containerd ulimit parameters are not set in containers after changing in containerd.service file

[akash-verma10]

Description

we have installed the containerd in ubuntu , so we try to change the ulimit of the containers created but after changing the LimitNOFILE=1048576 containers ulimit values are not change please help on this

Steps to reproduce the issue

1. create a ubuntu container using nerdctl
2. change the conatinerd.servive file with LimitNOFILE=1048576
3. and check the ulimit value inside the conatiners

Describe the results you received and expected

still ulimit value is 1024

What version of containerd are you using?

v1.6.19

Any other relevant information

using nerdctl

Show configuration if it is related to CRI plugin.

no

[Iceber]

Whether using ctr or nerdctl, RLIMIT_NOFILE will be set to 1024 by default. https://github.com/containerd/containerd/blob/584d13d5cb350b48e64eb7c7b0e3e935b941e0d1/oci/spec.go#L159-L164 nerdctl can set RLIMIT_NOFILE with --ulimit=nofile=10000

[akash-verma10]

thanks a lot @Iceber for your comment but not error has changed to FATA[0000] failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting rlimits for ready process: error setting rlimit type 7: operation not permitted: unknown

can you please suggest

[Iceber]

There are no errors in my environment. Are you using rootless containerd?

[akash-verma10]

yes

[Iceber]

What is the nofile you set for the containerd service and the container separately?

[akash-verma10]

i have configured the LimitNOFILE=1048576 in /etc/systemd/system/containerd.service but conatiners ulimit is still 1024

[Iceber]

check your nerdctl version, nerdctl seems to have fixed this issue https://github.com/containerd/nerdctl/pull/588

[akash-verma10]

@Iceber i m using the nerdctl version 1.2.1 is there any issue with that , which version of nerdctl issue is fixed?