the pids cgroup and the kmem controller both help you to fight fork bombs. If you're doing nested unprivileged containers then you'll have a practical limit imposed by the ever growing uid ranges as you go up the stack.
And the kernel actually imposes a strict depth limit of 32 user namespaces. -serge Quoting Bostjan Skufca ([email protected]): > Is there a limit to container nesting depth? Does containerization-based > equivalent of fork bomb already exist? :) > > > b. > > > On 12 April 2016 at 16:54, Serge Hallyn <[email protected]> wrote: > > > That's no problem. The try-it service for instance runs that way. > > > > Quoting jjs - mainphrame ([email protected]): > > > Ah, wait, I might have misunderstood your question. > > > > > > One can run containers within containers, but I don't know of anyone > > > running an lxc ct inside an lxd ct or vice versa. > > > > > > Jake > > > > > > On Mon, Apr 11, 2016 at 5:32 PM, jjs - mainphrame <[email protected]> > > wrote: > > > > I'm running both lxc and lxd containers on the same box. There is no > > > > conflict, as the commands and data paths are different. > > > > > > > > Jake > > > > > > > > On Mon, Apr 11, 2016 at 5:12 PM, Bostjan Skufca <[email protected]> > > wrote: > > > >> Is it possible? > > > >> Or is running LXC on host and LXD as one of LXC containers more > > inclined to > > > >> work out of the box? > > > >> > > > >> (just fishing for info, haven't tried LXD out yet) > > > >> > > > >> Tnx, > > > >> b. > > > >> > > > >> > > > >> _______________________________________________ > > > >> lxc-users mailing list > > > >> [email protected] > > > >> http://lists.linuxcontainers.org/listinfo/lxc-users > > > _______________________________________________ > > > lxc-users mailing list > > > [email protected] > > > http://lists.linuxcontainers.org/listinfo/lxc-users > > _______________________________________________ > > lxc-users mailing list > > [email protected] > > http://lists.linuxcontainers.org/listinfo/lxc-users > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
