docker --version
Docker version 1.13.1, build 092cba3
- start a docker container (ubuntu)
docker run -it ubuntu bash
root@1834dea29581:/# apt-get update
root@1834dea29581:/# apt-get install vim -y
root@1834dea29581:/# adduser --home /home/foo foo
root@1834dea29581:/# su - foo
foo@1834dea29581:~$ touch test.sh
foo@1834dea29581:~$ chmod 755 test.sh
foo@1834dea29581:~$ vim test.sh
#!/bin/bash
count=0
while true
do
echo $count
sleep 100 &
count=$[$count+1]
done
- find the number of processes your user is running right now on your host (not in the container)
ps -eLf | grep ${LOGNAME}|wc -l
1245
- In the container, set a limit for the user (as root) and give a little bit overhead :
root@1834dea29581:/# echo "* soft nproc 1089" > /etc/security/limits.d/90-nprocs.conf
root@1834dea29581:/# su - foo
foo@1834dea29581:~$ ./test.sh
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
./test.sh: fork: retry: Resource temporarily unavailable
30
./test.sh: fork: retry: Resource temporarily unavailable
^C^C./test.sh: fork: retry: Resource temporarily unavailable
^C^C./test.sh: fork: retry: Resource temporarily unavailable