Add support for containers.conf

vendor in c/common config pkg for containers.conf

Signed-off-by: Qi Wang qiwan@redhat.com
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

3 files changed, 91 insertions, 0 deletions

diff --git a/test/e2e/config/containers-caps.conf b/test/e2e/config/containers-caps.conf
new file mode 100644
index 000000000..7b964e4a7
--- /dev/null
+++ b/test/e2e/config/containers-caps.conf
@@ -0,0 +1,17 @@
+[containers]
+
+# List of default capabilities for containers. If it is empty or commented out,
+# the default capabilities defined in the container engine will be added.
+#
+default_capabilities = [
+    "CHOWN",
+    "DAC_OVERRIDE",
+    "FOWNER",
+    "FSETID",
+    "KILL",
+    "MKNOD",
+    "NET_BIND_SERVICE",
+    "SETGID",
+    "SETPCAP",
+    "SETUID",
+]
diff --git a/test/e2e/config/containers-ns.conf b/test/e2e/config/containers-ns.conf
new file mode 100644
index 000000000..d2cf5b03f
--- /dev/null
+++ b/test/e2e/config/containers-ns.conf
@@ -0,0 +1,24 @@
+[containers]
+
+pidns = "host"
+netns = "host"
+ipcns = "host"
+utsns = "host"
+userns = "host"
+cgroupns = "host"
+
+# List of default capabilities for containers. If it is empty or commented out,
+# the default capabilities defined in the container engine will be added.
+#
+default_capabilities = [
+    "CHOWN",
+    "DAC_OVERRIDE",
+    "FOWNER",
+    "FSETID",
+    "KILL",
+    "MKNOD",
+    "NET_BIND_SERVICE",
+    "SETGID",
+    "SETPCAP",
+    "SETUID",
+]
diff --git a/test/e2e/config/containers.conf b/test/e2e/config/containers.conf
new file mode 100644
index 000000000..55d18f5e8
--- /dev/null
+++ b/test/e2e/config/containers.conf
@@ -0,0 +1,50 @@
+[containers]
+
+# A list of ulimits to be set in containers by default, specified as
+# "<ulimit name>=<soft limit>:<hard limit>", for example:
+# "nofile=1024:2048"
+# See setrlimit(2) for a list of resource names.
+# Any limit not specified here will be inherited from the process launching the
+# container engine.
+# Ulimits has limits for non privileged container engines.
+#
+default_ulimits = [
+  "nofile=500:500",
+]
+
+# Environment variable list for the conmon process; used for passing necessary
+# environment variables to conmon or the runtime.
+#
+env = [
+    "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
+    "foo=bar",
+]
+
+# container engines use container separation using MAC(SELinux) labeling.
+# Flag is ignored on label disabled systems.
+#
+label = true
+
+# Size of /dev/shm. Specified as <number><unit>.
+# Unit is optional, values:
+# b (bytes), k (kilobytes), m (megabytes), or g (gigabytes).
+# If the unit is omitted, the system uses bytes.
+#
+shm_size = "201k"
+
+# List of devices. Specified as
+# "<device-on-host>:<device-on-container>:<permissions>", for example:
+# "/dev/sdc:/dev/xvdc:rwm".
+# If it is empty or commented out, only the default devices will be used
+#
+devices = [
+      "/dev/zero:/dev/notone,rwm",
+]
+
+default_sysctls = [
+  "net.ipv4.ping_group_range=0 1000",
+]
+
+dns_searches=[ "foobar.com", ]
+dns_servers=[ "1.2.3.4", ]
+dns_options=[ "debug", ]