From 4456fed0fee86f73983551f587c47fa251ec46a4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=AB=98=E7=84=B6?= <pangjiping.pjp@alibaba-inc.com>
Date: Fri, 20 Mar 2026 09:26:00 +0800
Subject: [PATCH] fix(server): increase default pids_limit to 4096 for
 production use

---
 server/docker-compose.example.yaml | 5 ++++-
 server/example.config.toml         | 5 ++++-
 server/example.config.zh.toml      | 2 +-
 server/src/config.py               | 2 +-
 4 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/server/docker-compose.example.yaml b/server/docker-compose.example.yaml
index 4f825fcea..497276563 100644
--- a/server/docker-compose.example.yaml
+++ b/server/docker-compose.example.yaml
@@ -22,7 +22,10 @@ configs:
       host_ip = "host.docker.internal"
       drop_capabilities = ["AUDIT_WRITE", "MKNOD", "NET_ADMIN", "NET_RAW", "SYS_ADMIN", "SYS_MODULE", "SYS_PTRACE", "SYS_TIME", "SYS_TTY_CONFIG"]
       no_new_privileges = true
-      pids_limit = 512
+      # TODO: For production environments, it is recommended to set this to '4096' or higher to avoid
+      # "can't start new thread" errors when multiple sandboxes are running concurrently.
+      # See: https://github.com/alibaba/OpenSandbox/issues/447
+      pids_limit = 4096
 
       [ingress]
       mode = "direct"
diff --git a/server/example.config.toml b/server/example.config.toml
index db5d60595..efefb990b 100644
--- a/server/example.config.toml
+++ b/server/example.config.toml
@@ -61,7 +61,10 @@ no_new_privileges = true
 # Optional: set an AppArmor profile name (e.g., "docker-default") when AppArmor is enabled
 apparmor_profile = ""
 # Limit process count to reduce host impact from fork bombs; set to null to disable
-pids_limit = 512
+# TODO: For production environments, it is recommended to set this to '4096' or higher to avoid
+# "can't start new thread" errors when multiple sandboxes are running concurrently.
+# See: https://github.com/alibaba/OpenSandbox/issues/447
+pids_limit = 4096
 # Seccomp profile: empty string uses Docker default; set to an absolute path for a custom profile
 seccomp_profile = ""
 
diff --git a/server/example.config.zh.toml b/server/example.config.zh.toml
index 8a5f2eb1d..cf3c52e2e 100644
--- a/server/example.config.zh.toml
+++ b/server/example.config.zh.toml
@@ -55,7 +55,7 @@ no_new_privileges = true
 # Optional: set an AppArmor profile name (e.g., "docker-default") when AppArmor is enabled
 apparmor_profile = ""
 # Limit process count to reduce host impact from fork bombs; set to null to disable
-# 生产环境建议设置为 4096 或更高，避免多沙箱并发时出现 "can't start new thread" 错误
+# TODO: 生产环境建议设置为 4096 或更高，避免多沙箱并发时出现 "can't start new thread" 错误
 # See: https://github.com/alibaba/OpenSandbox/issues/447
 pids_limit = 4096
 # Seccomp profile: empty string uses Docker default; set to an absolute path for a custom profile
diff --git a/server/src/config.py b/server/src/config.py
index 3d89dd5eb..cf2843acc 100644
--- a/server/src/config.py
+++ b/server/src/config.py
@@ -474,7 +474,7 @@ class DockerConfig(BaseModel):
         ),
     )
     pids_limit: Optional[int] = Field(
-        default=512,
+        default=4096,
         ge=1,
         description="Maximum number of processes allowed per sandbox container. Set to null to disable the limit.",
     )