Module resource_limits 

Operator-imposed resource limits (PLAN.md Phase 4.1).

Cloud-agnostic deployments need hard upper bounds enforced regardless of cgroup or namespace presence — a process that grows past its allocated capacity slot can starve every other tenant on the same host. The limits here are read once at boot from RED_MAX_* env vars and held in a single immutable struct consulted by the various enforcement points (write path, accept loop, query timer, batch validator).

Option<u64> semantics: None means “operator did not pin a cap at boot — fall through to whatever upstream layer (cgroup, kernel RLIMIT_*, runtime defaults) decides”. Some(0) is reserved as “explicitly unbounded” so an operator who sets an env var to the literal 0 can disable a default without scripting.

Structs

ResourceLimits

Snapshot of the RED_MAX_* env vars read at runtime construction. Held by RuntimeInner and accessible via RedDBRuntime::resource_limits() so observability and enforcement consult the same values.