ Limit the container's CPU usage. By default, containers run with the full CPU resource. This flag tell the kernel to restrict the container's CPU usage to the quota you specify. +On some systems, changing the CPU limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error + **--cpu-rt-period**=*microseconds* Limit the CPU real-time period in microseconds. @@ -182,6 +190,10 @@ division of CPU shares: Number of CPUs. The default is *0.0* which means no limit. +On some systems, changing the CPU limits may not be allowed for non-root +users. For more details, see +https://github.com/containers/podman/blob/master/troubleshooting.md#26-running-containers-with-cpu-limits-fails-with-a-permissions-error + **--cpuset-cpus**=*number* CPUs in which to allow execution. Can be specified as a comma-separated list -- cgit v1.2.3-54-g00ecf