问题
I wasn't able to find straight answer, to this question, but here it is:
Let's say that I have a host which has max open files 1024:
[root@host]# ulimit -a
open files (-n) 1024
and a docker container running in that host with:
[root@container]# ulimit -a
open files (-n) 1048576
So will I have a problem in container if I try to open more then 1024 files? I think real limit in this case for container will be 1024 files. What do you think?
回答1:
Although its a little bit late, I just want to clear the doubts about the difference in ulimit.
If you do net set the value when running the container, the ulimit value displayed within the container comes from the host OS. The question is then why are you seeing a different value when running the same command from the host?
This is because when running the command in the host, it is showing its soft limit. On the other hand, the value that the container is showing is the hard limit of the host OS. The reason for this is you are allowed to cross the soft limit. So in a sense, hard limit is actually the real limit. You can find more about ulimit in this link.
To see the hard limit just type the following command
ulimit -Hn
You will see that the values match.
N.B. You can not cross the hard limit but you can increase it if you are the root.
回答2:
The real limit will be 1048576.
Have a look at the right part of this image, which shows that containers are basically just isolated processes, running on the same operating system:
As every system call in the container will be handled directly by the host OS, the ulimit that is displayed (1048576) comes directly from the host OS and that is the value that will be used.
The difference in the ulimits could have been caused by a Docker configuration, for example.
(Note that for VMs, this will be different: The guest OS might display a value of 1048576, but the open calls will in the end be handled by the host OS, which will impose the limit of 1024)
来源:https://stackoverflow.com/questions/46211558/ulimits-in-docker-host-vs-container