@ -1,17 +1,60 @@
#https://github.com/containers/common/blob/main/pkg/config/containers.conf
[containers]
[containers]
netns="private"
#annotations = []
#apparmor_profile = "container-default"
cgroupns = "private"
cgroups = "enabled"
netns = "private"
#pidns = "private"
#rootless_networking = "slirp4netns"
#seccomp_profile = "/usr/share/containers/seccomp.json"
#shm_size = "65536k"
default_capabilities = [
"CHOWN",
"DAC_OVERRIDE",
"FOWNER",
"FSETID",
"KILL",
"NET_BIND_SERVICE",
"SETFCAP",
"SETGID",
"SETPCAP",
"SETUID",
"SYS_CHROOT"
]
default_sysctls = [
"net.ipv4.ping_group_range=0 0",
]
[network]
[network]
cni_plugin_dir="/usr/lib/cni"
network_config_dir="/etc/cni/net.d/"
default_network="podman"
cni_plugin_dirs = [
"/usr/lib/cni"
]
network_config_dir = "/etc/cni/net.d/"
default_network = "podman"
[engine]
[engine]
runtime="/usr/bin/crun"
# runtime="/usr/sbin/runc"
# runtime="/sbin/uxc"
# runtime_supports_nocgroups = ["crun", "uxc"]
# runtime_supports_json = ["crun", "runc", "kata", "uxc"]
cgroup_manager = "cgroupfs"
events_logger = "none"
#image_default_transport = "docker://"
#image_parallel_copies = 0
#infra_command = "/pause"
#infra_image = "k8s.gcr.io/pause:3.4.1"
#lock_type** = "shm"
#namespace = ""
#network_cmd_path = ""
runtime = "crun"
# runtime = "runc"
# runtime = "uxc"
runtime_supports_json = ["crun", "runc", "kata", "uxc"]
#runtime_supports_kvm = ["kata", "krun"]
#runtime_supports_nocgroups = ["crun", "krun", "uxc"]
#static_dir = "/var/lib/containers/storage/libpod"
[engine.runtimes]
[engine.runtimes]
crun = [
crun = [
@ -25,3 +68,9 @@ runc = [
uxc = [
uxc = [
"/sbin/uxc",
"/sbin/uxc",
]
]
[machine]
#cpus = 1
#disk_size = 10
#image = "testing"
#memory = 2048