forked from pool/podman
c6d0f9bc11
OBS-URL: https://build.opensuse.org/request/show/734986 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/podman?expand=0&rev=49
148 lines
4.9 KiB
Plaintext
148 lines
4.9 KiB
Plaintext
# libpod.conf is the default configuration file for all tools using libpod to
|
|
# manage containers
|
|
|
|
# Default transport method for pulling and pushing for images
|
|
image_default_transport = "docker://"
|
|
|
|
# Paths to look for the conmon container manager binary.
|
|
# If the paths are empty or no valid path was found, then the `$PATH`
|
|
# environment variable will be used as the fallback.
|
|
conmon_path = [
|
|
]
|
|
|
|
# Environment variables to pass into conmon
|
|
conmon_env_vars = [
|
|
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
|
]
|
|
|
|
# CGroup Manager - valid values are "systemd" and "cgroupfs"
|
|
cgroup_manager = "systemd"
|
|
|
|
# Container init binary
|
|
init_path = "/usr/bin/catatonit"
|
|
|
|
# Directory for persistent libpod files (database, etc)
|
|
# By default, this will be configured relative to where containers/storage
|
|
# stores containers
|
|
# Uncomment to change location from this default
|
|
#static_dir = "/var/lib/containers/storage/libpod"
|
|
|
|
# Directory for temporary files. Must be tmpfs (wiped after reboot)
|
|
tmp_dir = "/var/run/libpod"
|
|
|
|
# Maximum size of log files (in bytes)
|
|
# -1 is unlimited
|
|
max_log_size = -1
|
|
|
|
# Whether to use chroot instead of pivot_root in the runtime
|
|
no_pivot_root = false
|
|
|
|
# Directory containing CNI plugin configuration files
|
|
cni_config_dir = "/etc/cni/net.d/"
|
|
|
|
# Directories where the CNI plugin binaries may be located
|
|
cni_plugin_dir = [
|
|
"/usr/lib/cni",
|
|
"/opt/cni/bin"
|
|
]
|
|
|
|
# Default CNI network for libpod.
|
|
# If multiple CNI network configs are present, libpod will use the network with
|
|
# the name given here for containers unless explicitly overridden.
|
|
# The default here is set to the name we set in the
|
|
# 87-podman-bridge.conflist included in the repository.
|
|
# Not setting this, or setting it to the empty string, will use normal CNI
|
|
# precedence rules for selecting between multiple networks.
|
|
cni_default_network = "podman"
|
|
|
|
# Default libpod namespace
|
|
# If libpod is joined to a namespace, it will see only containers and pods
|
|
# that were created in the same namespace, and will create new containers and
|
|
# pods in that namespace.
|
|
# The default namespace is "", which corresponds to no namespace. When no
|
|
# namespace is set, all containers and pods are visible.
|
|
#namespace = ""
|
|
|
|
# Default infra (pause) image name for pod infra containers
|
|
infra_image = "registry.opensuse.org/kubic/pause:3.1"
|
|
|
|
# Default command to run the infra container
|
|
infra_command = "/usr/bin/pause"
|
|
|
|
# Determines whether libpod will reserve ports on the host when they are
|
|
# forwarded to containers. When enabled, when ports are forwarded to containers,
|
|
# they are held open by conmon as long as the container is running, ensuring that
|
|
# they cannot be reused by other programs on the host. However, this can cause
|
|
# significant memory usage if a container has many ports forwarded to it.
|
|
# Disabling this can save memory.
|
|
#enable_port_reservation = true
|
|
|
|
# Default libpod support for container labeling
|
|
# label=true
|
|
|
|
# The locking mechanism to use
|
|
lock_type = "shm"
|
|
|
|
# Number of locks available for containers and pods.
|
|
# If this is changed, a lock renumber must be performed (e.g. with the
|
|
# 'podman system renumber' command).
|
|
num_locks = 2048
|
|
|
|
# Directory for libpod named volumes.
|
|
# By default, this will be configured relative to where containers/storage
|
|
# stores containers.
|
|
# Uncomment to change location from this default.
|
|
#volume_path = "/var/lib/containers/storage/volumes"
|
|
|
|
# Selects which logging mechanism to use for Podman events. Valid values
|
|
# are `journald` or `file`.
|
|
# events_logger = "journald"
|
|
|
|
# Specify the keys sequence used to detach a container.
|
|
# Format is a single character [a-Z] or a comma separated sequence of
|
|
# `ctrl-<value>`, where `<value>` is one of:
|
|
# `a-z`, `@`, `^`, `[`, `\`, `]`, `^` or `_`
|
|
#
|
|
# detach_keys = "ctrl-p,ctrl-q"
|
|
|
|
# Default OCI runtime
|
|
runtime = "runc"
|
|
|
|
# List of the OCI runtimes that support --format=json. When json is supported
|
|
# libpod will use it for reporting nicer errors.
|
|
runtime_supports_json = ["runc"]
|
|
|
|
# List of all the OCI runtimes that support --cgroup-manager=disable to disable
|
|
# creation of CGroups for containers.
|
|
runtime_supports_nocgroups = []
|
|
|
|
# Paths to look for a valid OCI runtime (runc, runv, etc)
|
|
# If the paths are empty or no valid path was found, then the `$PATH`
|
|
# environment variable will be used as the fallback.
|
|
[runtimes]
|
|
runc = [
|
|
]
|
|
|
|
|
|
# Kata Containers is an OCI runtime, where containers are run inside lightweight
|
|
# VMs. Kata provides additional isolation towards the host, minimizing the host attack
|
|
# surface and mitigating the consequences of containers breakout.
|
|
|
|
# Kata Containers with the default configured VMM
|
|
kata-runtime = [
|
|
]
|
|
|
|
# Kata Containers with the QEMU VMM
|
|
kata-qemu = [
|
|
]
|
|
|
|
# Kata Containers with the Firecracker VMM
|
|
kata-fc = [
|
|
]
|
|
|
|
# The [runtimes] table MUST be the last thing in this file.
|
|
# (Unless another table is added)
|
|
# TOML does not provide a way to end a table other than a further table being
|
|
# defined, so every key hereafter will be part of [runtimes] and not the main
|
|
# config.
|