Docker image deploy ulimit and baseos

vndroid · November 24, 2023, 6:11am

According to the document Prerequisites and overview ,

If the user running SonarQube (sonarqube in this example) does not have permission to have at least 131072 open descriptors, you must insert this line in /etc/security/limits.d/99-sonarqube.conf (or /etc/security/limits.conf as you wish):

sonarqube   -   nofile   131072
sonarqube   -   nproc    8192

if I deploy it with a Docker container, the sonarqube running user in container is sonarqube , but in the host system, it is my general user kane ,

$ ps -ef | grep sonarq
kane        5016    4994  0 Jul13 ?        00:05:32 /opt/java/openjdk/bin/java -jar lib/sonarqube.jar -Dsonar.log.console=true

So how should a system restriction policy be written? kane or sonarqube?

davi.vidal · December 22, 2023, 1:56pm

Hi @vndroid, welcome to our community forums.

Sorry for the delayed response. We are reviewing that part of the documentation, but I don’t have an ETA on when that will be done.

As for your question, you might want to look at the docker run documentation itself on ulimit and sysctl.

Does that answer your question?