summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/crio.8.md177
-rw-r--r--docs/crio.conf.5.md159
2 files changed, 0 insertions, 336 deletions
diff --git a/docs/crio.8.md b/docs/crio.8.md
deleted file mode 100644
index 2c9d4857d..000000000
--- a/docs/crio.8.md
+++ /dev/null
@@ -1,177 +0,0 @@
-% crio(8) Open Container Initiative Daemon
-% Dan Walsh
-% SEPTEMBER 2016
-# NAME
-crio - OCI Kubernetes Container Runtime daemon
-
-# SYNOPSIS
-**crio**
-[**--apparmor-profile**=[*value*]]
-[**--cgroup-manager**=[*value*]]
-[**--cni-config-dir**=[*value*]]
-[**--cni-plugin-dir**=[*value*]]
-[**--config**=[*value*]]
-[**--conmon**=[*value*]]
-[**--cpu-profile**=[*value*]]
-[**--default-transport**=[*value*]]
-[**--help**|**-h**]
-[**--insecure-registry**=[*value*]]
-[**--listen**=[*value*]]
-[**--log**=[*value*]]
-[**--log-format value**]
-[**--log-level value**]
-[**--pause-command**=[*value*]]
-[**--pause-image**=[*value*]]
-[**--registry**=[*value*]]
-[**--root**=[*value*]]
-[**--runroot**=[*value*]]
-[**--runtime**=[*value*]]
-[**--seccomp-profile**=[*value*]]
-[**--selinux**]
-[**--signature-policy**=[*value*]]
-[**--storage-driver**=[*value*]]
-[**--storage-opt**=[*value*]]
-[**--version**|**-v**]
-
-# DESCRIPTION
-OCI-based implementation of Kubernetes Container Runtime Interface Daemon
-
-crio is meant to provide an integration path between OCI conformant runtimes and the kubelet. Specifically, it implements the Kubelet Container Runtime Interface (CRI) using OCI conformant runtimes. The scope of crio is tied to the scope of the CRI.
-
- * Support multiple image formats including the existing Docker image format
- * Support for multiple means to download images including trust & image verification
- * Container image management (managing image layers, overlay filesystems, etc)
- * Container process lifecycle management
- * Monitoring and logging required to satisfy the CRI
- * Resource isolation as required by the CRI
-
-**crio [GLOBAL OPTIONS]**
-
-**crio [GLOBAL OPTIONS] config [OPTIONS]**
-
-# GLOBAL OPTIONS
-
-**--apparmor_profile**=""
- Name of the apparmor profile to be used as the runtime's default (default: "crio-default")
-
-**--cgroup-manager**=""
- cgroup manager (cgroupfs or systemd)
-
-**--config**=""
- path to configuration file
-
-**--conmon**=""
- path to the conmon executable (default: "/usr/local/libexec/crio/conmon")
-
-**--cpu-profile**=""
-set the CPU profile file path
-
-**--default-transport**
- A prefix to prepend to image names that can't be pulled as-is.
-
-**--help, -h**
- Print usage statement
-
-**--insecure-registry=**
- Enable insecure registry communication, i.e., enable un-encrypted
- and/or untrusted communication.
-
- List of insecure registries can contain an element with CIDR notation
- to specify a whole subnet. Insecure registries accept HTTP and/or
- accept HTTPS with certificates from unknown CAs.
-
- Enabling --insecure-registry is useful when running a local registry.
- However, because its use creates security vulnerabilities it should
- ONLY be enabled for testing purposes. For increased security, users
- should add their CA to their system's list of trusted CAs instead of
- using --insecure-registry.
-
-**--image-volumes**=""
- Image volume handling ('mkdir', 'bind' or 'ignore') (default: "mkdir")
- mkdir: A directory is created inside the container root filesystem for the volumes.
- bind: A directory is created inside container state directory and bind mounted into
- the container for the volumes.
- ignore: All volumes are just ignored and no action is taken.
-
-**--listen**=""
- Path to CRI-O socket (default: "/var/run/crio.sock")
-
-**--log**=""
- Set the log file path where internal debug information is written
-
-**--log-format**=""
- Set the format used by logs ('text' (default), or 'json') (default: "text")
-
-**--log-level**=""
- log crio messages above specified level: debug, info (default), warn, error, fatal or panic
-
-**--log-size-max**=""
- Maximum log size in bytes for a container (default: -1 (no limit)).
- If it is positive, it must be >= 8192 (to match/exceed conmon read buffer).
-
-**--pause-command**=""
- Path to the pause executable in the pause image (default: "/pause")
-
-**--pause-image**=""
- Image which contains the pause executable (default: "kubernetes/pause")
-
-**--pids-limit**=""
- Maximum number of processes allowed in a container (default: 1024)
-
-**--root**=""
- The crio root dir (default: "/var/lib/containers/storage")
-
-**--registry**=""
- Registry host which will be prepended to unqualified images, can be specified multiple times
-
-**--runroot**=""
- The crio state dir (default: "/var/run/containers/storage")
-
-**--runtime**=""
- OCI runtime path (default: "/usr/bin/runc")
-
-**--selinux**=*true*|*false*
- Enable selinux support (default: false)
-
-**--seccomp-profile**=""
- Path to the seccomp json profile to be used as the runtime's default (default: "/etc/crio/seccomp.json")
-
-**--signature-policy**=""
- Path to the signature policy json file (default: "", to use the system-wide default)
-
-**--storage-driver**
- OCI storage driver (default: "devicemapper")
-
-**--storage-opt**
- OCI storage driver option (no default)
-
-**--cni-config-dir**=""
- CNI configuration files directory (default: "/etc/cni/net.d/")
-
-**--cni-plugin-dir**=""
- CNI plugin binaries directory (default: "/opt/cni/bin/")
-
-**--cpu-profile**
- Set the CPU profile file path
-
-**--version, -v**
- Print the version
-
-# COMMANDS
-CRI-O's default command is to start the daemon. However, it currently offers a
-single additional subcommand.
-
-## config
-
-Outputs a commented version of the configuration file that would've been used
-by CRI-O. This allows you to save you current configuration setup and then load
-it later with **--config**. Global options will modify the output.
-
-**--default**
- Output the default configuration (without taking into account any configuration options).
-
-# SEE ALSO
-crio.conf(5)
-
-# HISTORY
-Sept 2016, Originally compiled by Dan Walsh <dwalsh@redhat.com> and Aleksa Sarai <asarai@suse.de>
diff --git a/docs/crio.conf.5.md b/docs/crio.conf.5.md
deleted file mode 100644
index 32cac7a4d..000000000
--- a/docs/crio.conf.5.md
+++ /dev/null
@@ -1,159 +0,0 @@
-% crio.conf(5) Open Container Initiative Daemon
-% Aleksa Sarai
-% OCTOBER 2016
-
-# NAME
-crio.conf - CRI-O configuration file
-
-# DESCRIPTION
-The CRI-O configuration file specifies all of the available command-line options
-for the crio(8) program, but in a TOML format that can be more easily modified
-and versioned.
-
-# FORMAT
-The [TOML format][toml] is used as the encoding of the configuration file.
-Every option and subtable listed here is nested under a global "crio" table.
-No bare options are used. The format of TOML can be simplified to:
-
- [table]
- option = value
-
- [table.subtable1]
- option = value
-
- [table.subtable2]
- option = value
-
-## CRIO TABLE
-
-The `crio` table supports the following options:
-
-
-**root**=""
- CRIO root dir (default: "/var/lib/containers/storage")
-
-**runroot**=""
- CRIO state dir (default: "/var/run/containers/storage")
-
-**storage_driver**=""
- CRIO storage driver (default is "overlay")
-
-Note:
- **overlay** and **overlay2** are the same driver
-
-
-**storage_option**=[]
- CRIO storage driver option list (no default)
-
- Values:
-
- "STORAGE_DRIVER.imagestore=/PATH",
-
- Paths to additional container image stores. These are read/only and are usually stored on remote network shares, based on overlay storage format.
- storage_option=[ "overlay.imagestore=/mnt/overlay", ]
-
- "STORAGE_DRIVER.size=SIZE"
-
- Maximum size of a container image. Default is 10GB. The size flag sets quota on the size of container images.
- storage_option=[ "overlay.size=1G", ]
-
-Note: Not all drivers support all options.
-
-Note: In order to use the **size** option for quota on *overlay* storage you must use the *xfs* file system. The mount point that the *overlay* file system must be setup with the *pquota* flag at mount time. If you are setting up / to be used with quota, you have to modify the linux boot line in /etc/grubq2.conf and add the rootflags=pquota flag.
-
-Example:
- linux16 /vmlinuz-4.12.13-300.fc26.x86_64 root=/dev/mapper/fedora-root ro rd.lvm.lv=fedora/root rd.lvm.lv=fedora/swap rhgb quiet LANG=en_US.UTF-8 rootflags=pquota
-
-
-## CRIO.API TABLE
-
-**listen**=""
- Path to crio socket (default: "/var/run/crio.sock")
-
-## CRIO.RUNTIME TABLE
-
-**conmon**=""
- Path to the conmon executable (default: "/usr/local/libexec/crio/conmon")
-
-**conmon_env**=[]
- Environment variable list for conmon process (default: ["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",])
-
-**log_size_max**=""
- Maximum sized allowed for the container log file (default: -1)
- Negative numbers indicate that no size limit is imposed.
- If it is positive, it must be >= 8192 (to match/exceed conmon read buffer).
- The file is truncated and re-opened so the limit is never exceeded.
-
-**pids_limit**=""
- Maximum number of processes allowed in a container (default: 1024)
-
-**runtime**=""
- OCI runtime path (default: "/usr/bin/runc")
-
-**selinux**=*true*|*false*
- Enable selinux support (default: false)
-
-**signature_policy**=""
- Path to the signature policy json file (default: "", to use the system-wide default)
-
-**seccomp_profile**=""
- Path to the seccomp json profile to be used as the runtime's default (default: "/etc/crio/seccomp.json")
-
-**apparmor_profile**=""
- Name of the apparmor profile to be used as the runtime's default (default: "crio-default")
-
-**no_pivot**=*true*|*false*
- Instructs the runtime to not use pivot_root, but instead use MS_MOVE
-
-**default_mounts**=[]
- List of mount points, in the form host:container, to be mounted in every container
-
-## CRIO.IMAGE TABLE
-
-**default_transport**
- A prefix to prepend to image names that can't be pulled as-is (default: "docker://")
-
-**image_volumes**=""
- Image volume handling ('mkdir', 'bind' or 'ignore') (default: "mkdir")
- mkdir: A directory is created inside the container root filesystem for the volumes.
- bind: A directory is created inside container state directory and bind mounted into
- the container for the volumes.
- ignore: All volumes are just ignored and no action is taken.
-
-**insecure_registries**=""
- Enable insecure registry communication, i.e., enable un-encrypted
- and/or untrusted communication.
-
- List of insecure registries can contain an element with CIDR notation
- to specify a whole subnet. Insecure registries accept HTTP and/or
- accept HTTPS with certificates from unknown CAs.
-
- Enabling --insecure-registry is useful when running a local registry.
- However, because its use creates security vulnerabilities it should
- ONLY be enabled for testing purposes. For increased security, users
- should add their CA to their system's list of trusted CAs instead of
- using --insecure-registry.
-
-**pause_command**=""
- Path to the pause executable in the pause image (default: "/pause")
-
-**pause_image**=""
- Image which contains the pause executable (default: "kubernetes/pause")
-
-**registries**=""
- Comma separated list of registries that will be prepended when pulling
- unqualified images
-
-## CRIO.NETWORK TABLE
-
-**network_dir**=""
- Path to CNI configuration files (default: "/etc/cni/net.d/")
-
-**plugin_dir**=""
- Path to CNI plugin binaries (default: "/opt/cni/bin/")
-
-# SEE ALSO
-crio(8)
-
-# HISTORY
-Oct 2016, Originally compiled by Aleksa Sarai <asarai@suse.de>