local build
This commit is contained in:
parent
b114829e8d
commit
1d89ffc990
@ -94,7 +94,7 @@ Finally, two full-store specifiers matching all images in the store are valid sc
|
|||||||
- `[`_graph-root_`]`
|
- `[`_graph-root_`]`
|
||||||
|
|
||||||
Note that some tools like Podman and Buildah hard-code overrides of the signature verification policy for “push” operations,
|
Note that some tools like Podman and Buildah hard-code overrides of the signature verification policy for “push” operations,
|
||||||
allowing these oprations regardless of configuration in `policy.json`.
|
allowing these operations regardless of configuration in `policy.json`.
|
||||||
|
|
||||||
### `dir:`
|
### `dir:`
|
||||||
|
|
||||||
@ -165,7 +165,7 @@ The _reference_ annotation value, if any, is not used.
|
|||||||
Supported scopes have the form _repo-path_`:`_image-scope_; _repo_path_ is the path to the OSTree repository.
|
Supported scopes have the form _repo-path_`:`_image-scope_; _repo_path_ is the path to the OSTree repository.
|
||||||
|
|
||||||
_image-scope_ is the _docker_reference_ part of the reference, with with a `:latest` tag implied if no tag is present,
|
_image-scope_ is the _docker_reference_ part of the reference, with with a `:latest` tag implied if no tag is present,
|
||||||
and parent namespaces of the _docker_reference_ value (by omitting the tag, or a prefix speciyfing a higher-level namespace).
|
and parent namespaces of the _docker_reference_ value (by omitting the tag, or a prefix specifying a higher-level namespace).
|
||||||
|
|
||||||
*Note:*
|
*Note:*
|
||||||
- The _repo_path_ must be absolute and contain no symlinks. Paths violating these requirements may be silently ignored.
|
- The _repo_path_ must be absolute and contain no symlinks. Paths violating these requirements may be silently ignored.
|
||||||
|
@ -56,9 +56,11 @@ $ restorecon -R -v /NEWSTORAGEPATH
|
|||||||
A common use case for this field is to provide a local storage directory when user home directories are NFS-mounted (podman does not support container storage over NFS).
|
A common use case for this field is to provide a local storage directory when user home directories are NFS-mounted (podman does not support container storage over NFS).
|
||||||
|
|
||||||
**imagestore**=""
|
**imagestore**=""
|
||||||
Path of imagestore different from `graphroot`, by default storage library stores all images in `graphroot` but if `imagestore` is provided it will store newly pulled images in provided `imagestore` but will keep using `graphroot` for everything else. If user is using `overlay` driver then images which were already part of `graphroot` will still be accessible ( Internally storage library will mount `graphroot` as an `additionalImageStore` to allow this behaviour ).
|
The image storage path (the default is assumed to be the same as `graphroot`). Path of the imagestore, which is different from `graphroot`. By default, images in the storage library are stored in the `graphroot`. If `imagestore` is provided, newly pulled images will be stored in the `imagestore` location. All other storage continues to be stored in the `graphroot`. When using the `overlay` driver, images previously stored in the `graphroot` remain accessible. Internally, the storage library mounts `graphroot` as an `additionalImageStore` to allow this behavior.
|
||||||
|
|
||||||
A common use case for this field is for the users who want to split the file-system in different parts i.e disk which stores images vs disk used by the container created by the image.
|
A common use case for the `imagestore` field is users who need to split filesystems in different partitions. The `imagestore` partition stores images and the `graphroot` partition stores container content created from the images.
|
||||||
|
|
||||||
|
Imagestore, if set, must be different from `graphroot`.
|
||||||
|
|
||||||
**runroot**=""
|
**runroot**=""
|
||||||
container storage run dir (default: "/run/containers/storage")
|
container storage run dir (default: "/run/containers/storage")
|
||||||
|
@ -382,6 +382,12 @@ log_driver = "journald"
|
|||||||
#
|
#
|
||||||
#active_service = "production"
|
#active_service = "production"
|
||||||
|
|
||||||
|
#List of compression algorithms. If set makes sure that requested compression variant
|
||||||
|
#for each platform is added to the manifest list keeping original instance intact in
|
||||||
|
#the same manifest list on every `manifest push`. Supported values are (`gzip`, `zstd` and `zstd:chunked`).
|
||||||
|
#
|
||||||
|
#add_compression = ["gzip", "zstd", "zstd:chunked"]
|
||||||
|
|
||||||
# Enforces using docker.io for completing short names in Podman's compatibility
|
# Enforces using docker.io for completing short names in Podman's compatibility
|
||||||
# REST API. Note that this will ignore unqualified-search-registries and
|
# REST API. Note that this will ignore unqualified-search-registries and
|
||||||
# short-name aliases defined in containers-registries.conf(5).
|
# short-name aliases defined in containers-registries.conf(5).
|
||||||
@ -663,8 +669,8 @@ log_driver = "journald"
|
|||||||
# [engine.service_destinations.production]
|
# [engine.service_destinations.production]
|
||||||
# URI to access the Podman service
|
# URI to access the Podman service
|
||||||
# Examples:
|
# Examples:
|
||||||
# rootless "unix://run/user/$UID/podman/podman.sock" (Default)
|
# rootless "unix:///run/user/$UID/podman/podman.sock" (Default)
|
||||||
# rootful "unix://run/podman/podman.sock (Default)
|
# rootful "unix:///run/podman/podman.sock (Default)
|
||||||
# remote rootless ssh://engineering.lab.company.com/run/user/1000/podman/podman.sock
|
# remote rootless ssh://engineering.lab.company.com/run/user/1000/podman/podman.sock
|
||||||
# remote rootful ssh://root@10.10.1.136:22/run/podman/podman.sock
|
# remote rootful ssh://root@10.10.1.136:22/run/podman/podman.sock
|
||||||
#
|
#
|
||||||
|
@ -30,6 +30,26 @@ Note, container engines also use other configuration files for configuring the e
|
|||||||
container images.
|
container images.
|
||||||
* `policy.conf` for controlling which images can be pulled to the system.
|
* `policy.conf` for controlling which images can be pulled to the system.
|
||||||
|
|
||||||
|
## ENVIRONMENT VARIABLES
|
||||||
|
If the `CONTAINERS_CONF` environment variable is set, all system and user
|
||||||
|
config files are ignored and only the specified config file will be loaded.
|
||||||
|
|
||||||
|
If the `CONTAINERS_CONF_OVERRIDE` path environment variable is set, the config
|
||||||
|
file will be loaded last even when `CONTAINERS_CONF` is set.
|
||||||
|
|
||||||
|
The values of both environment variables may be absolute or relative paths, for
|
||||||
|
instance, `CONTAINERS_CONF=/tmp/my_containers.conf`.
|
||||||
|
|
||||||
|
## MODULES
|
||||||
|
A module is a containers.conf file located directly in or a sub-directory of the following three directories:
|
||||||
|
- __$HOME/.config/containers/containers.conf.modules__
|
||||||
|
- __/etc/containers/containers.conf.modules__
|
||||||
|
- __/usr/share/containers/containers.conf.modules__
|
||||||
|
|
||||||
|
Files in those locations are not loaded by default but only on-demand. They are loaded after all system and user configuration files but before `CONTAINERS_CONF_OVERRIDE` hence allowing for overriding system and user configs.
|
||||||
|
|
||||||
|
Modules are currently supported by podman(1). The `podman --module` flag allows for loading a module and can be specified multiple times. If the specified value is an absolute path, the config file will be loaded directly. Relative paths are resolved relative to the three module directories mentioned above and in the specified order such that modules in `$HOME` allow for overriding those in `/etc` and `/usr/share`. Modules in `$HOME` (or `$XDG_CONFIG_HOME` if specified) are only used for rootless users.
|
||||||
|
|
||||||
# FORMAT
|
# FORMAT
|
||||||
The [TOML format][toml] is used as the encoding of the configuration file.
|
The [TOML format][toml] is used as the encoding of the configuration file.
|
||||||
Every option is nested under its table. No bare options are used. The format of
|
Every option is nested under its table. No bare options are used. The format of
|
||||||
@ -424,6 +444,17 @@ The `engine` table contains configuration options used to set up container engin
|
|||||||
|
|
||||||
Name of destination for accessing the Podman service. See SERVICE DESTINATION TABLE below.
|
Name of destination for accessing the Podman service. See SERVICE DESTINATION TABLE below.
|
||||||
|
|
||||||
|
**add_compression**=[]
|
||||||
|
|
||||||
|
List of compression algorithms. If set makes sure that requested compression variant
|
||||||
|
for each platform is added to the manifest list keeping original instance intact in
|
||||||
|
the same manifest list on every `manifest push`. Supported values are (`gzip`, `zstd` and `zstd:chunked`).
|
||||||
|
|
||||||
|
Note: This is different from `compression_format` which allows users to select a default
|
||||||
|
compression format for `push` and `manifest push`, while `add_compression` is limited to
|
||||||
|
`manifest push` and allows users to append new instances to manifest list with specified compression
|
||||||
|
algorithms in `add_compression` for each platform.
|
||||||
|
|
||||||
**cgroup_manager**="systemd"
|
**cgroup_manager**="systemd"
|
||||||
|
|
||||||
The cgroup management implementation used for the runtime. Supports `cgroupfs`
|
The cgroup management implementation used for the runtime. Supports `cgroupfs`
|
||||||
@ -767,9 +798,9 @@ URI to access the Podman service
|
|||||||
|
|
||||||
Example URIs:
|
Example URIs:
|
||||||
|
|
||||||
- **rootless local** - unix://run/user/1000/podman/podman.sock
|
- **rootless local** - unix:///run/user/1000/podman/podman.sock
|
||||||
- **rootless remote** - ssh://user@engineering.lab.company.com/run/user/1000/podman/podman.sock
|
- **rootless remote** - ssh://user@engineering.lab.company.com/run/user/1000/podman/podman.sock
|
||||||
- **rootful local** - unix://run/podman/podman.sock
|
- **rootful local** - unix:///run/podman/podman.sock
|
||||||
- **rootful remote** - ssh://root@10.10.1.136:22/run/podman/podman.sock
|
- **rootful remote** - ssh://root@10.10.1.136:22/run/podman/podman.sock
|
||||||
|
|
||||||
**identity="~/.ssh/id_rsa**
|
**identity="~/.ssh/id_rsa**
|
||||||
@ -871,15 +902,6 @@ __/etc/containers/containers.conf.d__ which will be loaded in alphanumeric order
|
|||||||
Rootless users can further override fields in the config by creating a config
|
Rootless users can further override fields in the config by creating a config
|
||||||
file stored in the __$HOME/.config/containers/containers.conf__ file or __.conf__ files in __$HOME/.config/containers/containers.conf.d__.
|
file stored in the __$HOME/.config/containers/containers.conf__ file or __.conf__ files in __$HOME/.config/containers/containers.conf.d__.
|
||||||
|
|
||||||
If the `CONTAINERS_CONF` environment variable is set, all system and user
|
|
||||||
config files are ignored and only the specified config file will be loaded.
|
|
||||||
|
|
||||||
If the `CONTAINERS_CONF_OVERRIDE` path environment variable is set, the config
|
|
||||||
file will be loaded last even when `CONTAINERS_CONF` is set.
|
|
||||||
|
|
||||||
The values of both environment variables may be absolute or relative paths, for
|
|
||||||
instance, `CONTAINERS_CONF=/tmp/my_containers.conf`.
|
|
||||||
|
|
||||||
Fields specified in a containers.conf file override the default options, as
|
Fields specified in a containers.conf file override the default options, as
|
||||||
well as options in previously loaded containers.conf files.
|
well as options in previously loaded containers.conf files.
|
||||||
|
|
||||||
|
@ -22,6 +22,8 @@
|
|||||||
# Fedora
|
# Fedora
|
||||||
"fedora-minimal" = "registry.fedoraproject.org/fedora-minimal"
|
"fedora-minimal" = "registry.fedoraproject.org/fedora-minimal"
|
||||||
"fedora" = "registry.fedoraproject.org/fedora"
|
"fedora" = "registry.fedoraproject.org/fedora"
|
||||||
|
# Gentoo
|
||||||
|
"gentoo" = "docker.io/gentoo/stage3"
|
||||||
# openSUSE
|
# openSUSE
|
||||||
"opensuse/tumbleweed" = "registry.opensuse.org/opensuse/tumbleweed"
|
"opensuse/tumbleweed" = "registry.opensuse.org/opensuse/tumbleweed"
|
||||||
"opensuse/tumbleweed-dnf" = "registry.opensuse.org/opensuse/tumbleweed-dnf"
|
"opensuse/tumbleweed-dnf" = "registry.opensuse.org/opensuse/tumbleweed-dnf"
|
||||||
|
@ -27,6 +27,10 @@ runroot = "/run/containers/storage"
|
|||||||
# restorecon -R -v /NEWSTORAGEPATH
|
# restorecon -R -v /NEWSTORAGEPATH
|
||||||
graphroot = "/var/lib/containers/storage"
|
graphroot = "/var/lib/containers/storage"
|
||||||
|
|
||||||
|
# Optional alternate location of image store if a location separate from the
|
||||||
|
# container store is required. If set, it must be different than graphroot.
|
||||||
|
# imagestore = ""
|
||||||
|
|
||||||
|
|
||||||
# Storage path for rootless users
|
# Storage path for rootless users
|
||||||
#
|
#
|
||||||
|
Loading…
Reference in New Issue
Block a user