diff --git a/contrib/completion/bash/docker b/contrib/completion/bash/docker index cbb51c5d27..343e1dc717 100644 --- a/contrib/completion/bash/docker +++ b/contrib/completion/bash/docker @@ -1637,6 +1637,7 @@ _docker_run() { --net-alias --oom-score-adj --pid + --pids-limit --publish -p --restart --security-opt diff --git a/contrib/completion/zsh/_docker b/contrib/completion/zsh/_docker index 3a1f399f51..0f2a361a6b 100644 --- a/contrib/completion/zsh/_docker +++ b/contrib/completion/zsh/_docker @@ -534,6 +534,7 @@ __docker_subcommand() { "($help)*--net-alias=[Add network-scoped alias for the container]:alias: " "($help)--oom-kill-disable[Disable OOM Killer]" "($help)--oom-score-adj[Tune the host's OOM preferences for containers (accepts -1000 to 1000)]" + "($help)--pids-limit[Tune container pids limit (set -1 for unlimited)]" "($help -P --publish-all)"{-P,--publish-all}"[Publish all exposed ports]" "($help)*"{-p=,--publish=}"[Expose a container's port to the host]:port:_ports" "($help)--pid=[PID namespace to use]:PID: " diff --git a/docs/reference/commandline/create.md b/docs/reference/commandline/create.md index ad23995ac1..fa68b0feb1 100644 --- a/docs/reference/commandline/create.md +++ b/docs/reference/commandline/create.md @@ -74,6 +74,7 @@ Creates a new container. -P, --publish-all Publish all exposed ports to random ports -p, --publish=[] Publish a container's port(s) to the host --pid="" PID namespace to use + --pids-limit=-1 Tune container pids limit (set -1 for unlimited), kernel >= 4.3 --privileged Give extended privileges to this container --read-only Mount the container's root filesystem as read only --restart="no" Restart policy (no, on-failure[:max-retry], always, unless-stopped) diff --git a/docs/reference/commandline/run.md b/docs/reference/commandline/run.md index 4da4397193..496ff4865d 100644 --- a/docs/reference/commandline/run.md +++ b/docs/reference/commandline/run.md @@ -74,6 +74,7 @@ parent = "smn_cli" -P, --publish-all Publish all exposed ports to random ports -p, --publish=[] Publish a container's port(s) to the host --pid="" PID namespace to use + --pids-limit=-1 Tune container pids limit (set -1 for unlimited), kernel >= 4.3 --privileged Give extended privileges to this container --read-only Mount the container's root filesystem as read only --restart="no" Restart policy (no, on-failure[:max-retry], always, unless-stopped) diff --git a/man/docker-create.1.md b/man/docker-create.1.md index 6a2640d205..16f70a958d 100644 --- a/man/docker-create.1.md +++ b/man/docker-create.1.md @@ -58,6 +58,7 @@ docker-create - Create a new container [**-P**|**--publish-all**] [**-p**|**--publish**[=*[]*]] [**--pid**[=*[]*]] +[**--pids-limit**[=*PIDS_LIMIT*]] [**--privileged**] [**--read-only**] [**--restart**[=*RESTART*]] @@ -290,6 +291,9 @@ unit, `b` is used. Set LIMIT to `-1` to enable unlimited swap. **host**: use the host's PID namespace inside the container. Note: the host mode gives the container full access to local PID and is therefore considered insecure. +**--pids-limit**="" + Tune the container's pids limit. Set `-1` to have unlimited pids for the container. + **--privileged**=*true*|*false* Give extended privileges to this container. The default is *false*. diff --git a/man/docker-run.1.md b/man/docker-run.1.md index 7f5c21046f..a22d43762d 100644 --- a/man/docker-run.1.md +++ b/man/docker-run.1.md @@ -60,6 +60,7 @@ docker-run - Run a command in a new container [**-P**|**--publish-all**] [**-p**|**--publish**[=*[]*]] [**--pid**[=*[]*]] +[**--pids-limit**[=*PIDS_LIMIT*]] [**--privileged**] [**--read-only**] [**--restart**[=*RESTART*]] @@ -420,6 +421,9 @@ Use `docker port` to see the actual mapping: `docker port CONTAINER $CONTAINERPO **host**: use the host's PID namespace inside the container. Note: the host mode gives the container full access to local PID and is therefore considered insecure. +**--pids-limit**="" + Tune the container's pids limit. Set `-1` to have unlimited pids for the container. + **--uts**=*host* Set the UTS mode for the container **host**: use the host's UTS namespace inside the container.