docker icon indicating copy to clipboard operation
docker copied to clipboard

Published 20 hours ago verified publisher icon projectatomic

Increase default max pid limit

Open haircommander opened this issue 5 years ago • 5 comments

Users were surprised by the suddenly low pid limit on their pods. Change the default to something higher, such as the theoretical maximum number of pids on a 32 bit system.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1696752

Signed-off-by: Peter Hunt [email protected]

haircommander avatar Apr 05 '19 15:04 haircommander

This will allow a couple of pods to cause DOS to other containers on the system. The reason the number was low was to allow lots of containers to run without one container using up all of the pids.

rhatdan avatar Apr 05 '19 15:04 rhatdan

@rhatdan @mrunalp what is a good default then? 8196?

haircommander avatar Apr 18 '19 13:04 haircommander

@haircommander Hard to say.

rhatdan avatar Apr 18 '19 13:04 rhatdan

As a user not thinking about this feature, I'd expect my pods to have as many pids as possible. I.E. we should allow them to DOS their system. If they then decide that isn't good, they should change from the default.

haircommander avatar Apr 18 '19 13:04 haircommander

@haircommander This feature was demanded by our customers, they wanted to make sure that we picked good defaults.

rhatdan avatar Apr 18 '19 13:04 rhatdan