It would be good to have the option to limit cpu besides memory so a wild running container cannot bog down the whole system:
```
set container name <name> cpus <cores>
```
to translate to podman argument `--cpus <cores>`.
For this to work the following kernel configs need to be enabled:
```
CONFIG_CGROUP_CPUACCT=y
CONFIG_CPUSETS=y
```