1 files changed, 14 insertions, 7 deletions

diff --git a/src/conf_mode/container.py b/src/conf_mode/container.py
index a73a18ffa..3efeb9b40 100755
--- a/src/conf_mode/container.py
+++ b/src/conf_mode/container.py
@@ -16,6 +16,7 @@
 
 import os
 
+from decimal import Decimal
 from hashlib import sha256
 from ipaddress import ip_address
 from ipaddress import ip_network
@@ -28,6 +29,7 @@ from vyos.configdict import node_changed
 from vyos.configdict import is_node_changed
 from vyos.configverify import verify_vrf
 from vyos.ifconfig import Interface
+from vyos.cpu import get_core_count
 from vyos.utils.file import write_file
 from vyos.utils.process import call
 from vyos.utils.process import cmd
@@ -127,6 +129,11 @@ def verify(container):
                         f'locally. Please use "add container image {image}" to add it '\
                         f'to the system! Container "{name}" will not be started!')
 
+            if 'cpu_quota' in container_config:
+                cores = get_core_count()
+                if Decimal(container_config['cpu_quota']) > cores:
+                    raise ConfigError(f'Cannot set limit to more cores than available "{name}"!')
+
             if 'network' in container_config:
                 if len(container_config['network']) > 1:
                     raise ConfigError(f'Only one network can be specified for container "{name}"!')
@@ -257,6 +264,7 @@ def verify(container):
 
 def generate_run_arguments(name, container_config):
     image = container_config['image']
+    cpu_quota = container_config['cpu_quota']
     memory = container_config['memory']
     shared_memory = container_config['shared_memory']
     restart = container_config['restart']
@@ -329,9 +337,13 @@ def generate_run_arguments(name, container_config):
             prop = vol_config['propagation']
             volume += f' --volume {svol}:{dvol}:{mode},{prop}'
 
-    container_base_cmd = f'--detach --interactive --tty --replace {capabilities} ' \
+    host_pid = ''
+    if 'allow_host_pid' in container_config:
+      host_pid = '--pid host'
+
+    container_base_cmd = f'--detach --interactive --tty --replace {capabilities} --cpus {cpu_quota} ' \
                          f'--memory {memory}m --shm-size {shared_memory}m --memory-swap 0 --restart {restart} ' \
-                         f'--name {name} {hostname} {device} {port} {volume} {env_opt} {label} {uid}'
+                         f'--name {name} {hostname} {device} {port} {volume} {env_opt} {label} {uid} {host_pid}'
 
     entrypoint = ''
     if 'entrypoint' in container_config:
@@ -339,11 +351,6 @@ def generate_run_arguments(name, container_config):
         entrypoint = json_write(container_config['entrypoint'].split()).replace('"', """)
         entrypoint = f'--entrypoint '{entrypoint}''
 
-    hostname = ''
-    if 'host_name' in container_config:
-        hostname = container_config['host_name']
-        hostname = f'--hostname {hostname}'
-
     command = ''
     if 'command' in container_config:
         command = container_config['command'].strip()