From 3aa5ab007297db2059ae5e8633a7d105e02e70e2 Mon Sep 17 00:00:00 2001 From: Steven Hawkins Date: Thu, 12 Feb 2026 04:28:53 -0500 Subject: [PATCH] fix: updating the fix for docker ulimits (#46254) it will now be applied by default closes: #44232 Signed-off-by: Steve Hawkins --- docs/guides/server/containers.adoc | 9 +-------- operator/README.md | 4 ++-- operator/scripts/olm-testing.sh | 2 +- operator/src/main/resources/application.properties | 2 ++ 4 files changed, 6 insertions(+), 11 deletions(-) diff --git a/docs/guides/server/containers.adoc b/docs/guides/server/containers.adoc index 6e9617f617d..2781a4562e8 100644 --- a/docs/guides/server/containers.adoc +++ b/docs/guides/server/containers.adoc @@ -193,14 +193,7 @@ Opening up `https://localhost:9000/metrics` leads to a page containing operation === Known issues with Docker * If a `RUN dnf install` command seems to be taking an excessive amount of time, then likely your Docker systemd service has the file limit setting `LimitNOFILE` configured incorrectly. -Either update the service configuration to use a better value, such as 1024000, or directly use `ulimit` in the RUN command: - -[source, dockerfile] ----- -... -RUN ulimit -n 1024000 && dnf install --installroot ... -... ----- +Either update the service configuration to use a better value, such as 1024000, or use `--ulimit` in the https://docs.docker.com/reference/cli/docker/buildx/build/#ulimit[docker build command], e.g. `--ulimit nofile=1024000`. * If you are including provider JARs and your container fails a `start --optimized` with a notification that a provider JAR has changed, this is due to Docker truncating or otherwise modifying file modification timestamps from what the `build` command recorded to what is seen at runtime. diff --git a/operator/README.md b/operator/README.md index f9588b2efb5..16d14f6cb9a 100644 --- a/operator/README.md +++ b/operator/README.md @@ -48,7 +48,7 @@ Vanilla minikube does not support Network Policies, and Cilium implements the CN Another CNI implementation may work too. ```bash -minikube start --addons ingress --cni cilium +minikube start --addons ingress --cni cilium --cpus=max ``` Enable the Minikube Docker daemon: @@ -113,7 +113,7 @@ minikube addons enable ingress To avoid skipping tests that are depending on custom Keycloak images, you need to build those first: ```bash -./build-testing-docker-images.sh [SOURCE KEYCLOAK IMAGE TAG] [SOURCE KEYCLOAK IMAGE] +./scripts/build-testing-docker-images.sh [SOURCE KEYCLOAK IMAGE TAG] [SOURCE KEYCLOAK IMAGE] ``` And run the tests passing an extra Java property: diff --git a/operator/scripts/olm-testing.sh b/operator/scripts/olm-testing.sh index 12e1b1e2a23..9e856e22023 100755 --- a/operator/scripts/olm-testing.sh +++ b/operator/scripts/olm-testing.sh @@ -17,7 +17,7 @@ VERSION="86400000.0.0" ( cd $SCRIPT_DIR/../../quarkus/container - docker build --build-arg KEYCLOAK_DIST=$(ls keycloak-*.tar.gz) . -t "$REGISTRY/${UUID}keycloak:${VERSION}" + docker build --ulimit nofile=1024000 --build-arg KEYCLOAK_DIST=$(ls keycloak-*.tar.gz) . -t "$REGISTRY/${UUID}keycloak:${VERSION}" docker push "$REGISTRY/${UUID}keycloak:${VERSION}" ) diff --git a/operator/src/main/resources/application.properties b/operator/src/main/resources/application.properties index 85f9b8558e1..263a646271c 100644 --- a/operator/src/main/resources/application.properties +++ b/operator/src/main/resources/application.properties @@ -30,3 +30,5 @@ quarkus.operator-sdk.bundle.channels=fast quarkus.operator-sdk.namespaces=JOSDK_WATCH_CURRENT quarkus.operator-sdk.generate-with-watched-namespaces=JOSDK_WATCH_CURRENT + +quarkus.docker.additional-args=--ulimit,nofile=1024000