Support for pids_limit parameter in docker_container module (#49319)
* Support for pids_limit parameter in docker_container module This add pids_limit parameter support in docker_container module Fixes #43337 Signed-off-by: Akshay <akshay@localhost.localdomain> * Add changelog for pids_limit parameter Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com> * Remove unnecessary lines of code The map is needed if the names are different. Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com> * Update pids_limit option tests It also run for docker-py < 1.10.0 Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
This commit is contained in:
parent
9fd5d01d67
commit
597e449afe
3 changed files with 67 additions and 4 deletions
|
@ -0,0 +1,2 @@
|
|||
minor_changes:
|
||||
- "docker_container - Added support for ``pids_limit`` parameter in docker_container."
|
|
@ -408,6 +408,12 @@ options:
|
|||
description:
|
||||
- Set the PID namespace mode for the container.
|
||||
- Note that docker-py < 2.0 only supports 'host'. Newer versions allow all values supported by the docker daemon.
|
||||
pids_limit:
|
||||
description:
|
||||
- Set PIDs limit for the container. It accepts an integer value.
|
||||
- Set -1 for unlimited PIDs.
|
||||
type: int
|
||||
version_added: "2.8"
|
||||
privileged:
|
||||
description:
|
||||
- Give extended privileges to the container.
|
||||
|
@ -1012,6 +1018,7 @@ class TaskParameters(DockerBaseClass):
|
|||
self.oom_score_adj = None
|
||||
self.paused = None
|
||||
self.pid_mode = None
|
||||
self.pids_limit = None
|
||||
self.privileged = None
|
||||
self.purge_networks = None
|
||||
self.pull = None
|
||||
|
@ -1276,6 +1283,7 @@ class TaskParameters(DockerBaseClass):
|
|||
device_write_bps='device_write_bps',
|
||||
device_read_iops='device_read_iops',
|
||||
device_write_iops='device_write_iops',
|
||||
pids_limit='pids_limit',
|
||||
)
|
||||
|
||||
if self.client.docker_py_version >= LooseVersion('1.9') and self.client.docker_api_version >= LooseVersion('1.22'):
|
||||
|
@ -1686,10 +1694,6 @@ class Container(DockerBaseClass):
|
|||
self.parameters_map['expected_cmd'] = 'command'
|
||||
self.parameters_map['expected_devices'] = 'devices'
|
||||
self.parameters_map['expected_healthcheck'] = 'healthcheck'
|
||||
self.parameters_map['device_read_bps'] = 'device_read_bps'
|
||||
self.parameters_map['device_write_bps'] = 'device_write_bps'
|
||||
self.parameters_map['device_read_iops'] = 'device_read_iops'
|
||||
self.parameters_map['device_write_iops'] = 'device_write_iops'
|
||||
|
||||
def fail(self, msg):
|
||||
self.parameters.client.module.fail_json(msg=msg)
|
||||
|
@ -1814,6 +1818,7 @@ class Container(DockerBaseClass):
|
|||
device_write_bps=host_config.get('BlkioDeviceWriteBps'),
|
||||
device_read_iops=host_config.get('BlkioDeviceReadIOps'),
|
||||
device_write_iops=host_config.get('BlkioDeviceWriteIOps'),
|
||||
pids_limit=host_config.get('PidsLimit'),
|
||||
)
|
||||
# Options which don't make sense without their accompanying option
|
||||
if self.parameters.restart_policy:
|
||||
|
@ -2782,6 +2787,7 @@ class AnsibleDockerClientContainer(AnsibleDockerClient):
|
|||
sysctls=dict(docker_py_version='1.10.0', docker_api_version='1.24'),
|
||||
userns_mode=dict(docker_py_version='1.10.0', docker_api_version='1.23'),
|
||||
uts=dict(docker_py_version='3.5.0', docker_api_version='1.25'),
|
||||
pids_limit=dict(docker_py_version='1.10.0', docker_api_version='1.23'),
|
||||
# specials
|
||||
ipvX_address_supported=dict(docker_py_version='1.9.0', detect_usage=detect_ipvX_address_usage,
|
||||
usage_msg='ipv4_address or ipv6_address in networks'),
|
||||
|
@ -2937,6 +2943,7 @@ def main():
|
|||
output_logs=dict(type='bool', default=False),
|
||||
paused=dict(type='bool', default=False),
|
||||
pid_mode=dict(type='str'),
|
||||
pids_limit=dict(type='int'),
|
||||
privileged=dict(type='bool', default=False),
|
||||
published_ports=dict(type='list', aliases=['ports'], elements='str'),
|
||||
pull=dict(type='bool', default=False),
|
||||
|
|
|
@ -2773,6 +2773,60 @@
|
|||
- pid_mode_3 is changed
|
||||
when: docker_py_version is version('2.0.0', '<')
|
||||
|
||||
####################################################################
|
||||
## pids_limit ######################################################
|
||||
####################################################################
|
||||
|
||||
- name: pids_limit
|
||||
docker_container:
|
||||
image: alpine:3.8
|
||||
command: '/bin/sh -c "sleep 10m"'
|
||||
name: "{{ cname }}"
|
||||
state: started
|
||||
pids_limit: 10
|
||||
register: pids_limit_1
|
||||
ignore_errors: yes
|
||||
|
||||
- name: pids_limit (idempotency)
|
||||
docker_container:
|
||||
image: alpine:3.8
|
||||
command: '/bin/sh -c "sleep 10m"'
|
||||
name: "{{ cname }}"
|
||||
state: started
|
||||
pids_limit: 10
|
||||
register: pids_limit_2
|
||||
ignore_errors: yes
|
||||
|
||||
- name: pids_limit (changed)
|
||||
docker_container:
|
||||
image: alpine:3.8
|
||||
command: '/bin/sh -c "sleep 10m"'
|
||||
name: "{{ cname }}"
|
||||
state: started
|
||||
pids_limit: 20
|
||||
force_kill: yes
|
||||
register: pids_limit_3
|
||||
ignore_errors: yes
|
||||
|
||||
- name: cleanup
|
||||
docker_container:
|
||||
name: "{{ cname }}"
|
||||
state: absent
|
||||
force_kill: yes
|
||||
diff: no
|
||||
|
||||
- assert:
|
||||
that:
|
||||
- pids_limit_1 is changed
|
||||
- pids_limit_2 is not changed
|
||||
- pids_limit_3 is changed
|
||||
when: docker_py_version is version('1.10.0', '>=')
|
||||
- assert:
|
||||
that:
|
||||
- pids_limit_1 is failed
|
||||
- "('version is ' ~ docker_py_version ~'. Minimum version required is 1.10.0') in pids_limit_1.msg"
|
||||
when: docker_py_version is version('1.10.0', '<')
|
||||
|
||||
####################################################################
|
||||
## privileged ######################################################
|
||||
####################################################################
|
||||
|
|
Loading…
Reference in a new issue