Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / ddbb9681604a0549ef820e44c4eecca9dd894378 / . / metropolis / node / kubernetes / containerd / config.toml
blob: eff2c3d8d47d67d2ffd4b481df4988c03db46b77 [file] [log] [blame]
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]1version = 3
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]2root = "/data/containerd"
Serge Bazanskic2c7ad92020-07-13 17:20:09 +0200[diff] [blame]3state = "/ephemeral/containerd"
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]4temp = ""
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]5plugin_dir = ""
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]6disabled_plugins = ["io.containerd.internal.v1.opt", "io.containerd.snapshotter.v1.blockfile", "io.containerd.snapshotter.v1.devmapper", "io.containerd.image-verifier.v1"]
Lorenz Brun74e8e5c2021-01-26 14:00:50 +0100[diff] [blame]7required_plugins = ["io.containerd.grpc.v1.cri"]
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]8oom_score = 0
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]9imports = []
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]10
11[grpc]
Serge Bazanskic2c7ad92020-07-13 17:20:09 +0200[diff] [blame]12 address = "/ephemeral/containerd/client.sock"
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]13 tcp_address = ""
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]14 tcp_tls_ca = ""
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]15 tcp_tls_cert = ""
16 tcp_tls_key = ""
17 uid = 0
18 gid = 0
19 max_recv_message_size = 16777216
20 max_send_message_size = 16777216
21
22[ttrpc]
23 address = ""
24 uid = 0
25 gid = 0
26
27[debug]
28 address = ""
29 uid = 0
30 gid = 0
31 level = ""
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]32 format = ""
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]33
34[metrics]
Tim Windelschmidt3bdb5fc2024-03-14 18:47:35 +0100[diff] [blame]35 address = "127.0.0.1:7846"
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]36 grpc_histogram = false
37
38[cgroup]
39 path = ""
40
41[timeouts]
42 "io.containerd.timeout.shim.cleanup" = "5s"
43 "io.containerd.timeout.shim.load" = "5s"
44 "io.containerd.timeout.shim.shutdown" = "3s"
45 "io.containerd.timeout.task.state" = "2s"
46
47[plugins]
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]48 [plugins."io.containerd.cri.v1.images"]
49 snapshotter = "overlayfs"
50 disable_snapshot_annotations = true
51 discard_unpacked_layers = false
52 max_concurrent_downloads = 3
53 image_pull_progress_timeout = "5m0s"
54 image_pull_with_sync_fs = false
55 stats_collect_period = 10
56
57 [plugins."io.containerd.cri.v1.images".pinned_images]
58 sandbox = "preseed.metropolis.internal/node/kubernetes/pause:latest"
59
60 [plugins."io.containerd.cri.v1.images".registry]
61 config_path = ""
62
63 [plugins."io.containerd.cri.v1.images".registry.mirrors]
64 [plugins."io.containerd.cri.v1.images".registry.mirrors."docker.io"]
65 endpoint = ["https://registry-1.docker.io"]
66
67 [plugins."io.containerd.cri.v1.images".registry.mirrors."test.monogon.internal"]
68 endpoint = ["http://10.42.0.82:5000"]
69
70 [plugins."io.containerd.cri.v1.images".registry.configs]
71 [plugins."io.containerd.cri.v1.images".registry.configs."10.42.0.82:5000"]
72
73 [plugins."io.containerd.cri.v1.images".image_decryption]
74 key_model = "node"
75
76 [plugins."io.containerd.cri.v1.runtime"]
77 enable_selinux = false
78 selinux_category_range = 1024
79 max_container_log_line_size = 16384
80 disable_apparmor = true
81 restrict_oom_score_adj = false
82 disable_proc_mount = false
83 unset_seccomp_profile = ""
84 tolerate_missing_hugetlb_controller = true
85 disable_hugetlb_controller = true
86 device_ownership_from_security_context = true
87 ignore_image_defined_volumes = true
88 netns_mounts_under_state_dir = true
89 enable_unprivileged_ports = true
90 enable_unprivileged_icmp = true
91 enable_cdi = true
92 cdi_spec_dirs = ["/etc/cdi", "/var/run/cdi"]
93 drain_exec_sync_io_timeout = "0s"
94 ignore_deprecation_warnings = []
95
96 [plugins."io.containerd.cri.v1.runtime".containerd]
97 default_runtime_name = "runc"
98 ignore_blockio_not_enabled_errors = false
99 ignore_rdt_not_enabled_errors = false
100
101 [plugins."io.containerd.cri.v1.runtime".containerd.runtimes]
102 [plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runc]
103 runtime_type = "io.containerd.runc.v2"
104 runtime_path = ""
105 pod_annotations = []
106 container_annotations = []
107 privileged_without_host_devices = false
108 privileged_without_host_devices_all_devices_allowed = false
109 base_runtime_spec = ""
110 cni_conf_dir = ""
111 cni_max_conf_num = 0
112 snapshotter = ""
113 sandboxer = "podsandbox"
114 io_type = ""
115
116 [plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runc.options]
117 BinaryName = ""
118 CriuImagePath = ""
119 CriuWorkPath = ""
120 IoGid = 0
121 IoUid = 0
122 NoNewKeyring = false
123 Root = ""
124 ShimCgroup = ""
125
126 [plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runsc]
127 runtime_type = "io.containerd.runsc.v1"
128 runtime_path = ""
129 pod_annotations = []
130 container_annotations = []
131 privileged_without_host_devices = false
132 privileged_without_host_devices_all_devices_allowed = false
133 base_runtime_spec = ""
134 cni_conf_dir = ""
135 cni_max_conf_num = 0
136 snapshotter = ""
137 sandboxer = ""
138 io_type = ""
139
140 [plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runsc.options]
141 ConfigPath = "/containerd/conf/runsc.toml"
142 TypeUrl = "io.containerd.runsc.v1.options"
143
144 [plugins."io.containerd.cri.v1.runtime".cni]
Lorenz Brunc607bf62025-07-22 20:25:26 +0200[diff] [blame]145 bin_dir = ""
146 conf_dir = ""
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]147 max_conf_num = 0
148 setup_serially = false
Lorenz Brunc607bf62025-07-22 20:25:26 +0200[diff] [blame]149 conf_template = ""
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]150 ip_pref = ""
151 use_internal_loopback = false
152
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]153 [plugins."io.containerd.gc.v1.scheduler"]
154 pause_threshold = 0.02
155 deletion_threshold = 0
156 mutation_threshold = 100
157 schedule_delay = "0s"
158 startup_delay = "100ms"
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]159
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]160 [plugins."io.containerd.grpc.v1.cri"]
161 disable_tcp_service = true
162 stream_server_address = "127.0.0.1"
163 stream_server_port = "0"
164 stream_idle_timeout = "4h0m0s"
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]165 enable_tls_streaming = false
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]166
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]167 [plugins."io.containerd.grpc.v1.cri".x509_key_pair_streaming]
168 tls_cert_file = ""
169 tls_key_file = ""
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]170
171 [plugins."io.containerd.monitor.container.v1.restart"]
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]172 interval = "10s"
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]173
174 [plugins."io.containerd.internal.v1.tracing"]
175
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]176 [plugins."io.containerd.metadata.v1.bolt"]
177 content_sharing_policy = "shared"
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]178
179 [plugins."io.containerd.monitor.task.v1.cgroups"]
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]180 no_prometheus = false
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]181
182 [plugins."io.containerd.nri.v1.nri"]
183 disable = true
184 socket_path = "/var/run/nri/nri.sock"
185 plugin_path = "/opt/nri/plugins"
186 plugin_config_path = "/etc/nri/conf.d"
187 plugin_registration_timeout = "5s"
188 plugin_request_timeout = "2s"
189 disable_connections = true
190
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]191 [plugins."io.containerd.runtime.v1.linux"]
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]192 no_shim = false
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]193 runtime = "noop"
194 runtime_root = ""
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]195 shim = "containerd-shim"
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]196 shim_debug = false
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]197
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]198 [plugins."io.containerd.runtime.v2.task"]
199 platforms = ["linux/amd64"]
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]200
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]201 [plugins."io.containerd.service.v1.diff-service"]
Lorenz Brun0ec0c532024-08-29 12:39:47 +0000[diff] [blame]202 default = ["walking"]
203 sync_fs = false
204
205 [plugins."io.containerd.service.v1.tasks-service"]
206 blockio_config_file = ""
207 rdt_config_file = ""
208
209 [plugins."io.containerd.shim.v1.manager"]
210 env = []
211
212 [plugins."io.containerd.snapshotter.v1.overlayfs"]
213 root_path = ""
214 upperdir_label = false
215 sync_remove = false
216 slow_chown = false
217 mount_options = []
218
219 [plugins."io.containerd.tracing.processor.v1.otlp"]
220
221 [plugins."io.containerd.transfer.v1.local"]
222 max_concurrent_downloads = 3
223 max_concurrent_uploaded_layers = 3
224 config_path = ""