Resource and Time Limits - mensfeld/code-on-incus GitHub Wiki

Control container resource consumption and runtime with configurable limits. All limits are set via config files or profiles.

Configuration

Add to your ~/.coi/config.toml:

[limits.cpu]
count = "2"              # CPU cores: "2", "0-3", "0,1,3" or "" (unlimited)
allowance = "50%"        # CPU time: "50%", "25ms/100ms" or "" (unlimited)
priority = 0             # CPU priority: 0-10 (higher = more priority)

[limits.memory]
limit = "2GiB"           # Memory: "512MiB", "2GiB", "50%" or "" (unlimited)
enforce = "soft"         # Enforcement: "hard" or "soft"
swap = "true"            # Swap: "true", "false", or size like "1GiB"

[limits.disk]
read = "10MiB/s"         # Read rate: "10MiB/s", "1000iops" or "" (unlimited)
write = "5MiB/s"         # Write rate: "5MiB/s", "1000iops" or "" (unlimited)
max = ""                 # Combined I/O limit (overrides read/write)
priority = 0             # Disk priority: 0-10
tmpfs_size = ""          # /tmp size: "" (disk-backed, unlimited) or "4GiB" (RAM-backed)

[limits.runtime]
max_duration = "2h"      # Max runtime: "2h", "30m", "1h30m" or "" (unlimited)
max_processes = 0        # Max processes: 100 or 0 (unlimited)
auto_stop = true         # Auto-stop when max_duration reached
stop_graceful = true     # Graceful (true) vs force (false) stop

All limits are configured via config files or profiles. There are no CLI flags for resource limits.

Profile-Specific Limits

Define limits per profile (each profile is a directory under profiles/ with its own config.toml):

# .coi/profiles/limited/config.toml
[container]
image = "coi-default"
persistent = false

[limits.cpu]
count = "2"
allowance = "50%"

[limits.memory]
limit = "2GiB"

[limits.runtime]
max_duration = "2h"
auto_stop = true

Use with: coi shell --profile limited

Time Limits and Auto-Stop

When max_duration is set and auto_stop = true:

  • Container automatically stops after the specified duration
  • Graceful stop preserves session data
  • Force stop (stop_graceful = false) terminates immediately
  • Useful for preventing runaway sessions or managing costs

Example:

# Auto-stop after 2 hours
[limits.runtime]
max_duration = "2h"
auto_stop = true

Precedence

Limits are applied with this precedence (highest to lowest):

  1. Profile limits (if --profile specified)
  2. Project config ([limits] section)
  3. User/system config ([limits] section)
  4. Unlimited (Incus defaults)

Examples

Limit resources for expensive operations:

# .coi/config.toml
[limits.cpu]
count = "4"

[limits.memory]
limit = "4GiB"

[limits.runtime]
max_duration = "30m"

Prevent runaway processes:

[limits.runtime]
max_processes = 100
max_duration = "1h"

[limits.memory]
limit = "2GiB"

Development profile with limits:

# .coi/profiles/dev/config.toml
[container]
image = "coi-default"
persistent = true

[limits.cpu]
count = "2"

[limits.memory]
limit = "4GiB"

[limits.runtime]
max_duration = "4h"