Merge pull request #45534 from polarathene/fix/config-init-limits

fix: Normalize `RLIMIT_NOFILE` to sensible defaults

contrib/init/openrc/docker.confd

@@ -17,7 +17,7 @@
 #DOCKER_PIDFILE="/run/docker.pid"
 
 # Settings for process limits (ulimit)
-#DOCKER_ULIMIT="-c unlimited -n 1048576 -u unlimited"
+#DOCKER_ULIMIT="-c unlimited -n 524288 -u unlimited"
 
 # seconds to wait for sending SIGTERM and SIGKILL signals when stopping docker
 #DOCKER_RETRY="TERM/60/KILL/10"

contrib/init/openrc/docker.initd

@@ -13,7 +13,7 @@ start_stop_daemon_args="--background \
 
 extra_started_commands="reload"
 
-rc_ulimit="${DOCKER_ULIMIT:--c unlimited -n 1048576 -u unlimited}"
+rc_ulimit="${DOCKER_ULIMIT:--c unlimited -n 524288 -u unlimited}"
 
 retry="${DOCKER_RETRY:-TERM/60/KILL/10}"
 

contrib/init/systemd/docker.service

@@ -28,7 +28,6 @@ StartLimitInterval=60s
 
 # Having non-zero Limit*s causes performance problems due to accounting overhead
 # in the kernel. We recommend using cgroups to do container-local accounting.
-LimitNOFILE=infinity
 LimitNPROC=infinity
 LimitCORE=infinity
 

contrib/init/sysvinit-debian/docker

@@ -58,7 +58,8 @@ case "$1" in
 		touch "$DOCKER_LOGFILE"
 		chgrp docker "$DOCKER_LOGFILE"
 
-		ulimit -n 1048576
+		# Only set the hard limit (soft limit should remain as the system default of 1024):
+		ulimit -Hn 524288
 
 		# Having non-zero limits causes performance problems due to accounting overhead
 		# in the kernel. We recommend using cgroups to do container-local accounting.