mirror of
https://github.com/rancher/os.git
synced 2025-10-20 06:54:13 +00:00
337 lines
9.9 KiB
YAML
337 lines
9.9 KiB
YAML
hostname: {{.HOSTNAME_DEFAULT}}
|
|
rancher:
|
|
bootstrap:
|
|
state-script:
|
|
image: {{.OS_IMAGES_ROOT}}/os-statescript:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.detach: "false"
|
|
io.rancher.os.scope: system
|
|
io.rancher.os.after: udev-bootstrap
|
|
log_driver: json-file
|
|
net: host
|
|
uts: host
|
|
privileged: true
|
|
volumes:
|
|
- /dev:/host/dev
|
|
- /lib/modules:/lib/modules
|
|
- /lib/firmware:/lib/firmware
|
|
- /usr/bin/ros:/usr/bin/ros:ro
|
|
- /usr/share/ros:/usr/share/ros:ro
|
|
udev-bootstrap:
|
|
image: {{.OS_IMAGES_ROOT}}/os-udev:{{.VERSION}}{{.SUFFIX}}
|
|
environment:
|
|
- BOOTSTRAP=true
|
|
labels:
|
|
io.rancher.os.detach: "false"
|
|
io.rancher.os.scope: system
|
|
log_driver: json-file
|
|
net: host
|
|
uts: host
|
|
privileged: true
|
|
volumes:
|
|
- /dev:/host/dev
|
|
- /lib/modules:/lib/modules
|
|
- /lib/firmware:/lib/firmware
|
|
autoformat:
|
|
autoformat:
|
|
image: {{.OS_IMAGES_ROOT}}/os-autoformat:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.detach: "false"
|
|
io.rancher.os.scope: system
|
|
log_driver: json-file
|
|
net: none
|
|
privileged: true
|
|
udev-autoformat:
|
|
image: {{.OS_IMAGES_ROOT}}/os-udev:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.detach: "false"
|
|
io.rancher.os.scope: system
|
|
io.rancher.os.after: autoformat
|
|
log_driver: json-file
|
|
net: host
|
|
uts: host
|
|
privileged: true
|
|
volumes:
|
|
- /dev:/host/dev
|
|
- /lib/modules:/lib/modules
|
|
- /lib/firmware:/lib/firmware
|
|
bootstrap_docker:
|
|
args: [daemon, -s, overlay, -b, none, --restart=false, -g, /var/lib/system-docker,
|
|
-G, root, -H, 'unix:///var/run/system-docker.sock', --userland-proxy=false]
|
|
cloud_init:
|
|
datasources:
|
|
- configdrive:/media/config-2
|
|
network:
|
|
dns:
|
|
nameservers: [8.8.8.8, 8.8.4.4]
|
|
repositories:
|
|
core:
|
|
url: {{.OS_SERVICES_REPO}}/{{.VERSION}}{{.SUFFIX}}
|
|
state:
|
|
fstype: auto
|
|
dev: LABEL=RANCHER_STATE
|
|
oem_fstype: auto
|
|
oem_dev: LABEL=RANCHER_OEM
|
|
services:
|
|
{{if eq "amd64" .ARCH -}}
|
|
acpid:
|
|
image: {{.OS_IMAGES_ROOT}}/os-acpid:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.scope: system
|
|
net: host
|
|
uts: host
|
|
privileged: true
|
|
volumes_from:
|
|
- command-volumes
|
|
- system-volumes
|
|
{{end -}}
|
|
all-volumes:
|
|
image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.createonly: "true"
|
|
io.rancher.os.scope: system
|
|
log_driver: json-file
|
|
net: none
|
|
privileged: true
|
|
read_only: true
|
|
volumes_from:
|
|
- container-data-volumes
|
|
- command-volumes
|
|
- user-volumes
|
|
- system-volumes
|
|
cloud-init:
|
|
image: {{.OS_IMAGES_ROOT}}/os-cloudinit:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.detach: "false"
|
|
io.rancher.os.reloadconfig: "true"
|
|
io.rancher.os.scope: system
|
|
io.rancher.os.after: cloud-init-pre, wait-for-network
|
|
net: host
|
|
uts: host
|
|
privileged: true
|
|
volumes_from:
|
|
- command-volumes
|
|
- system-volumes
|
|
cloud-init-pre:
|
|
image: {{.OS_IMAGES_ROOT}}/os-cloudinit:{{.VERSION}}{{.SUFFIX}}
|
|
environment:
|
|
- CLOUD_INIT_NETWORK=false
|
|
labels:
|
|
io.rancher.os.detach: "false"
|
|
io.rancher.os.reloadconfig: "true"
|
|
io.rancher.os.scope: system
|
|
io.rancher.os.after: preload-system-images
|
|
net: host
|
|
uts: host
|
|
privileged: true
|
|
volumes_from:
|
|
- command-volumes
|
|
- system-volumes
|
|
command-volumes:
|
|
image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.createonly: "true"
|
|
io.rancher.os.scope: system
|
|
log_driver: json-file
|
|
net: none
|
|
privileged: true
|
|
read_only: true
|
|
volumes:
|
|
- /usr/bin/docker:/usr/bin/docker.dist:ro
|
|
- /usr/bin/ros:/usr/bin/dockerlaunch:ro
|
|
- /usr/bin/ros:/usr/bin/user-docker:ro
|
|
- /usr/bin/ros:/usr/bin/system-docker:ro
|
|
- /usr/bin/ros:/sbin/poweroff:ro
|
|
- /usr/bin/ros:/sbin/reboot:ro
|
|
- /usr/bin/ros:/sbin/halt:ro
|
|
- /usr/bin/ros:/sbin/shutdown:ro
|
|
- /usr/bin/ros:/usr/bin/respawn:ro
|
|
- /usr/bin/ros:/usr/bin/ros:ro
|
|
- /usr/bin/ros:/usr/bin/cloud-init:ro
|
|
- /usr/bin/ros:/usr/sbin/netconf:ro
|
|
- /usr/bin/ros:/usr/sbin/wait-for-network:ro
|
|
- /usr/bin/ros:/usr/sbin/wait-for-docker:ro
|
|
console:
|
|
image: {{.OS_IMAGES_ROOT}}/os-console:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.scope: system
|
|
io.rancher.os.after: cloud-init
|
|
io.docker.compose.rebuild: always
|
|
net: host
|
|
uts: host
|
|
pid: host
|
|
ipc: host
|
|
privileged: true
|
|
restart: always
|
|
volumes_from:
|
|
- all-volumes
|
|
volumes:
|
|
- /usr/bin/iptables:/sbin/iptables:ro
|
|
container-data-volumes:
|
|
image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.createonly: "true"
|
|
io.rancher.os.scope: system
|
|
log_driver: json-file
|
|
net: none
|
|
privileged: true
|
|
read_only: true
|
|
volumes:
|
|
- /var/lib/docker:/var/lib/docker
|
|
- /var/lib/rkt:/var/lib/rkt
|
|
network:
|
|
image: {{.OS_IMAGES_ROOT}}/os-network:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.scope: system
|
|
io.rancher.os.after: cloud-init-pre
|
|
net: host
|
|
uts: host
|
|
pid: host
|
|
privileged: true
|
|
volumes_from:
|
|
- command-volumes
|
|
- system-volumes
|
|
wait-for-network:
|
|
image: {{.OS_IMAGES_ROOT}}/os-network:{{.VERSION}}{{.SUFFIX}}
|
|
command: wait-for-network
|
|
labels:
|
|
io.rancher.os.detach: "false"
|
|
io.rancher.os.scope: system
|
|
io.rancher.os.after: network
|
|
pid: host
|
|
privileged: true
|
|
volumes_from:
|
|
- command-volumes
|
|
- system-volumes
|
|
ntp:
|
|
image: {{.OS_IMAGES_ROOT}}/os-ntp:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.scope: system
|
|
io.rancher.os.after: cloud-init, wait-for-network
|
|
net: host
|
|
uts: host
|
|
privileged: true
|
|
restart: always
|
|
preload-system-images:
|
|
image: {{.OS_IMAGES_ROOT}}/os-preload:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.detach: "false"
|
|
io.rancher.os.scope: system
|
|
privileged: true
|
|
volumes:
|
|
- /var/run/system-docker.sock:/var/run/docker.sock
|
|
- /var/lib/system-docker/preload:/mnt/preload
|
|
volumes_from:
|
|
- command-volumes
|
|
- system-volumes
|
|
preload-user-images:
|
|
image: {{.OS_IMAGES_ROOT}}/os-preload:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.detach: "false"
|
|
io.rancher.os.scope: system
|
|
io.rancher.os.after: console
|
|
privileged: true
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
- /var/lib/docker/preload:/mnt/preload
|
|
volumes_from:
|
|
- command-volumes
|
|
- system-volumes
|
|
syslog:
|
|
image: {{.OS_IMAGES_ROOT}}/os-syslog:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.scope: system
|
|
log_driver: json-file
|
|
net: host
|
|
uts: host
|
|
privileged: true
|
|
restart: always
|
|
volumes_from:
|
|
- system-volumes
|
|
system-volumes:
|
|
image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.createonly: "true"
|
|
io.rancher.os.scope: system
|
|
log_driver: json-file
|
|
net: none
|
|
privileged: true
|
|
read_only: true
|
|
volumes:
|
|
- /dev:/host/dev
|
|
- /etc/docker:/etc/docker
|
|
- /etc/hosts:/etc/hosts
|
|
- /etc/resolv.conf:/etc/resolv.conf
|
|
- /etc/rkt:/etc/rkt
|
|
- /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt.rancher
|
|
- /etc/selinux:/etc/selinux
|
|
- /lib/firmware:/lib/firmware
|
|
- /lib/modules:/lib/modules
|
|
- /run:/run
|
|
- /usr/share/ros:/usr/share/ros
|
|
- /var/lib/rancher/conf:/var/lib/rancher/conf
|
|
- /var/lib/rancher:/var/lib/rancher
|
|
- /var/log:/var/log
|
|
- /var/run:/var/run
|
|
udev-cold:
|
|
image: {{.OS_IMAGES_ROOT}}/os-udev:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.scope: system
|
|
io.rancher.os.before: udev
|
|
net: host
|
|
uts: host
|
|
privileged: true
|
|
volumes_from:
|
|
- system-volumes
|
|
udev:
|
|
image: {{.OS_IMAGES_ROOT}}/os-udev:{{.VERSION}}{{.SUFFIX}}
|
|
environment:
|
|
- DAEMON=true
|
|
labels:
|
|
io.rancher.os.detach: "true"
|
|
io.rancher.os.scope: system
|
|
net: host
|
|
uts: host
|
|
privileged: true
|
|
restart: always
|
|
volumes_from:
|
|
- system-volumes
|
|
user-volumes:
|
|
image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.createonly: "true"
|
|
io.rancher.os.scope: system
|
|
log_driver: json-file
|
|
net: none
|
|
privileged: true
|
|
read_only: true
|
|
volumes:
|
|
- /home:/home
|
|
- /opt:/opt
|
|
docker:
|
|
image: {{.OS_IMAGES_ROOT}}/os-docker:{{.VERSION}}{{.SUFFIX}}
|
|
labels:
|
|
io.rancher.os.scope: system
|
|
io.rancher.os.after: console
|
|
net: host
|
|
pid: host
|
|
ipc: host
|
|
uts: host
|
|
privileged: true
|
|
restart: always
|
|
volumes_from:
|
|
- all-volumes
|
|
volumes:
|
|
- /sys/fs/cgroup:/host/sys/fs/cgroup
|
|
system_docker:
|
|
args: [daemon, --log-opt, max-size=25m, --log-opt, max-file=2, -s, overlay, -b, docker-sys,
|
|
--fixed-cidr, 172.18.42.1/16, --restart=false, -g, /var/lib/system-docker, -G, root,
|
|
-H, 'unix:///var/run/system-docker.sock', --userland-proxy=false]
|
|
upgrade:
|
|
url: {{.OS_RELEASES_YML}}
|
|
image: {{.OS_IMAGES_ROOT}}/os
|
|
docker:
|
|
tls_args: [--tlsverify, --tlscacert=/etc/docker/tls/ca.pem, --tlscert=/etc/docker/tls/server-cert.pem, --tlskey=/etc/docker/tls/server-key.pem,
|
|
'-H=0.0.0.0:2376']
|
|
args: [daemon, --log-opt, max-size=25m, --log-opt, max-file=2, -s, overlay, -G, docker, -H, 'unix:///var/run/docker.sock']
|