Browse Source

Add ContainerDefaultPidsLimit to set default pid limits in containers.conf

Starting With podman 2.X the default pids-limits has been halved from
4096 to 2048 (see the dep-on change Id5d5fb9d20c0295763c78171190b9eda13508617 for
more details).

Let's add a parameter to override this value so an operator can raise
this limit globally.

Depends-On: Id5d5fb9d20c0295763c78171190b9eda13508617
Change-Id: I38a72609e6495b979861105f321b5730669a6a2b
(cherry picked from commit 781beb7571)
(cherry picked from commit 3ac51218f7)
(cherry picked from commit c77472ec3b)
changes/67/775767/1
Michele Baldessari 6 months ago
parent
commit
1a17443160
  1. 7
      deployment/podman/podman-baremetal-ansible.yaml

7
deployment/podman/podman-baremetal-ansible.yaml

@ -53,6 +53,11 @@ parameters:
username: pa55word
'192.0.2.1:8787':
registry_username: password
ContainerDefaultPidsLimit:
type: number
default: 4096
description: Setting to configure the default pids_limit in /etc/container/container.conf.
This is supported starting with podman 2.0.x
SystemdDropInDependencies:
default: true
description: tell the container manager (e.g. paunch) to inject
@ -85,6 +90,7 @@ outputs:
# default that is overwritten by the heat -> dict conversion
container_registry_logins: {}
container_registry_logins_json: {get_param: ContainerImageRegistryCredentials}
container_default_pids_limit: {get_param: ContainerDefaultPidsLimit}
- name: Convert logins json to dict
set_fact:
@ -108,6 +114,7 @@ outputs:
tasks_from: tripleo_podman_install.yml
vars:
tripleo_container_registry_insecure_registries: "{{ container_registry_insecure_registries }}"
tripleo_container_default_pids_limit: "{{ container_default_pids_limit }}"
- name: Run podman login
include_role:

Loading…
Cancel
Save