Skip to content

Commit

Permalink
chore(containerd): add CRI config options
Browse files Browse the repository at this point in the history 
See: https://github.com/containerd/containerd/blob/v1.7.15/docs/man/containerd-config.toml.5.md
See: https://github.com/containerd/containerd/blob/v1.7.15/docs/cri/config.md
  • Loading branch information
@spnngl
spnngl committed Apr 12, 2024
1 parent 258899d commit 12ed2f1
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 0 deletions.
6 changes: 6 additions & 0 deletions roles/container-engine/containerd/defaults/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,12 @@ containerd_enable_unprivileged_ports: false
# If enabled it will allow non root users to use icmp sockets
containerd_enable_unprivileged_icmp: false

containerd_enable_selinux: false
containerd_disable_apparmor: false
containerd_tolerate_missing_hugetlb_controller: true
containerd_disable_hugetlb_controller: false
containerd_image_pull_progress_timeout: 5m

containerd_cfg_dir: /etc/containerd

# Extra config to be put in {{ containerd_cfg_dir }}/config.toml literally
Expand Down
5 changes: 5 additions & 0 deletions roles/container-engine/containerd/templates/config.toml.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,11 @@ oom_score = {{ containerd_oom_score }}
max_container_log_line_size = {{ containerd_max_container_log_line_size }}
enable_unprivileged_ports = {{ containerd_enable_unprivileged_ports | lower }}
enable_unprivileged_icmp = {{ containerd_enable_unprivileged_icmp | lower }}
enable_selinux = {{ containerd_enable_selinux | lower }}
disable_apparmor = {{ containerd_disable_apparmor | lower }}
tolerate_missing_hugetlb_controller = {{ containerd_tolerate_missing_hugetlb_controller | lower }}
disable_hugetlb_controller = {{ containerd_disable_hugetlb_controller | lower }}
image_pull_progress_timeout = "{{ containerd_image_pull_progress_timeout }}"
{% if enable_cdi %}
enable_cdi = true
cdi_spec_dirs = ["/etc/cdi", "/var/run/cdi"]
Expand Down

0 comments on commit 12ed2f1

Please sign in to comment.