I want to restrict the size of core file for every container on my k8s cluster.
My k8s cluster is v1.20 and using containerd 1.5
I tried to build docker file with command ulimit -c 0
But when the container is created and I send a command ulimit -c then the reply is unlimited
I also tried to mount /etc/security/limits.conf on the pod
# /etc/security/limits.conf
\* hard core 0
\* soft core 0
But it didn't work.
I also tried to change containerd's config at /usr/lib/systemd/system/containerd.service
I changed LimitCore=0 and
systemctl restart containerd
systemctl daemon-reload
But when I check the ulimit -c on the pod, it consistently replies unlimited even if I restart the pod.
Please don't ask why do you want to set core file size 0, there are some issues about it.
Let me know if anyone knows the answers thanks!
For self managed EKS worker nodes, run this before running bootstrap.sh in your userdata:
sed -i 's/LimitCORE=infinity/LimitCORE=0/g' /usr/lib/systemd/system/containerd.service
systemctl daemon-reload