diff options
Diffstat (limited to 'libpod.conf')
| -rw-r--r-- | libpod.conf | 181 |
1 files changed, 0 insertions, 181 deletions
diff --git a/libpod.conf b/libpod.conf deleted file mode 100644 index 1bc31eb4c..000000000 --- a/libpod.conf +++ /dev/null @@ -1,181 +0,0 @@ -# libpod.conf is the default configuration file for all tools using libpod to -# manage containers - -# Default transport method for pulling and pushing for images -image_default_transport = "docker://" - -# Paths to look for the conmon container manager binary. -# If the paths are empty or no valid path was found, then the `$PATH` -# environment variable will be used as the fallback. -conmon_path = [ - "/usr/libexec/podman/conmon", - "/usr/local/libexec/podman/conmon", - "/usr/local/lib/podman/conmon", - "/usr/bin/conmon", - "/usr/sbin/conmon", - "/usr/local/bin/conmon", - "/usr/local/sbin/conmon", - "/run/current-system/sw/bin/conmon", -] - -# Environment variables to pass into conmon -conmon_env_vars = [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" -] - -# CGroup Manager - valid values are "systemd" and "cgroupfs" -cgroup_manager = "systemd" - -# Container init binary -#init_path = "/usr/libexec/podman/catatonit" - -# Directory for persistent libpod files (database, etc) -# By default, this will be configured relative to where containers/storage -# stores containers -# Uncomment to change location from this default -#static_dir = "/var/lib/containers/storage/libpod" - -# Directory for temporary files. Must be tmpfs (wiped after reboot) -tmp_dir = "/var/run/libpod" - -# Maximum size of log files (in bytes) -# -1 is unlimited -max_log_size = -1 - -# Whether to use chroot instead of pivot_root in the runtime -no_pivot_root = false - -# Directory containing CNI plugin configuration files -cni_config_dir = "/etc/cni/net.d/" - -# Directories where the CNI plugin binaries may be located -cni_plugin_dir = [ - "/usr/libexec/cni", - "/usr/lib/cni", - "/usr/local/lib/cni", - "/opt/cni/bin" -] - -# Default CNI network for libpod. -# If multiple CNI network configs are present, libpod will use the network with -# the name given here for containers unless explicitly overridden. -# The default here is set to the name we set in the -# 87-podman-bridge.conflist included in the repository. -# Not setting this, or setting it to the empty string, will use normal CNI -# precedence rules for selecting between multiple networks. -cni_default_network = "podman" - -# Default libpod namespace -# If libpod is joined to a namespace, it will see only containers and pods -# that were created in the same namespace, and will create new containers and -# pods in that namespace. -# The default namespace is "", which corresponds to no namespace. When no -# namespace is set, all containers and pods are visible. -#namespace = "" - -# Default infra (pause) image name for pod infra containers -infra_image = "k8s.gcr.io/pause:3.2" - -# Default command to run the infra container -infra_command = "/pause" - -# Determines whether libpod will reserve ports on the host when they are -# forwarded to containers. When enabled, when ports are forwarded to containers, -# they are held open by conmon as long as the container is running, ensuring that -# they cannot be reused by other programs on the host. However, this can cause -# significant memory usage if a container has many ports forwarded to it. -# Disabling this can save memory. -#enable_port_reservation = true - -# Default libpod support for container labeling -# label=true - -# The locking mechanism to use -lock_type = "shm" - -# Number of locks available for containers and pods. -# If this is changed, a lock renumber must be performed (e.g. with the -# 'podman system renumber' command). -num_locks = 2048 - -# Directory for libpod named volumes. -# By default, this will be configured relative to where containers/storage -# stores containers. -# Uncomment to change location from this default. -#volume_path = "/var/lib/containers/storage/volumes" - -# Selects which logging mechanism to use for Podman events. Valid values -# are `journald` or `file`. -# events_logger = "journald" - -# Specify the keys sequence used to detach a container. -# Format is a single character [a-Z] or a comma separated sequence of -# `ctrl-<value>`, where `<value>` is one of: -# `a-z`, `@`, `^`, `[`, `\`, `]`, `^` or `_` -# -# detach_keys = "ctrl-p,ctrl-q" - -# Default OCI runtime -runtime = "runc" - -# List of the OCI runtimes that support --format=json. When json is supported -# libpod will use it for reporting nicer errors. -runtime_supports_json = ["crun", "runc"] - -# List of all the OCI runtimes that support --cgroup-manager=disable to disable -# creation of CGroups for containers. -runtime_supports_nocgroups = ["crun"] - -# Paths to look for a valid OCI runtime (runc, runv, etc) -# If the paths are empty or no valid path was found, then the `$PATH` -# environment variable will be used as the fallback. -[runtimes] -runc = [ - "/usr/bin/runc", - "/usr/sbin/runc", - "/usr/local/bin/runc", - "/usr/local/sbin/runc", - "/sbin/runc", - "/bin/runc", - "/usr/lib/cri-o-runc/sbin/runc", - "/run/current-system/sw/bin/runc", -] - -crun = [ - "/usr/bin/crun", - "/usr/sbin/crun", - "/usr/local/bin/crun", - "/usr/local/sbin/crun", - "/sbin/crun", - "/bin/crun", - "/run/current-system/sw/bin/crun", -] - -# Kata Containers is an OCI runtime, where containers are run inside lightweight -# Virtual Machines (VMs). Kata provides additional isolation towards the host, -# minimizing the host attack surface and mitigating the consequences of -# containers breakout. -# Please notes that Kata does not support rootless podman yet, but we can leave -# the paths below blank to let them be discovered by the $PATH environment -# variable. - -# Kata Containers with the default configured VMM -kata-runtime = [ - "/usr/bin/kata-runtime", -] - -# Kata Containers with the QEMU VMM -kata-qemu = [ - "/usr/bin/kata-qemu", -] - -# Kata Containers with the Firecracker VMM -kata-fc = [ - "/usr/bin/kata-fc", -] - -# The [runtimes] table MUST be the last thing in this file. -# (Unless another table is added) -# TOML does not provide a way to end a table other than a further table being -# defined, so every key hereafter will be part of [runtimes] and not the main -# config. |