1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
[containers]
# A list of ulimits to be set in containers by default, specified as
# "<ulimit name>=<soft limit>:<hard limit>", for example:
# "nofile=1024:2048"
# See setrlimit(2) for a list of resource names.
# Any limit not specified here will be inherited from the process launching the
# container engine.
# Ulimits has limits for non privileged container engines.
#
default_ulimits = [
"nofile=500:500",
]
# Environment variable list for the conmon process; used for passing necessary
# environment variables to conmon or the runtime.
#
env = [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"foo=bar",
]
# container engines use container separation using MAC(SELinux) labeling.
# Flag is ignored on label disabled systems.
#
label = true
# Size of /dev/shm. Specified as <number><unit>.
# Unit is optional, values:
# b (bytes), k (kilobytes), m (megabytes), or g (gigabytes).
# If the unit is omitted, the system uses bytes.
#
shm_size = "201k"
# List of devices. Specified as
# "<device-on-host>:<device-on-container>:<permissions>", for example:
# "/dev/sdc:/dev/xvdc:rwm".
# If it is empty or commented out, only the default devices will be used
#
devices = [
"/dev/zero:/dev/notone:rwm",
]
default_sysctls = [
"net.ipv4.ping_group_range=0 1000",
]
dns_searches=[ "foobar.com", ]
dns_servers=[ "1.2.3.4", ]
dns_options=[ "debug", ]
tz = "Pacific/Honolulu"
umask = "0002"
[engine]
network_cmd_options=["allow_host_loopback=true"]
|
