Podman REST API /libpod/containers/create "r_limits" is type integer <uint64> #24886
Description
Issue Description
https://docs.podman.io/en/latest/_static/api.html#tag/containers/operation/ContainerCreateLibpod
r_limits
hard integer
Hard is the hard limit for the specified type
soft integer
Soft is the soft limit for the specified type
There is no direct reference to Ulimits.
In PR 19879 Podman added support for passing Ulimits as -1 to mean min / max
Steps to reproduce the issue
/podman-py
containers_create
https://github.com/containers/podman-py/blob/main/podman/domain/containers_create.py
for item in args.pop("ulimits", []):
params["r_limits"].append(
{
"type": item["Name"],
"hard": item["Hard"],
"soft": item["Soft"],
}
)
Code Example
client.containers.create(image=img, command=['/bin/bash'], ulimits=[{"Name": "memlock", "Soft": -1, "Hard": -1}])
Describe the results you received
podman.errors.exceptions.APIError: 500 Server Error: Internal Server Error (decode(): json: cannot unmarshal number -1 into Go struct field POSIXRlimit.r_limits.hard of type uint64)
Describe the results you expected
Expected successful creation of container with memlock min/max set to maximum values.
podman info output
[root@omitted]# podman info
host:
arch: amd64
buildahVersion: 1.33.11
cgroupControllers:
- cpuset
- cpu
- cpuacct
- blkio
- memory
- devices
- freezer
- net_cls
- perf_event
- net_prio
- hugetlb
- pids
- rdma
cgroupManager: systemd
cgroupVersion: v1
conmon:
package: conmon-2.1.10-1.module+el8.10.0+90449+0b7c8529.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.1.10, commit: 753128cb76d643886a978dba99fab8017289372d'
cpuUtilization:
idlePercent: 99.97
systemPercent: 0.01
userPercent: 0.02
cpus: 56
databaseBackend: sqlite
distribution:
distribution: ol
variant: server
version: "8.3"
eventLogger: file
freeLocks: 2047
hostname: omitted
idMappings:
gidmap: null
uidmap: null
kernel: 5.4.17-2011.7.4.el8uek.x86_64
linkmode: dynamic
logDriver: k8s-file
memFree: 142581444608
memTotal: 200959377408
networkBackend: cni
networkBackendInfo:
backend: cni
dns:
package: podman-plugins-4.9.4-18.0.1.module+el8.10.0+90449+0b7c8529.x86_64
path: /usr/libexec/cni/dnsname
version: |-
CNI dnsname plugin
version: 1.4.0-dev
commit: unknown
CNI protocol versions supported: 0.1.0, 0.2.0, 0.3.0, 0.3.1, 0.4.0, 1.0.0
package: containernetworking-plugins-1.4.0-5.module+el8.10.0+90449+0b7c8529.x86_64
path: /usr/libexec/cni
ociRuntime:
name: runc
package: runc-1.1.12-5.module+el8.10.0+90449+0b7c8529.x86_64
path: /usr/bin/runc
version: |-
runc version 1.1.12
spec: 1.0.2-dev
go: go1.22.7 (Red Hat 1.22.7-1.module+el8.10.0+90426+810ab996)
libseccomp: 2.5.2
os: linux
pasta:
executable: ""
package: ""
version: ""
remoteSocket:
exists: true
path: /run/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: false
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: false
serviceIsRemote: false
slirp4netns:
executable: /bin/slirp4netns
package: slirp4netns-1.2.0-2.module+el8.8.0+21045+adcb6a64.x86_64
version: |-
slirp4netns version 1.2.0
commit: 656041d45cfca7a4176f6b7eed9e4fe6c11e8383
libslirp: 4.4.0
SLIRP_CONFIG_VERSION_MAX: 3
libseccomp: 2.5.2
swapFree: 4294963200
swapTotal: 4294963200
uptime: 1341h 26m 16.00s (Approximately 55.88 days)
variant: ""
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries:
search:
- container-registry.oracle.com
- docker.io
store:
configFile: /etc/containers/storage.conf
containerStore:
number: 1
paused: 0
running: 1
stopped: 0
graphDriverName: overlay
graphOptions:
overlay.mountopt: nodev,metacopy=on
graphRoot: /var/lib/containers/storage
graphRootAllocated: 75125227520
graphRootUsed: 63892619264
graphStatus:
Backing Filesystem: xfs
Native Overlay Diff: "false"
Supports d_type: "true"
Supports shifting: "false"
Supports volatile: "false"
Using metacopy: "true"
imageCopyTmpDir: /var/tmp
imageStore:
number: 33
runRoot: /run/containers/storage
transientStore: false
volumePath: /var/lib/containers/storage/volumes
version:
APIVersion: 4.9.4-rhel
Built: 1732729681
BuiltTime: Wed Nov 27 17:48:01 2024
GitCommit: ""
GoVersion: go1.22.7 (Red Hat 1.22.7-1.module+el8.10.0+90426+810ab996)
Os: linux
OsArch: linux/amd64
Version: 4.9.4-rhelPodman in a container
Yes
Privileged Or Rootless
Privileged
Upstream Latest Release
Yes
Additional environment details
Additional environment details
Additional information
Additional information like issue happens only occasionally or issue happens with a particular architecture or on a particular setting