kernel:
  image: "mobylinux/kernel:4.9.x"
  cmdline: "console=ttyS0 page_poison=1"
init:
  - mobylinux/init:61a72fa20b9b9be269fe6b2b6360031f2cb897a7 # base init + strace + git
  - mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9
  - mobylinux/containerd:18eaf72f3f4f9a9f29ca1951f66df701f873060b
  - mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
onboot:
  - name: sysctl
    image: linuxkit/sysctl:1f5ec5d5e6f7a7a1b3d2ff9dd9e36fd6fb14756a
    net: host
    pid: host
    ipc: host
    capabilities:
     - CAP_SYS_ADMIN
    readonly: true
  - name: binfmt
    image: linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd
    binds:
     - /proc/sys/fs/binfmt_misc:/binfmt_misc
    readonly: true
services:
  - name: rngd
    image: mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9
    capabilities:
     - CAP_SYS_ADMIN
    oomScoreAdj: -800
    readonly: true
  - name: dhcp-client
    image: mobylinux/dhcp-client:a7a6b49b0ff51ffa2f44ac848cd649e29f946e0c
    net: host
    capabilities:
     - CAP_NET_ADMIN # to bring eth0 up
     - CAP_NET_RAW   # to read /dev/eth0
     - CAP_SYS_ADMIN # for runc (unshare)
     - CAP_SETGID    # for runc (setns)
    mounts: # for runc
     - type: cgroup
       options: ["rw","nosuid","noexec","nodev","relatime"]
    binds:
     - /var/run/dhcp-client:/data
     - /usr/bin/runc:/usr/bin/runc # for runc
     - /run/runc:/run/runc         # for runc
     - /sbin:/sbin   # for ifconfig
     - /bin:/bin     # for ifconfig
     - /lib:/lib     # for ifconfig
files:
  - path: /var/run/dhcp-client/README
    contents: 'data for dhcp-client'
outputs:
  - format: kernel+initrd
  - format: iso-bios
  - format: iso-efi