-
Story
-
Resolution: Done
-
Undefined
-
None
-
None
-
False
-
-
False
-
rhel-container-tools
-
-
-
8
-
RUN 263
[2672344019] Upstream Reporter: Jan Rodák
Upstream issue status: Closed
Upstream description:
Issue Description
If a container has a resource configuration set and is updated with the podman update command, the current resource configuration is replaced with a new resource configuration that does not reflect the previous configuration. Thus, if you change a single resource configuration field with podman update, the other fieald of resource configuration is set to its default values. See the reproducer example.
Steps to reproduce the issue
Steps to reproduce the issue
- podman run -dt --pids-limit 1024 --name hc1 quay.io/libpod/alpine:latest top
- podman inspect hc1 --format {{.HostConfig.PidsLimit}}
- Printed value: 1024
- podman update hc1 --memory 100Mb (You can change any other resource of your choice)
- podman inspect hc1 --format {{.HostConfig.Memory}}
- Printed value: 104857600
- podman inspect hc1 --format {{.HostConfig.PidsLimit}}
- This should print the value 1024 but the value is 0
For this reproduction, you can choose any of the podman update resource flags.
Describe the results you received
After the last podman update the memory is set to 104857600 and PidsLimit is 0.
Describe the results you expected
After the last podman update the memory is set to 104857600 and the PidsLimit is 1024.
podman info output
host: arch: arm64 buildahVersion: 1.37.5 cgroupControllers: - cpu - io - memory - pids cgroupManager: systemd cgroupVersion: v2 conmon: package: conmon-2.1.12-2.fc40.aarch64 path: /usr/bin/conmon version: 'conmon version 2.1.12, commit: ' cpuUtilization: idlePercent: 96.98 systemPercent: 0.51 userPercent: 2.51 cpus: 6 databaseBackend: sqlite distribution: distribution: fedora variant: workstation version: "40" eventLogger: journald freeLocks: 2047 hostname: fedora idMappings: gidmap: - container_id: 0 host_id: 1000 size: 1 - container_id: 1 host_id: 524288 size: 65536 uidmap: - container_id: 0 host_id: 1000 size: 1 - container_id: 1 host_id: 524288 size: 65536 kernel: 6.11.7-200.fc40.aarch64 linkmode: dynamic logDriver: journald memFree: 3495309312 memTotal: 8296726528 networkBackend: netavark networkBackendInfo: backend: netavark dns: package: aardvark-dns-1.12.2-2.fc40.aarch64 path: /usr/libexec/podman/aardvark-dns version: aardvark-dns 1.12.2 package: netavark-1.12.2-1.fc40.aarch64 path: /usr/libexec/podman/netavark version: netavark 1.12.2 ociRuntime: name: crun package: crun-1.17-1.fc40.aarch64 path: /usr/bin/crun version: |- crun version 1.17 commit: 000fa0d4eeed8938301f3bcf8206405315bc1017 rundir: /run/user/1000/crun spec: 1.0.0 +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL os: linux pasta: executable: /usr/bin/pasta package: passt-0^20241030.gee7d0b6-1.fc40.aarch64 version: | pasta 0^20241030.gee7d0b6-1.fc40.aarch64-pasta Copyright Red Hat GNU General Public License, version 2 or later <https://www.gnu.org/licenses/old-licenses/gpl-2.0.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. remoteSocket: exists: false path: /run/user/1000/podman/podman.sock rootlessNetworkCmd: pasta security: apparmorEnabled: false capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT rootless: true seccompEnabled: true seccompProfilePath: /usr/share/containers/seccomp.json selinuxEnabled: true serviceIsRemote: false slirp4netns: executable: "" package: "" version: "" swapFree: 8296329216 swapTotal: 8296329216 uptime: 0h 19m 42.00s variant: v8 plugins: authorization: null log: - k8s-file - none - passthrough - journald network: - bridge - macvlan - ipvlan volume: - local registries: search: - registry.fedoraproject.org - registry.access.redhat.com - docker.io store: configFile: /home/jrodak/.config/containers/storage.conf containerStore: number: 1 paused: 0 running: 1 stopped: 0 graphDriverName: overlay graphOptions: {} graphRoot: /home/jrodak/.local/share/containers/storage graphRootAllocated: 67014492160 graphRootUsed: 13588926464 graphStatus: Backing Filesystem: btrfs Native Overlay Diff: "true" Supports d_type: "true" Supports shifting: "false" Supports volatile: "true" Using metacopy: "false" imageCopyTmpDir: /var/tmp imageStore: number: 3 runRoot: /run/user/1000/containers transientStore: false volumePath: /home/jrodak/.local/share/containers/storage/volumes version: APIVersion: 5.2.5 Built: 1729814400 BuiltTime: Fri Oct 25 02:00:00 2024 GitCommit: "" GoVersion: go1.22.7 Os: linux OsArch: linux/arm64 Version: 5.2.5Podman in a container
No
Privileged Or Rootless
None
Upstream Latest Release
Yes
Additional environment details
Additional environment details
Additional information
It was found here.
Upstream URL: https://github.com/containers/podman/issues/24610
- links to