github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-21 10:09:07 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1884 from rneugeba/cfg

Browse Source 
Add moby config label to common packages
This commit is contained in:
Rolf Neugebauer 2017-05-23 16:38:20 +01:00 committed by GitHub
commit 72ad8ac3a3
24 changed files with 43 additions and 294 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
examples/docker.yml
View File

@ -12,10 +12,7 @@ onboot:
- name: sysfs - name: sysfs
image: linuxkit/sysfs:1cde5876d44117af61dfea629ad922defcd48808 image: linuxkit/sysfs:1cde5876d44117af61dfea629ad922defcd48808
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d"
binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true
- name: format - name: format
image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551" image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551"
binds: binds:
@ -34,22 +31,9 @@ onboot:
command: ["/mount.sh", "/var/lib/docker"] command: ["/mount.sh", "/var/lib/docker"]
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
oomScoreAdj: -800
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37"
capabilities: capabilities:

16
examples/gcp.yml
View File

@ -10,15 +10,7 @@ onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata - name: metadata
image: "linuxkit/metadata:a810b68fec9c9282cf096eed50605ddd6b2f3142" image: "linuxkit/metadata:a810b68fec9c9282cf096eed50605ddd6b2f3142"
@ -31,11 +23,7 @@ onboot:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: sshd - name: sshd
image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf"
capabilities: capabilities:

10
examples/minimal.yml
View File

@ -7,15 +7,7 @@ init:
- linuxkit/containerd:f1130450206d4f64f0ddc13d15bb68435aa1ff61 - linuxkit/containerd:f1130450206d4f64f0ddc13d15bb68435aa1ff61
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
trust: trust:
image: image:

16
examples/node_exporter.yml
View File

@ -7,21 +7,9 @@ init:
- linuxkit/containerd:f1130450206d4f64f0ddc13d15bb68435aa1ff61 - linuxkit/containerd:f1130450206d4f64f0ddc13d15bb68435aa1ff61
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
oomScoreAdj: -800
- name: node_exporter - name: node_exporter
image: "linuxkit/node_exporter:bdb20b41855d0e2b4edeec44ef569d030ea3cc47" image: "linuxkit/node_exporter:bdb20b41855d0e2b4edeec44ef569d030ea3cc47"
capabilities: capabilities:

16
examples/packet.yml
View File

@ -11,21 +11,9 @@ onboot:
image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64"
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
oomScoreAdj: -800
- name: sshd - name: sshd
image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf"
capabilities: capabilities:

10
examples/redis-os.yml
View File

@ -9,15 +9,7 @@ init:
- linuxkit/containerd:f1130450206d4f64f0ddc13d15bb68435aa1ff61 - linuxkit/containerd:f1130450206d4f64f0ddc13d15bb68435aa1ff61
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services: services:
- name: redis - name: redis

16
examples/sshd.yml
View File

@ -11,21 +11,9 @@ onboot:
image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64"
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
oomScoreAdj: -800
- name: sshd - name: sshd
image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf"
capabilities: capabilities:

19
examples/swap.yml
View File

@ -10,20 +10,9 @@ onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64"
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d"
binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: format - name: format
image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551" image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551"
@ -58,10 +47,6 @@ onboot:
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9" image: "linuxkit/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: nginx - name: nginx
image: "nginx:alpine" image: "nginx:alpine"
capabilities: capabilities:

17
examples/vmware.yml
View File

@ -11,22 +11,9 @@ onboot:
image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64"
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
oomScoreAdj: -800
- name: nginx - name: nginx
image: "nginx:alpine" image: "nginx:alpine"
capabilities: capabilities:

21
linuxkit.yml
View File

@ -10,28 +10,13 @@ onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64"
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d"
binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: nginx - name: nginx
image: "nginx:alpine" image: "nginx:alpine"
capabilities: capabilities:

3
pkg/binfmt/Dockerfile
View File

@ -1,4 +1,4 @@
FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e AS qemu FROM linuxkit/alpine:5f6db26ab7bf6a9c452a612e236cc7495408132b@sha256:d009afc85d0b005daf51c8f3026aa552ab997dc47cab43915e9dc761accae086 AS qemu
RUN apk add \ RUN apk add \
qemu-aarch64 \ qemu-aarch64 \
qemu-arm \ qemu-arm \
@ -18,3 +18,4 @@ COPY --from=qemu usr/bin/qemu-* usr/bin/
COPY --from=build usr/bin/binfmt usr/bin/binfmt COPY --from=build usr/bin/binfmt usr/bin/binfmt
COPY etc/binfmt.d/00_linuxkit.conf etc/binfmt.d/00_linuxkit.conf COPY etc/binfmt.d/00_linuxkit.conf etc/binfmt.d/00_linuxkit.conf
CMD ["/usr/bin/binfmt", "-dir", "/etc/binfmt.d/", "-mount", "/binfmt_misc"] CMD ["/usr/bin/binfmt", "-dir", "/etc/binfmt.d/", "-mount", "/binfmt_misc"]
LABEL org.mobyproject.config='{"binds": ["/proc/sys/fs/binfmt_misc:/binfmt_misc"], "readonly": true}'

3
pkg/dhcpcd/Dockerfile
View File

@ -1,4 +1,4 @@
FROM linuxkit/alpine:6336329f15b4166514782eaa555cf0ffd35c519c@sha256:f6c2ce92910b1d6e4e5557850a554f4a3ae9f66c1e89ad86a24d6c6e550f165e AS mirror FROM linuxkit/alpine:5f6db26ab7bf6a9c452a612e236cc7495408132b@sha256:d009afc85d0b005daf51c8f3026aa552ab997dc47cab43915e9dc761accae086 AS mirror
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --no-cache --initdb -p /out \ RUN apk add --no-cache --initdb -p /out \
alpine-baselayout \ alpine-baselayout \
@ -16,3 +16,4 @@ WORKDIR /
COPY --from=mirror /out/ / COPY --from=mirror /out/ /
COPY /dhcpcd.conf /usr/ / COPY /dhcpcd.conf /usr/ /
CMD ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"] CMD ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"]
LABEL org.mobyproject.config='{"binds": ["/var:/var", "/tmp/etc:/etc"], "net": "host", "capabilities": ["CAP_NET_ADMIN", "CAP_NET_BIND_SERVICE", "CAP_NET_RAW"]}'

3
pkg/rngd/Dockerfile
View File

@ -1,4 +1,4 @@
FROM linuxkit/alpine:dae8bcbc6e2cec0a1cc1958dddbc5d6bd3ccf9a0@sha256:02c251d54c4083a596ead8cae92144306b385db0ff961c95a3a620a4c69961ed AS mirror FROM linuxkit/alpine:5f6db26ab7bf6a9c452a612e236cc7495408132b@sha256:d009afc85d0b005daf51c8f3026aa552ab997dc47cab43915e9dc761accae086 AS mirror
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --no-cache --initdb -p /out \ RUN apk add --no-cache --initdb -p /out \
tini tini
@ -42,3 +42,4 @@ WORKDIR /
COPY --from=mirror /out/ / COPY --from=mirror /out/ /
COPY --from=build usr/sbin/rngd usr/sbin/rngd COPY --from=build usr/sbin/rngd usr/sbin/rngd
CMD ["/sbin/tini", "/usr/sbin/rngd", "-f"] CMD ["/sbin/tini", "/usr/sbin/rngd", "-f"]
LABEL org.mobyproject.config='{"capabilities": ["CAP_SYS_ADMIN"], "oomScoreAdj": -800, "readonly": true}'

14
projects/etcd/etcd.yml
View File

@ -26,15 +26,7 @@ onboot:
rootfsPropagation: shared rootfsPropagation: shared
command: ["/mount.sh", "/var/lib/etcd"] command: ["/mount.sh", "/var/lib/etcd"]
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata - name: metadata
image: "linuxkit/metadata:a810b68fec9c9282cf096eed50605ddd6b2f3142" image: "linuxkit/metadata:a810b68fec9c9282cf096eed50605ddd6b2f3142"
@ -48,10 +40,6 @@ onboot:
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:f5e5be43e730ea819c3293d5c6dcbfa7f4c5c314" image: "linuxkit/rngd:f5e5be43e730ea819c3293d5c6dcbfa7f4c5c314"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37"
capabilities: capabilities:

14
projects/etcd/prom-us-central1-f.yml
View File

@ -10,15 +10,7 @@ onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata - name: metadata
image: "linuxkit/metadata:a810b68fec9c9282cf096eed50605ddd6b2f3142" image: "linuxkit/metadata:a810b68fec9c9282cf096eed50605ddd6b2f3142"
@ -32,10 +24,6 @@ onboot:
services: services:
- name: rngd - name: rngd
image: "mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9" image: "mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: prometheus - name: prometheus
image: "moby/prom-us-central1-f" image: "moby/prom-us-central1-f"
binds: binds:

20
projects/kubernetes/kube-master.yml
View File

@ -12,10 +12,7 @@ onboot:
- name: sysfs - name: sysfs
image: linuxkit/sysfs:1cde5876d44117af61dfea629ad922defcd48808 image: linuxkit/sysfs:1cde5876d44117af61dfea629ad922defcd48808
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d"
binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true
- name: format - name: format
image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551" image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551"
binds: binds:
@ -35,21 +32,8 @@ onboot:
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:f5e5be43e730ea819c3293d5c6dcbfa7f4c5c314" image: "linuxkit/rngd:f5e5be43e730ea819c3293d5c6dcbfa7f4c5c314"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
oomScoreAdj: -800
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37"
capabilities: capabilities:

20
projects/kubernetes/kube-node.yml
View File

@ -12,10 +12,7 @@ onboot:
- name: sysfs - name: sysfs
image: linuxkit/sysfs:1cde5876d44117af61dfea629ad922defcd48808 image: linuxkit/sysfs:1cde5876d44117af61dfea629ad922defcd48808
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d"
binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true
- name: format - name: format
image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551" image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551"
binds: binds:
@ -35,21 +32,8 @@ onboot:
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:f5e5be43e730ea819c3293d5c6dcbfa7f4c5c314" image: "linuxkit/rngd:f5e5be43e730ea819c3293d5c6dcbfa7f4c5c314"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
oomScoreAdj: -800
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37"
capabilities: capabilities:

21
projects/logging/examples/logging.yml
View File

@ -11,28 +11,13 @@ onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64"
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d"
binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: nginx - name: nginx
image: "nginx:alpine" image: "nginx:alpine"
capabilities: capabilities:

4
projects/miragesdk/examples/mirage-dhcp.yml
View File

@ -10,10 +10,6 @@ onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64"
- name: binfmt - name: binfmt
image: linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07
binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true
services: services:
- name: rngd - name: rngd
image: mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9 image: mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9

14
projects/okernel/examples/okernel_simple.yaml
View File

@ -12,20 +12,8 @@ onboot:
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9" image: "linuxkit/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
oomScoreAdj: -800
- name: sshd - name: sshd
image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf"
capabilities: capabilities:

16
projects/swarmd/swarmd.yml
View File

@ -10,15 +10,7 @@ onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: format - name: format
image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551" image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551"
@ -47,11 +39,7 @@ onboot:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37"
capabilities: capabilities:

10
test/cases/000_build/000_outputs/test.yml
View File

@ -7,15 +7,7 @@ init:
- linuxkit/containerd:f1130450206d4f64f0ddc13d15bb68435aa1ff61 - linuxkit/containerd:f1130450206d4f64f0ddc13d15bb68435aa1ff61
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
trust: trust:
image: image:

22
test/cases/030_security/000_docker-bench/test-docker-bench.yml
View File

@ -12,10 +12,7 @@ onboot:
- name: sysfs - name: sysfs
image: "linuxkit/sysfs:1cde5876d44117af61dfea629ad922defcd48808" image: "linuxkit/sysfs:1cde5876d44117af61dfea629ad922defcd48808"
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d"
binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true
- name: format - name: format
image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551" image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551"
binds: binds:
@ -34,22 +31,9 @@ onboot:
command: ["/mount.sh", "/var/lib/docker"] command: ["/mount.sh", "/var/lib/docker"]
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
oomScoreAdj: -800
- name: docker - name: docker
image: "linuxkit/docker-ce:261f93927d85001c65e5ce0f421eb6062f09c0a5" image: "linuxkit/docker-ce:261f93927d85001c65e5ce0f421eb6062f09c0a5"
capabilities: capabilities:

10
test/hack/test.yml
View File

@ -10,15 +10,7 @@ init:
- linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e"
binds:
- /var:/var
- /tmp:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: check-kernel-config - name: check-kernel-config
image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c" image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c"