Clarify that nproc is not for per container

Fix ulimit nproc spec in daemon Signed-off-by: Harry Zhang <harryzhang@zju.edu.cn>
2015-06-28 22:40:53 +08:00
parent 7277df6cee
commit db7a29716e
2 changed files with 20 additions and 0 deletions
--- a/docs/reference/commandline/run.md
+++ b/docs/reference/commandline/run.md
@ -480,3 +480,19 @@ available in the default container, you can set these using the `--ulimit` flag.

 The values are sent to the appropriate `syscall` as they are set.
 Docker doesn't perform any byte conversion. Take this into account when setting the values.
+
+#### For `nproc` usage:
+
+Be careful setting `nproc` with the `ulimit` flag as `nproc` is designed by Linux to set the
+maximum number of processes available to a user, not to a container.  For example, start four
+containers with `daemon` user:
+
+
+    docker run -d -u daemon --ulimit nproc=3 busybox top
+    docker run -d -u daemon --ulimit nproc=3 busybox top
+    docker run -d -u daemon --ulimit nproc=3 busybox top
+    docker run -d -u daemon --ulimit nproc=3 busybox top
+
+The 4th container fails and reports "[8] System error: resource temporarily unavailable" error. 
+This fails because the caller set `nproc=3` resulting in the first three containers using up 
+the three processes quota set for the `daemon` user.