Skip to content

Commit

Permalink
Fixed podman update --pids-limit
Browse files Browse the repository at this point in the history 
Added the functionality for a user to update the PIDs limit for a
container.

Fixes: #16543

Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
  • Loading branch information
@jakecorrenti
jakecorrenti committed Dec 31, 2022
1 parent aeb36e5 commit 479052a
Show file tree
Hide file tree
Showing 5 changed files with 29 additions and 11 deletions.
15 changes: 8 additions & 7 deletions cmd/podman/common/create.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -329,13 +329,6 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions,
)
_ = cmd.RegisterFlagCompletionFunc(variantFlagName, completion.AutocompleteNone)

pidsLimitFlagName := "pids-limit"
createFlags.Int64(
pidsLimitFlagName, pidsLimit(),
"Tune container pids limit (set -1 for unlimited)",
)
_ = cmd.RegisterFlagCompletionFunc(pidsLimitFlagName, completion.AutocompleteNone)

platformFlagName := "platform"
createFlags.StringVar(
&cf.Platform,
Expand Down Expand Up @@ -898,6 +891,14 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions,
"Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:1000)",
)
_ = cmd.RegisterFlagCompletionFunc(deviceWriteIopsFlagName, completion.AutocompleteDefault)

pidsLimitFlagName := "pids-limit"
createFlags.Int64Var(
cf.PIDsLimit,
pidsLimitFlagName, pidsLimit(),
"Tune container pids limit (set -1 for unlimited)",
)
_ = cmd.RegisterFlagCompletionFunc(pidsLimitFlagName, completion.AutocompleteNone)
}
// anyone can use these
cpusFlagName := "cpus"
Expand Down
1 change: 1 addition & 0 deletions cmd/podman/common/create_opts.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,4 +92,5 @@ func DefineCreateDefaults(opts *entities.ContainerCreateOptions) {
opts.Ulimit = ulimits()
opts.SeccompPolicy = "default"
opts.Volume = volumes()
opts.PIDsLimit = &podmanConfig.ContainersConf.Containers.PidsLimit
}
2 changes: 1 addition & 1 deletion docs/source/markdown/options/pids-limit.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
####> This option file is used in:
####> podman create, run
####> podman create, run, update
####> If file is edited, make sure the changes
####> are applicable to all of those.
#### **--pids-limit**=*limit*
Expand Down
6 changes: 4 additions & 2 deletions docs/source/markdown/podman-update.1.md.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,8 @@ This command takes one argument, a container name or ID, alongside the resource

@@option memory-swappiness

@@option pids-limit


## EXAMPLEs

Expand All @@ -63,12 +65,12 @@ podman update --cpus=5 myCtr

update a container with all available options for cgroups v2
```
podman update --cpus 5 --cpuset-cpus 0 --cpu-shares 123 --cpuset-mems 0 --memory 1G --memory-swap 2G --memory-reservation 2G --blkio-weight-device /dev/zero:123 --blkio-weight 123 --device-read-bps /dev/zero:10mb --device-write-bps /dev/zero:10mb --device-read-iops /dev/zero:1000 --device-write-iops /dev/zero:1000 ctrID
podman update --cpus 5 --cpuset-cpus 0 --cpu-shares 123 --cpuset-mems 0 --memory 1G --memory-swap 2G --memory-reservation 2G --blkio-weight-device /dev/zero:123 --blkio-weight 123 --device-read-bps /dev/zero:10mb --device-write-bps /dev/zero:10mb --device-read-iops /dev/zero:1000 --device-write-iops /dev/zero:1000 --pids-limit 123 ctrID
```

update a container with all available options for cgroups v1
```
podman update --cpus 5 --cpuset-cpus 0 --cpu-shares 123 --cpuset-mems 0 --memory 1G --memory-swap 2G --memory-reservation 2G --memory-swappiness 50 ctrID
podman update --cpus 5 --cpuset-cpus 0 --cpu-shares 123 --cpuset-mems 0 --memory 1G --memory-swap 2G --memory-reservation 2G --memory-swappiness 50 --pids-limit 123 ctrID
```

## SEE ALSO
Expand Down
16 changes: 15 additions & 1 deletion test/e2e/update_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,8 @@ var _ = Describe("Podman update", func() {
"--memory", "1G",
"--memory-swap", "2G",
"--memory-reservation", "2G",
"--memory-swappiness", "50", ctrID}
"--memory-swappiness", "50",
"--pids-limit", "123", ctrID}

session = podmanTest.Podman(commonArgs)
session.WaitWithDefaultTimeout()
Expand Down Expand Up @@ -89,6 +90,12 @@ var _ = Describe("Podman update", func() {
Expect(session).Should(Exit(0))
Expect(session.OutputToString()).Should(ContainSubstring("123"))

// checking pids-limit
session = podmanTest.Podman([]string{"exec", "-it", ctrID, "cat", "/sys/fs/cgroup/pids/pids.max"})
session.WaitWithDefaultTimeout()
Expect(session).Should(Exit(0))
Expect(session.OutputToString()).Should(ContainSubstring("123"))

})

It("podman update container all options v2", func() {
Expand All @@ -114,6 +121,7 @@ var _ = Describe("Podman update", func() {
"--device-write-bps", "/dev/zero:10mb",
"--device-read-iops", "/dev/zero:1000",
"--device-write-iops", "/dev/zero:1000",
"--pids-limit", "123",
ctrID}

session = podmanTest.Podman(commonArgs)
Expand Down Expand Up @@ -169,6 +177,12 @@ var _ = Describe("Podman update", func() {
session.WaitWithDefaultTimeout()
Expect(session).Should(Exit(0))
Expect(session.OutputToString()).Should(ContainSubstring("5"))

// checking pids-limit
session = podmanTest.Podman([]string{"exec", "-it", ctrID, "cat", "/sys/fs/cgroup/pids.max"})
session.WaitWithDefaultTimeout()
Expect(session).Should(Exit(0))
Expect(session.OutputToString()).Should(ContainSubstring("123"))
})

It("podman update keep original resources if not overridden", func() {
Expand Down

0 comments on commit 479052a

Please sign in to comment.