github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

support DisableCgroup, DisableApparmor, RestrictOOMScoreAdj

Browse Source 
Add following config for supporting "rootless" mode

* DisableCgroup: disable cgroup
* DisableApparmor: disable Apparmor
* RestrictOOMScoreAdj: restrict the lower bound of OOMScoreAdj

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
This commit is contained in:
Akihiro Suda
2018-11-09 19:34:13 +09:00
parent 4b4b2abb2e
commit cd8231ab2a
6 changed files with 107 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docs/config.md
View File

@@ -44,6 +44,19 @@ The explanation and default value of each configuration item are as follows:
# limit.
max_container_log_line_size = 16384
# disable_cgroup indicates to disable the cgroup support.
# This is useful when the daemon does not have permission to access cgroup.
disable_cgroup = false
# disable_apparmor indicates to disable the apparmor support.
# This is useful when the daemon does not have permission to access apparmor.
disable_apparmor = false
# restrict_oom_score_adj indicates to limit the lower bound of OOMScoreAdj to
# the containerd's current OOMScoreAdj.
# This is useful when the containerd does not have permission to decrease OOMScoreAdj.
restrict_oom_score_adj = false
# "plugins.cri.containerd" contains config related to containerd
[plugins.cri.containerd]