diff options
Diffstat (limited to 'test/e2e/config')
| -rw-r--r-- | test/e2e/config/containers-caps.conf | 17 | ||||
| -rw-r--r-- | test/e2e/config/containers-ns.conf | 24 | ||||
| -rw-r--r-- | test/e2e/config/containers.conf | 50 |
3 files changed, 91 insertions, 0 deletions
diff --git a/test/e2e/config/containers-caps.conf b/test/e2e/config/containers-caps.conf new file mode 100644 index 000000000..7b964e4a7 --- /dev/null +++ b/test/e2e/config/containers-caps.conf @@ -0,0 +1,17 @@ +[containers] + +# List of default capabilities for containers. If it is empty or commented out, +# the default capabilities defined in the container engine will be added. +# +default_capabilities = [ + "CHOWN", + "DAC_OVERRIDE", + "FOWNER", + "FSETID", + "KILL", + "MKNOD", + "NET_BIND_SERVICE", + "SETGID", + "SETPCAP", + "SETUID", +] diff --git a/test/e2e/config/containers-ns.conf b/test/e2e/config/containers-ns.conf new file mode 100644 index 000000000..d2cf5b03f --- /dev/null +++ b/test/e2e/config/containers-ns.conf @@ -0,0 +1,24 @@ +[containers] + +pidns = "host" +netns = "host" +ipcns = "host" +utsns = "host" +userns = "host" +cgroupns = "host" + +# List of default capabilities for containers. If it is empty or commented out, +# the default capabilities defined in the container engine will be added. +# +default_capabilities = [ + "CHOWN", + "DAC_OVERRIDE", + "FOWNER", + "FSETID", + "KILL", + "MKNOD", + "NET_BIND_SERVICE", + "SETGID", + "SETPCAP", + "SETUID", +] diff --git a/test/e2e/config/containers.conf b/test/e2e/config/containers.conf new file mode 100644 index 000000000..55d18f5e8 --- /dev/null +++ b/test/e2e/config/containers.conf @@ -0,0 +1,50 @@ +[containers] + +# A list of ulimits to be set in containers by default, specified as +# "<ulimit name>=<soft limit>:<hard limit>", for example: +# "nofile=1024:2048" +# See setrlimit(2) for a list of resource names. +# Any limit not specified here will be inherited from the process launching the +# container engine. +# Ulimits has limits for non privileged container engines. +# +default_ulimits = [ + "nofile=500:500", +] + +# Environment variable list for the conmon process; used for passing necessary +# environment variables to conmon or the runtime. +# +env = [ + "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", + "foo=bar", +] + +# container engines use container separation using MAC(SELinux) labeling. +# Flag is ignored on label disabled systems. +# +label = true + +# Size of /dev/shm. Specified as <number><unit>. +# Unit is optional, values: +# b (bytes), k (kilobytes), m (megabytes), or g (gigabytes). +# If the unit is omitted, the system uses bytes. +# +shm_size = "201k" + +# List of devices. Specified as +# "<device-on-host>:<device-on-container>:<permissions>", for example: +# "/dev/sdc:/dev/xvdc:rwm". +# If it is empty or commented out, only the default devices will be used +# +devices = [ + "/dev/zero:/dev/notone,rwm", +] + +default_sysctls = [ + "net.ipv4.ping_group_range=0 1000", +] + +dns_searches=[ "foobar.com", ] +dns_servers=[ "1.2.3.4", ] +dns_options=[ "debug", ] |