image: test-containerd
config:
  capabilities:
    - all
  tmpfs:
    - /tmp
  binds:
    - /dev:/dev
    - /var/lib:/var/lib
    - /etc/resolv.conf:/etc/resolv.conf
    - /usr/bin/runc:/usr/bin/runc
    - /usr/bin/containerd:/usr/bin/containerd
  devices:
    # all block and character devices
    - path: all
      type: b
    - path: all
      type: c
  mounts:
    - type: cgroup
      options: ["rw","nosuid","noexec","nodev","relatime"]