From d5908cdddf76bda778b2d9f00cec84936adeabfa Mon Sep 17 00:00:00 2001 From: David Scott Date: Mon, 27 Sep 2021 19:17:04 +0100 Subject: [PATCH] docker-container: use /docker/buildx cgroup by default This allows resource limits to be applied to all builds on a host. For example to limit the total amount of CPU used by builds: https://medium.com/@asishrs/docker-limit-resource-utilization-using-cgroup-parent-72a646651f9d Signed-off-by: David Scott --- docs/reference/buildx_create.md | 2 +- driver/docker-container/driver.go | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/reference/buildx_create.md b/docs/reference/buildx_create.md index ae8841ac..7f96812d 100644 --- a/docs/reference/buildx_create.md +++ b/docs/reference/buildx_create.md @@ -130,7 +130,7 @@ Passes additional driver-specific options. Details for each driver: - `docker-container` - `image=IMAGE` - Sets the container image to be used for running buildkit. - `network=NETMODE` - Sets the network mode for running the buildkit container. - - `cgroup-parent=CGROUP` - Sets the cgroup parent of the buildkit container if docker is using the "cgroupfs" driver. + - `cgroup-parent=CGROUP` - Sets the cgroup parent of the buildkit container if docker is using the "cgroupfs" driver. Defaults to `/docker/buildx`. - Example: ```console diff --git a/driver/docker-container/driver.go b/driver/docker-container/driver.go index 5bcc219c..eec5d482 100644 --- a/driver/docker-container/driver.go +++ b/driver/docker-container/driver.go @@ -127,6 +127,9 @@ func (d *Driver) create(ctx context.Context, l progress.SubLogger) error { hc.NetworkMode = container.NetworkMode(d.netMode) } if info, err := d.DockerAPI.Info(ctx); err == nil && info.CgroupDriver == "cgroupfs" { + // Place all buildkit containers inside this cgroup by default so limits can be attached + // to all build activity on the host. + hc.CgroupParent = "/docker/buildx" if d.cgroupParent != "" { hc.CgroupParent = d.cgroupParent }