github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-20 17:49:10 +00:00
Code Issues Projects Releases Wiki Activity

landlock: example yml

Browse Source 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
This commit is contained in:
Riyaz Faizullabhoy 2017-04-09 12:09:06 -07:00
parent b95ca1b358
commit 3aead78f36
1 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
projects/landlock/landlock.yml Normal file
View File

@ -0,0 +1,31 @@
kernel:
image: "mobylinux/kernel-landlock:4.9.x"
cmdline: "console=ttyS0 page_poison=1"
init:
- mobylinux/init:4a731380d1d9b29472c7de165a1cdf93136ab1e7
- mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9
- mobylinux/containerd:c7f6ecdcbcb615a53edee556ba03c7c873bc8488
- mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
onboot:
- name: sysctl
image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"
net: host
pid: host
ipc: host
capabilities:
- CAP_SYS_ADMIN
readonly: true
services:
- name: rngd
image: "mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9@sha256:1c93c1db7196f6f71f8e300bc1d15f0376dd18e8891c8789d77c8ff19f3a9a92"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
files:
- path: etc/docker/daemon.json
contents: '{"debug": true}'
outputs:
- format: kernel+initrd
- format: iso-bios
- format: iso-efi