You can limit resource usage in Docker containers by specifying constraints on CPU, memory, and other resources when starting a container.
Here are some examples of how to set resource limits for Docker containers:
Stay One Step Ahead of Cyber Threats
4 Resource Limits for Docker Containers
Limit CPU Usage
Use the –cpus flag to specify the number of CPUs allocated to the container.
docker run --cpus="1" imagename
In this example, the container is limited to using 1 CPU.
Limit Memory Usage
Use the -m or –memory flag to set the maximum amount of memory a container can use.
docker run -m 512m imagename
In this example, the container is limited to using 512 MB of memory.
Use the –cpu-shares flag to set a relative share of CPU time for the container.
The default value is 1024, and the value you set is relative to the total CPU shares of all containers on the system.
docker run --cpu-shares=512 imagename
In this example, the container is assigned 512 CPU shares.
If there are two containers running — one with 512 CPU shares and one with 1024 CPU shares, the first container would get half the CPU time compared to the second container.
Limit the Container’s CPU Set
Use the –cpuset-cpus flag to specify which CPUs the container is allowed to use.
docker run --cpuset-cpus="0-1" imagename
In this example, the container is limited to using only the first two CPUs (CPU 0 and CPU 1) of the host system.
Summary
These are just a few examples of how you can limit resource usage in Docker containers.
You can find more options and detailed information in the Docker documentation:
"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional