'Securing Process inside Docker Instance
While implementing an online C++ compiler, I'm running a Node.js server inside docker instance, which in turns create new process to execute the online code.
Need your help to secure the instance with the following:
(a) How to limit the CPU usage for the newly created process? (b) How to limit RAM and storage for this process? (c) How to prevent the system from Fork Bomb? (c) Limiting the time of the process run?
Though I can set these parameters using ulimit.conf, but it will apply the limits on per user basis. My requirement is to limit the resources per process basis because all the processes are running with the same user.
Kindly give a clue to handle the situation.
Thank you very much in advance for this support.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|