mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-10-31 19:30:49 +00:00
120 lines
3.2 KiB
YAML
120 lines
3.2 KiB
YAML
kernel:
|
|
image: "linuxkit/kernel:4.9.x"
|
|
cmdline: "console=ttyS0 console=tty0 page_poison=1"
|
|
init:
|
|
- linuxkit/init:63eed9ca7a09d2ce4c0c5e7238ac005fa44f564b
|
|
- linuxkit/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9
|
|
- linuxkit/containerd:18eaf72f3f4f9a9f29ca1951f66df701f873060b
|
|
- linuxkit/ca-certificates:5fc6ba7f91534ddbfef975404c33e44581e6ed7a
|
|
onboot:
|
|
- name: sysctl
|
|
image: "linuxkit/sysctl:1f5ec5d5e6f7a7a1b3d2ff9dd9e36fd6fb14756a"
|
|
net: host
|
|
pid: host
|
|
ipc: host
|
|
capabilities:
|
|
- CAP_SYS_ADMIN
|
|
readonly: true
|
|
- name: sysfs
|
|
image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c
|
|
- name: binfmt
|
|
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd"
|
|
binds:
|
|
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
|
readonly: true
|
|
- name: format
|
|
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e"
|
|
binds:
|
|
- /dev:/dev
|
|
capabilities:
|
|
- CAP_SYS_ADMIN
|
|
- CAP_MKNOD
|
|
- name: mounts
|
|
image: "linuxkit/kubernetes:latest-mounts"
|
|
capabilities:
|
|
- all
|
|
pid: host
|
|
rootfsPropagation: shared
|
|
binds:
|
|
- /dev:/dev
|
|
- /var:/var:rshared,rbind
|
|
services:
|
|
- name: rngd
|
|
image: "linuxkit/rngd:f5e5be43e730ea819c3293d5c6dcbfa7f4c5c314"
|
|
capabilities:
|
|
- CAP_SYS_ADMIN
|
|
oomScoreAdj: -800
|
|
readonly: true
|
|
- name: dhcpcd
|
|
image: "linuxkit/dhcpcd:0d4012269cb142972fed8542fbdc3ff5a7b695cd"
|
|
binds:
|
|
- /var:/var
|
|
- /tmp/etc:/etc
|
|
capabilities:
|
|
- CAP_NET_ADMIN
|
|
- CAP_NET_BIND_SERVICE
|
|
- CAP_NET_RAW
|
|
net: host
|
|
oomScoreAdj: -800
|
|
- name: ntpd
|
|
image: "linuxkit/openntpd:a570316d7fc49ca1daa29bd945499f4963d227af"
|
|
capabilities:
|
|
- CAP_SYS_TIME
|
|
- CAP_SYS_NICE
|
|
- CAP_SYS_CHROOT
|
|
- CAP_SETUID
|
|
- CAP_SETGID
|
|
net: host
|
|
- name: sshd
|
|
image: "linuxkit/sshd:e108d208adf692c8a0954f602743e0eec445364e"
|
|
capabilities:
|
|
- all
|
|
net: host
|
|
pid: host
|
|
binds:
|
|
- /root/.ssh:/root/.ssh
|
|
- name: docker
|
|
image: "linuxkit/docker-ce:741bf21513328f674e0cdcaa55492b0b75974e08"
|
|
capabilities:
|
|
- all
|
|
net: host
|
|
pid: host
|
|
mounts:
|
|
- type: cgroup
|
|
options: ["rw","nosuid","noexec","nodev","relatime"]
|
|
binds:
|
|
- /dev:/dev
|
|
- /lib/modules:/lib/modules
|
|
- /var:/var:rshared,rbind
|
|
- /var/lib/kubeadm:/etc/kubernetes
|
|
- /etc/cni:/etc/cni:rshared,rbind
|
|
- /opt/cni:/opt/cni:rshared,rbind
|
|
rootfsPropagation: shared
|
|
- name: kubernetes-image-cache-common
|
|
image: "linuxkit/kubernetes:latest-image-cache-common"
|
|
binds:
|
|
- /var/run:/var/run
|
|
- name: kubelet
|
|
image: "linuxkit/kubernetes:latest"
|
|
capabilities:
|
|
- all
|
|
net: host
|
|
pid: host
|
|
mounts:
|
|
- type: cgroup
|
|
options: ["rw","nosuid","noexec","nodev","relatime"]
|
|
binds:
|
|
- /dev:/dev
|
|
- /var:/var:rshared,rbind
|
|
- /var/lib/kubeadm:/etc/kubernetes
|
|
- /etc/cni:/rootfs/etc/cni:rshared,rbind
|
|
- /opt/cni:/rootfs/opt/cni:rshared,rbind
|
|
rootfsPropagation: shared
|
|
files:
|
|
- path: root/.ssh/authorized_keys
|
|
contents: '# Your ssh key goes here'
|
|
- {path: etc/cni, directory: true}
|
|
- {path: opt/cni, directory: true}
|
|
outputs:
|
|
- format: kernel+initrd
|