mirror of https://github.com/k3s-io/k3s
bf111161b7
Automatic merge from submit-queue (batch tested with PRs 57973, 57990). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Set pids limit at pod level **What this PR does / why we need it**: Add a new Alpha Feature to set a maximum number of pids per Pod. This is to allow the use case where cluster administrators wish to limit the pids consumed per pod (example when running a CI system). By default, we do not set any maximum limit, If an administrator wants to enable this, they should enable `SupportPodPidsLimit=true` in the `--feature-gates=` parameter to kubelet and specify the limit using the `--pod-max-pids` parameter. The limit set is the total count of all processes running in all containers in the pod. **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: Fixes #43783 **Special notes for your reviewer**: **Release note**: ```release-note New alpha feature to limit the number of processes running in a pod. Cluster administrators will be able to place limits by using the new kubelet command line parameter --pod-max-pids. Note that since this is a alpha feature they will need to enable the "SupportPodPidsLimit" feature. ``` |
||
|---|---|---|
| .. | ||
| cpumanager | ||
| cpuset | ||
| devicemanager | ||
| util | ||
| BUILD | ||
| OWNERS | ||
| cgroup_manager_linux.go | ||
| cgroup_manager_linux_test.go | ||
| cgroup_manager_test.go | ||
| cgroup_manager_unsupported.go | ||
| container_manager.go | ||
| container_manager_linux.go | ||
| container_manager_linux_test.go | ||
| container_manager_stub.go | ||
| container_manager_unsupported.go | ||
| container_manager_windows.go | ||
| fake_internal_container_lifecycle.go | ||
| helpers_linux.go | ||
| helpers_linux_test.go | ||
| helpers_unsupported.go | ||
| internal_container_lifecycle.go | ||
| node_container_manager.go | ||
| node_container_manager_test.go | ||
| pod_container_manager_linux.go | ||
| pod_container_manager_stub.go | ||
| pod_container_manager_unsupported.go | ||
| qos_container_manager_linux.go | ||
| types.go | ||