kernel:
  image: "linuxkit/kernel:4.9.x"
  cmdline: "console=ttyS0 page_poison=1"
init:
  - linuxkit/init:cbd7ae748f0a082516501a3e914fa0c924ee941e
  - linuxkit/runc:24dfe632ed3ff53a026ee3fac046fd544434e2d6
  - linuxkit/containerd:1c71f95fa36040ea7e987deb98a7a2a363853f01
  - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4
onboot:
  - name: sysctl
    image: "linuxkit/sysctl:13a37b8d38fbec34d8c7d3bd4dadb57c9f92c94c"
  - name: dhcpcd
    image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0"
    binds:
     - /var:/var
     - /tmp/etc:/etc
    capabilities:
     - CAP_NET_ADMIN
     - CAP_NET_BIND_SERVICE
     - CAP_NET_RAW
    net: host
    command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
  - name: metadata
    image: "linuxkit/metadata:a810b68fec9c9282cf096eed50605ddd6b2f3142"
    binds:
     - /dev:/dev
     - /var:/var
     - /tmp/etc/resolv.conf:/etc/resolv.conf
    net: host
    capabilities:
     - CAP_SYS_ADMIN
services:
  - name: rngd
    image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0"
    capabilities:
     - CAP_SYS_ADMIN
    oomScoreAdj: -800
    readonly: true
  - name: sshd
    image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf"
    capabilities:
     - all
    net: host
    pid: host
    binds:
     - /var/config/ssh/authorized_keys:/root/.ssh/authorized_keys
     - /tmp/etc/resolv.conf:/etc/resolv.conf
  - name: nginx
    image: "nginx:alpine"
    capabilities:
     - CAP_NET_BIND_SERVICE
     - CAP_CHOWN
     - CAP_SETUID
     - CAP_SETGID
     - CAP_DAC_OVERRIDE
    net: host
trust:
  image:
    - linuxkit/kernel
    - linuxkit/rngd
outputs:
  - format: kernel+initrd
  - format: gcp-img