# This is a blueprint for building the open source components of Docker for Mac
kernel:
  image: linuxkit/kernel:4.9.61
  cmdline: "console=ttyS0 page_poison=1"
init:
  - linuxkit/vpnkit-expose-port:15c56c57ac9a7adeec20b34f36f2bc165c347679 # install vpnkit-expose-port and vpnkit-iptables-wrapper on host
  - linuxkit/init:42a92119e1ca10380e0d33e26c0cbcf85b9b3558
  - linuxkit/runc:1b0741d07949c0acc444cd6a04ee7f833443579d
  - linuxkit/containerd:bfb61cc1d26c39cd4b2bc08f7a9963fefa0ef3bf
  - linuxkit/ca-certificates:af4880e78edc28743f7c5e262678c67c6add4c26
onboot:
  # support metadata for optional config in /var/config
  - name: metadata
    image: linuxkit/metadata:026aca5c08c22589a7e319f79449bef2c65f04c5
  - name: sysctl
    image: linuxkit/sysctl:a9ad57ed738a31ea9380cd73236866c312b35489
  - name: sysfs
    image: linuxkit/sysfs:5367b46211882278b84a9e8048855ca5df65beda
  - name: binfmt
    image: linuxkit/binfmt:742781d22fe851e7a1c589fc8d1cf3bd4e264b22
  # Format and mount the disk image in /var/lib/docker
  - name: format
    image: linuxkit/format:10e75e78e1f134d310c62e9a0352df1c67b0dd81
  - name: mount
    image: linuxkit/mount:41685ecc8039643948e5dff46e17584753469a7a
    command: ["/usr/bin/mountie", "/var/lib"]
  # make a swap file on the mounted disk
  - name: swap
    image: linuxkit/swap:25a2f13110585f3d964a8191fa3a84de51dbb8fd
    command: ["/swap.sh", "--path", "/var/lib/swap", "--size", "1024M"]
  # mount-vpnkit mounts the 9p share used by vpnkit to coordinate port forwarding
  - name: mount-vpnkit
    image: alpine:3.6
    binds:
        - /var/:/host_var:rbind,rshared
    capabilities:
        - CAP_SYS_ADMIN
    rootfsPropagation: shared
    command: ["sh", "-c", "mkdir -p /host_var/vpnkit/port && mount -v -t 9p -o trans=virtio,dfltuid=1001,dfltgid=50,version=9p2000 port /host_var/vpnkit"]
  # move logs to the mounted disk (this is a temporary fix until we can limit the log sizes)
  - name: move-logs
    image: alpine:3.6
    binds:
        - /var:/host_var
    command: ["sh", "-c", "mv -v /host_var/log /host_var/lib && ln -vs /var/lib/log /host_var/log"]
  - name: dhcpcd
    image: linuxkit/dhcpcd:48831507404049660b960e4055f544917d90378e
    command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
  # Enable acpi to shutdown on power events
  - name: acpid
    image: linuxkit/acpid:168f871c7211c9d5e96002d53cb497b26e2d622b
  # Enable getty for easier debugging
  - name: getty
    image: linuxkit/getty:6af22c32c98536a79230eef000e9abd06b037faa
    env:
        - INSECURE=true
  # Run ntpd to keep time synchronised in the VM
  - name: ntpd
    image: linuxkit/openntpd:07a80c3e3e816658318ac027e1253ff9a228b8de
  # VSOCK to unix domain socket forwarding. Forwards guest /var/run/docker.sock
  # to a socket on the host.
  - name: vsudd
    image: linuxkit/vsudd:26f6a75d35f05b6bbd7d9a2d67c843b7003b3e05
    binds:
        - /var/run:/var/run
    command: ["/vsudd", "-inport", "2376:unix:/var/run/docker.sock"]
  # vpnkit-forwarder forwards network traffic to/from the host via VSOCK port 62373. 
  # It needs access to the vpnkit 9P coordination share 
  - name: vpnkit-forwarder
    image: linuxkit/vpnkit-forwarder:c7e61d9250de0b21455dc5c8bb885bd8faa31621
    binds:
        - /var/vpnkit:/port
    net: host
    command: ["/vpnkit-forwarder", "-vsockPort", "62373"]
  # Monitor for image deletes and invoke a TRIM on the container filesystem
  - name: trim-after-delete
    image: linuxkit/trim-after-delete:9ae85973d9f2516a75ff855705ddf513c031c425
  # When the host resumes from sleep, force a clock resync
  - name: host-timesync-daemon
    image: linuxkit/host-timesync-daemon:2423a4014d9425a7f9820a85db808686cfa48e4a

trust:
    org:
        - linuxkit