Add PIDs cgroup support to runC and Docker
an invention by cyphar
Currently, dealing with forkbombs and similar issues with Docker and runC is not very nice (you have to set a global limit for all Docker processes or you have to limit kernel memory which isn't very practical). I'm going to work on getting some [patches] merged into runC and Docker to enable PIDs support for Docker.
Real-time container runtime support
an invention by a_faerber
As per discussions in the SOAFEE SIG that SUSE is a founding member of, container users will be in need of running workloads with mixed criticality.