-
Story
-
Resolution: Done
-
Undefined
-
None
-
None
-
3
-
False
-
-
False
-
rhel-container-tools
-
-
-
RUN 270
[2753541970] Upstream Reporter: jgperin
Upstream issue status: Closed
Upstream description:
Issue Description
https://docs.podman.io/en/latest/_static/api.html#tag/containers/operation/ContainerCreateLibpod
r_limits
hard integer Hard is the hard limit for the specified type
soft integer Soft is the soft limit for the specified type
There is no direct reference to Ulimits.
https://github.com/containers/podman/pull/19879
In PR 19879 Podman added support for passing Ulimits as -1 to mean min / max
Steps to reproduce the issue
/podman-py containers_create https://github.com/containers/podman-py/blob/main/podman/domain/containers_create.py
for item in args.pop("ulimits", []): params["r_limits"].append( { "type": item["Name"], "hard": item["Hard"], "soft": item["Soft"], } )Code Example
client.containers.create(image=img, command=['/bin/bash'], ulimits=[{"Name": "memlock", "Soft": -1, "Hard": -1}])
Describe the results you received
podman.errors.exceptions.APIError: 500 Server Error: Internal Server Error (decode(): json: cannot unmarshal number -1 into Go struct field POSIXRlimit.r_limits.hard of type uint64)
Describe the results you expected
Expected successful creation of container with memlock min/max set to maximum values.
podman info output
[root@omitted]# podman info host: arch: amd64 buildahVersion: 1.33.11 cgroupControllers: - cpuset - cpu - cpuacct - blkio - memory - devices - freezer - net_cls - perf_event - net_prio - hugetlb - pids - rdma cgroupManager: systemd cgroupVersion: v1 conmon: package: conmon-2.1.10-1.module+el8.10.0+90449+0b7c8529.x86_64 path: /usr/bin/conmon version: 'conmon version 2.1.10, commit: 753128cb76d643886a978dba99fab8017289372d' cpuUtilization: idlePercent: 99.97 systemPercent: 0.01 userPercent: 0.02 cpus: 56 databaseBackend: sqlite distribution: distribution: ol variant: server version: "8.3" eventLogger: file freeLocks: 2047 hostname: omitted idMappings: gidmap: null uidmap: null kernel: 5.4.17-2011.7.4.el8uek.x86_64 linkmode: dynamic logDriver: k8s-file memFree: 142581444608 memTotal: 200959377408 networkBackend: cni networkBackendInfo: backend: cni dns: package: podman-plugins-4.9.4-18.0.1.module+el8.10.0+90449+0b7c8529.x86_64 path: /usr/libexec/cni/dnsname version: |- CNI dnsname plugin version: 1.4.0-dev commit: unknown CNI protocol versions supported: 0.1.0, 0.2.0, 0.3.0, 0.3.1, 0.4.0, 1.0.0 package: containernetworking-plugins-1.4.0-5.module+el8.10.0+90449+0b7c8529.x86_64 path: /usr/libexec/cni ociRuntime: name: runc package: runc-1.1.12-5.module+el8.10.0+90449+0b7c8529.x86_64 path: /usr/bin/runc version: |- runc version 1.1.12 spec: 1.0.2-dev go: go1.22.7 (Red Hat 1.22.7-1.module+el8.10.0+90426+810ab996) libseccomp: 2.5.2 os: linux pasta: executable: "" package: "" version: "" remoteSocket: exists: true path: /run/podman/podman.sock security: apparmorEnabled: false capabilities: CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT rootless: false seccompEnabled: true seccompProfilePath: /usr/share/containers/seccomp.json selinuxEnabled: false serviceIsRemote: false slirp4netns: executable: /bin/slirp4netns package: slirp4netns-1.2.0-2.module+el8.8.0+21045+adcb6a64.x86_64 version: |- slirp4netns version 1.2.0 commit: 656041d45cfca7a4176f6b7eed9e4fe6c11e8383 libslirp: 4.4.0 SLIRP_CONFIG_VERSION_MAX: 3 libseccomp: 2.5.2 swapFree: 4294963200 swapTotal: 4294963200 uptime: 1341h 26m 16.00s (Approximately 55.88 days) variant: "" plugins: authorization: null log: - k8s-file - none - passthrough - journald network: - bridge - macvlan - ipvlan volume: - local registries: search: - container-registry.oracle.com - docker.io store: configFile: /etc/containers/storage.conf containerStore: number: 1 paused: 0 running: 1 stopped: 0 graphDriverName: overlay graphOptions: overlay.mountopt: nodev,metacopy=on graphRoot: /var/lib/containers/storage graphRootAllocated: 75125227520 graphRootUsed: 63892619264 graphStatus: Backing Filesystem: xfs Native Overlay Diff: "false" Supports d_type: "true" Supports shifting: "false" Supports volatile: "false" Using metacopy: "true" imageCopyTmpDir: /var/tmp imageStore: number: 33 runRoot: /run/containers/storage transientStore: false volumePath: /var/lib/containers/storage/volumes version: APIVersion: 4.9.4-rhel Built: 1732729681 BuiltTime: Wed Nov 27 17:48:01 2024 GitCommit: "" GoVersion: go1.22.7 (Red Hat 1.22.7-1.module+el8.10.0+90426+810ab996) Os: linux OsArch: linux/amd64 Version: 4.9.4-rhelPodman in a container
Yes
Privileged Or Rootless
Privileged
Upstream Latest Release
Yes
Additional environment details
Additional environment details
Additional information
Additional information like issue happens only occasionally or issue happens with a particular architecture or on a particular setting
Upstream URL: https://github.com/containers/podman/issues/24886
- links to