mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-11-14 03:43:21 +00:00
2c7628c101
This is needed for cloud environments that want to get their metadata in the onboot phase over the network. Signed-off-by: Justin Cormack <justin.cormack@docker.com>
77 lines
2.0 KiB
YAML
77 lines
2.0 KiB
YAML
kernel:
|
|
image: "mobylinux/kernel:4.9.x"
|
|
cmdline: "console=ttyS0 page_poison=1"
|
|
init:
|
|
- mobylinux/init:e10e2efc1b78ef41d196175cbc07e069391f406e
|
|
- mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9
|
|
- mobylinux/containerd:18eaf72f3f4f9a9f29ca1951f66df701f873060b
|
|
- mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
|
|
onboot:
|
|
- name: sysctl
|
|
image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"
|
|
net: host
|
|
pid: host
|
|
ipc: host
|
|
capabilities:
|
|
- CAP_SYS_ADMIN
|
|
readonly: true
|
|
- name: dhcpcd
|
|
image: "mobylinux/dhcpcd:0d4012269cb142972fed8542fbdc3ff5a7b695cd"
|
|
binds:
|
|
- /var:/var
|
|
- /tmp:/etc
|
|
capabilities:
|
|
- CAP_NET_ADMIN
|
|
- CAP_NET_BIND_SERVICE
|
|
- CAP_NET_RAW
|
|
net: host
|
|
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
|
|
- name: metadata-gcp
|
|
image: "mobylinux/metadata-gcp:7fc3dd5ef92e0408fb3f76048bbaae88bbb55ad9"
|
|
binds:
|
|
- /tmp:/etc/ssh
|
|
- /etc/resolv.conf:/etc/resolv.conf
|
|
readonly: true
|
|
net: host
|
|
uts: host
|
|
capabilities:
|
|
- CAP_SYS_ADMIN
|
|
services:
|
|
- name: rngd
|
|
image: "mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9@sha256:1c93c1db7196f6f71f8e300bc1d15f0376dd18e8891c8789d77c8ff19f3a9a92"
|
|
capabilities:
|
|
- CAP_SYS_ADMIN
|
|
oomScoreAdj: -800
|
|
readonly: true
|
|
- name: sshd
|
|
image: "mobylinux/sshd:160631d59fffc13d523ff7f09b3b49538d34b9cd"
|
|
capabilities:
|
|
- all
|
|
net: host
|
|
pid: host
|
|
binds:
|
|
- /tmp/authorized_keys:/root/.ssh/authorized_keys
|
|
- /etc/resolv.conf:/etc/resolv.conf
|
|
- name: nginx
|
|
image: "nginx:alpine"
|
|
capabilities:
|
|
- CAP_NET_BIND_SERVICE
|
|
- CAP_CHOWN
|
|
- CAP_SETUID
|
|
- CAP_SETGID
|
|
- CAP_DAC_OVERRIDE
|
|
net: host
|
|
trust:
|
|
image:
|
|
- mobylinux/kernel
|
|
files:
|
|
- path: etc/docker/daemon.json
|
|
contents: '{"debug": true}'
|
|
outputs:
|
|
- format: kernel+initrd
|
|
- format: gcp
|
|
project: moby
|
|
bucket: mobytestjustin
|
|
family: moby-dev
|
|
replace: true
|