Weird default ulimits when using docker build #678
Description
Docker version:
Docker version 18.06.1-ce, build e68fc7a
Dockerfile:
FROM alpine:latest
RUN ulimit -a
Without BuildKit:
docker build --rm --force-rm --no-cache -t ok .
Sending build context to Docker daemon 74.24MB
Step 1/2 : FROM alpine:latest
latest: Pulling from library/alpine
4fe2ade4980c: Already exists
Digest: sha256:621c2f39f8133acb8e64023a94dbdf0d5ca81896102b9e57c0dc184cadaf5528
Status: Downloaded newer image for alpine:latest
---> 196d12cf6ab1
Step 2/2 : RUN ulimit -a
---> Running in 56fe42a26741
-f: file size (blocks) unlimited
-t: cpu time (seconds) unlimited
-d: data seg size (kb) unlimited
-s: stack size (kb) 8192
-c: core file size (blocks) 0
-m: resident set size (kb) unlimited
-l: locked memory (kb) 82000
-p: processes unlimited
-n: file descriptors 1048576
-v: address space (kb) unlimited
-w: locks unlimited
-e: scheduling priority 0
-r: real-time priority 0
Removing intermediate container 56fe42a26741
---> 52fd6fffa933
Successfully built 52fd6fffa933
Successfully tagged ok:latest
With BuildKit:
docker build --rm --force-rm --no-cache --console false -t bug .
#2 local://context (.dockerignore)
#2 digest: sha256:cc188a8320e0ff087d2dae19657940116b2ec4cc45c56d8b2b32b77cc810ff65
#2 name: "local://context (.dockerignore)"
#2 started: 2018-10-11 15:39:15.9831262 +0000 UTC
#2 completed: 2018-10-11 15:39:15.9832841 +0000 UTC
#2 duration: 157.9µs
#1 local://dockerfile (bug.Dockerfile)
#1 digest: sha256:b2ef569e86066c111d61f434a8bb45d03ac3aff022a466618ef00f0620da6c01
#1 name: "local://dockerfile (bug.Dockerfile)"
#1 started: 2018-10-11 15:39:15.9823162 +0000 UTC
#1 completed: 2018-10-11 15:39:16.0108294 +0000 UTC
#1 duration: 28.5132ms
#1 transferring dockerfile: 74B done
#2 local://context (.dockerignore)
#2 started: 2018-10-11 15:39:15.983418 +0000 UTC
#2 completed: 2018-10-11 15:39:16.0190217 +0000 UTC
#2 duration: 35.6037ms
#2 transferring context: 34B done
#4 docker-image://docker.io/library/alpine:latest
#4 digest: sha256:665ba8b2cdc0cb0200e2a42a6b3c0f8f684089f4cd1b81494fbb9805879120f7
#4 name: "docker-image://docker.io/library/alpine:latest"
#4 started: 2018-10-11 15:39:16.062311 +0000 UTC
#4 completed: 2018-10-11 15:39:16.0627436 +0000 UTC
#4 duration: 432.6µs
#4 started: 2018-10-11 15:39:16.0629488 +0000 UTC
#4 completed: 2018-10-11 15:39:16.0632674 +0000 UTC
#4 duration: 318.6µs
#4 resolve docker.io/library/alpine:latest done
#3 /bin/sh -c ulimit -a
#3 digest: sha256:e0ce83de302fb0015108e365119e7cbcaed5af24d2ba56ecb743b0aec661de59
#3 name: "/bin/sh -c ulimit -a"
#3 started: 2018-10-11 15:39:16.0635548 +0000 UTC
#3 0.219 -f: file size (blocks) unlimited
#3 0.219 -t: cpu time (seconds) unlimited
#3 0.219 -d: data seg size (kb) unlimited
#3 0.219 -s: stack size (kb) 8192
#3 0.219 -c: core file size (blocks) 0
#3 0.219 -m: resident set size (kb) unlimited
#3 0.219 -l: locked memory (kb) 82000
#3 0.219 -p: processes unlimited
#3 0.219 -n: file descriptors 1024
#3 0.219 -v: address space (kb) unlimited
#3 0.219 -w: locks unlimited
#3 0.219 -e: scheduling priority 0
#3 0.219 -r: real-time priority 0
#3 completed: 2018-10-11 15:39:16.4298791 +0000 UTC
#3 duration: 366.3243ms
#5 exporting to image
#5 digest: sha256:b5c1581c8446a31eb7d38780726877e7ffee21b051cbd43def0c1f77920b44f0
#5 name: "exporting to image"
#5 started: 2018-10-11 15:39:16.434344 +0000 UTC
#5 exporting layers 0.0s done
#5 completed: 2018-10-11 15:39:16.4659472 +0000 UTC
#5 duration: 31.6032ms
#5 writing image sha256:2860912bcda4f7f3a84a79643342f52faf0ee32cdd6f052442774b9bd84fd899 done
#5 naming to docker.io/library/bug done
Note
0.219 -n: file descriptors 1024
Also there seems to be no way to override this as --ulimit arg gets ignored as well as runc config.json (if created manually).
This is also true for Docker version 18.09.0-ce-beta1, build 78a6bdb.