summaryrefslogtreecommitdiff
path: root/libpod.conf
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2019-11-07 14:58:57 +0100
committerGitHub <noreply@github.com>2019-11-07 14:58:57 +0100
commitaad29045531152f6b4763fe6a45e8c9daabaa0e0 (patch)
treed955da6a5d3b8582cfdae5bb7804f93f7dcdbc79 /libpod.conf
parent2e2d82ce767895e80da0d6cf5e6d391901687deb (diff)
parent9fe9c4181a0b7f73922d6e623c98023cb4f9f559 (diff)
downloadpodman-aad29045531152f6b4763fe6a45e8c9daabaa0e0.tar.gz
podman-aad29045531152f6b4763fe6a45e8c9daabaa0e0.tar.bz2
podman-aad29045531152f6b4763fe6a45e8c9daabaa0e0.zip
Merge pull request #4308 from openSUSE/kata
Add Kata Containers runtimes to libpod.conf
Diffstat (limited to 'libpod.conf')
-rw-r--r--libpod.conf23
1 files changed, 23 insertions, 0 deletions
diff --git a/libpod.conf b/libpod.conf
index 47f66ecc1..47563099c 100644
--- a/libpod.conf
+++ b/libpod.conf
@@ -146,6 +146,29 @@ crun = [
"/usr/local/bin/crun",
]
+# Kata Containers is an OCI runtime, where containers are run inside lightweight
+# Virtual Machines (VMs). Kata provides additional isolation towards the host,
+# minimizing the host attack surface and mitigating the consequences of
+# containers breakout.
+# Please notes that Kata does not support rootless podman yet, but we can leave
+# the paths below blank to let them be discovered by the $PATH environment
+# variable.
+
+# Kata Containers with the default configured VMM
+kata-runtime = [
+ "/usr/bin/kata-runtime",
+]
+
+# Kata Containers with the QEMU VMM
+kata-qemu = [
+ "/usr/bin/kata-qemu",
+]
+
+# Kata Containers with the Firecracker VMM
+kata-fc = [
+ "/usr/bin/kata-fc",
+]
+
# The [runtimes] table MUST be the last thing in this file.
# (Unless another table is added)
# TOML does not provide a way to end a table other than a further table being