tripleo

podman 2.x halved the pid limits by default from 4096 to 2048

Bug #1915122 reported by Michele Baldessari on 2021-02-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	tripleo	Fix Released	High	Michele Baldessari	tripleo wallaby-3

Bug Description

With both podman 2.0.x and podman 2.2.x I observe the following behaviour:
[root@ctrl-1-0 containers]# podman run --rm -it --net=host --name 'pids' edecd409281d sh -c 'cat /sys/fs/cgroup/pids/pids.max'
2048
[root@ctrl-1-0 containers]# rpm -q podman
podman-2.2.1-3.module+el8.3.1+9392+c5f6d096.x86_64

With podman-1.6.4 the global default pid-limits was hardcoded to 4096 and we had no way to tweak it.

With podman 2.X it is possible to override this in /etc/containers/containers.conf like this:
[root@ctrl-1-0 containers]# more /etc/containers/containers.conf
[containers]
pids_limit=6666

[root@ctrl-1-0 containers]# podman run --rm -it --net=host --name 'pids' edecd409281d sh -c 'cat /sys/fs/cgroup/pids/pids.max'
6666

We should make sure that at the very least we default to 4096 and let the operator override it.

Tags:

Revision history for this message

Michele Baldessari (michele) wrote on 2021-02-09:

https://review.opendev.org/c/openstack/tripleo-heat-templates/+/774513
https://review.opendev.org/c/openstack/tripleo-ansible/+/774512

Alex Schultz (alex-schultz) on 2021-02-16

Changed in tripleo:
status:	Triaged → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.