You are not logged in.
Someone from work showed me that the MacOS docker desktop application can globally limit resources for every container. From poking around on stack overflow it seems like the way to do this in linux is to define a cgroup slice such as eg:
# /etc/systemd/system/docker_limits.slice
[Unit]
Description=cgroup for docker to limit memory usage
Before=slices.target
[Slice]
MemoryAccounting=true
MemoryHigh=3G
MemoryMax=5G
CPUAccounting=true
CPUQuota=33%then set docker to make all containers under that slice by adding the following to /etc/docker/daemon.json and running systemctl daemon-reload && systemctl restart docker
{
"cgroup-parent": "docker_limits.slice"
}Some people say I need to prefix the group with / or else it will get created under some other group. But I get an invalid slice name error whenever I use that prefix. So I think it's just an Ubuntu thing.
systemd-cgtop seems to confirm that containers are being started as docker_limits.slice/docker-<id>.scope. However, docker stats shows those containers with a memory limit of all my RAM not the 3/5G I specified. Has anyone else been able to successfully apply resource limits to all docker containers?
Offline