local build
This commit is contained in:
parent
535a45eaec
commit
4368c22a69
@ -99,7 +99,7 @@ as-is. But other settings like insecure/blocked/mirrors will be applied to match
|
|||||||
|
|
||||||
`mirror`
|
`mirror`
|
||||||
: An array of TOML tables specifying (possibly-partial) mirrors for the
|
: An array of TOML tables specifying (possibly-partial) mirrors for the
|
||||||
`prefix`-rooted namespace.
|
`prefix`-rooted namespace (i.e., the current `[[registry]]` TOML table).
|
||||||
|
|
||||||
The mirrors are attempted in the specified order; the first one that can be
|
The mirrors are attempted in the specified order; the first one that can be
|
||||||
contacted and contains the image will be used (and if none of the mirrors contains the image,
|
contacted and contains the image will be used (and if none of the mirrors contains the image,
|
||||||
@ -236,14 +236,23 @@ location = "example-mirror-0.local/mirror-for-foo"
|
|||||||
[[registry.mirror]]
|
[[registry.mirror]]
|
||||||
location = "example-mirror-1.local/mirrors/foo"
|
location = "example-mirror-1.local/mirrors/foo"
|
||||||
insecure = true
|
insecure = true
|
||||||
|
|
||||||
|
[[registry]]
|
||||||
|
location = "registry.com"
|
||||||
|
|
||||||
|
[[registry.mirror]]
|
||||||
|
location = "mirror.registry.com"
|
||||||
```
|
```
|
||||||
Given the above, a pull of `example.com/foo/image:latest` will try:
|
Given the above, a pull of `example.com/foo/image:latest` will try:
|
||||||
1. `example-mirror-0.local/mirror-for-foo/image:latest`
|
|
||||||
2. `example-mirror-1.local/mirrors/foo/image:latest`
|
1. `example-mirror-0.local/mirror-for-foo/image:latest`
|
||||||
3. `internal-registry-for-example.net/bar/image:latest`
|
2. `example-mirror-1.local/mirrors/foo/image:latest`
|
||||||
|
3. `internal-registry-for-example.net/bar/image:latest`
|
||||||
|
|
||||||
in order, and use the first one that exists.
|
in order, and use the first one that exists.
|
||||||
|
|
||||||
|
Note that a mirror is associated only with the current `[[registry]]` TOML table. If using the example above, pulling the image `registry.com/image:latest` will hence only reach out to `mirror.registry.com`, and the mirrors associated with `example.com/foo` will not be considered.
|
||||||
|
|
||||||
## VERSION 1 FORMAT - DEPRECATED
|
## VERSION 1 FORMAT - DEPRECATED
|
||||||
VERSION 1 format is still supported but it does not support
|
VERSION 1 format is still supported but it does not support
|
||||||
using registry mirrors, longest-prefix matches, or location rewriting.
|
using registry mirrors, longest-prefix matches, or location rewriting.
|
||||||
|
@ -26,6 +26,13 @@
|
|||||||
#
|
#
|
||||||
#apparmor_profile = "container-default"
|
#apparmor_profile = "container-default"
|
||||||
|
|
||||||
|
# The hosts entries from the base hosts file are added to the containers hosts
|
||||||
|
# file. This must be either an absolute path or as special values "image" which
|
||||||
|
# uses the hosts file from the container image or "none" which means
|
||||||
|
# no base hosts file is used. The default is "" which will use /etc/hosts.
|
||||||
|
#
|
||||||
|
#base_hosts_file = ""
|
||||||
|
|
||||||
# Default way to to create a cgroup namespace for the container
|
# Default way to to create a cgroup namespace for the container
|
||||||
# Options are:
|
# Options are:
|
||||||
# `private` Create private Cgroup Namespace for the container.
|
# `private` Create private Cgroup Namespace for the container.
|
||||||
@ -114,6 +121,16 @@ default_sysctls = [
|
|||||||
#
|
#
|
||||||
#env_host = false
|
#env_host = false
|
||||||
|
|
||||||
|
# Set the ip for the host.containers.internal entry in the containers /etc/hosts
|
||||||
|
# file. This can be set to "none" to disable adding this entry. By default it
|
||||||
|
# will automatically choose the host ip.
|
||||||
|
#
|
||||||
|
# NOTE: When using podman machine this entry will never be added to the containers
|
||||||
|
# hosts file instead the gvproxy dns resolver will resolve this hostname. Therefore
|
||||||
|
# it is not possible to disable the entry in this case.
|
||||||
|
#
|
||||||
|
#host_containers_internal_ip = ""
|
||||||
|
|
||||||
# Default proxy environment variables passed into the container.
|
# Default proxy environment variables passed into the container.
|
||||||
# The environment variables passed in include:
|
# The environment variables passed in include:
|
||||||
# http_proxy, https_proxy, ftp_proxy, no_proxy, and the upper case versions of
|
# http_proxy, https_proxy, ftp_proxy, no_proxy, and the upper case versions of
|
||||||
@ -373,11 +390,14 @@ log_driver = "journald"
|
|||||||
# Define where event logs will be stored, when events_logger is "file".
|
# Define where event logs will be stored, when events_logger is "file".
|
||||||
#events_logfile_path=""
|
#events_logfile_path=""
|
||||||
|
|
||||||
# Sets the maximum size for events_logfile_path in bytes. When the limit is exceeded,
|
# Sets the maximum size for events_logfile_path.
|
||||||
# the logfile will be rotated and the old one will be deleted.
|
# The size can be b (bytes), k (kilobytes), m (megabytes), or g (gigabytes).
|
||||||
|
# The format for the size is `<number><unit>`, e.g., `1b` or `3g`.
|
||||||
|
# If no unit is included then the size will be read in bytes.
|
||||||
|
# When the limit is exceeded, the logfile will be rotated and the old one will be deleted.
|
||||||
# If the maximum size is set to 0, then no limit will be applied,
|
# If the maximum size is set to 0, then no limit will be applied,
|
||||||
# and the logfile will not be rotated.
|
# and the logfile will not be rotated.
|
||||||
#events_logfile_max_size = 0
|
#events_logfile_max_size = "1m"
|
||||||
|
|
||||||
# Selects which logging mechanism to use for container engine events.
|
# Selects which logging mechanism to use for container engine events.
|
||||||
# Valid values are `journald`, `file` and `none`.
|
# Valid values are `journald`, `file` and `none`.
|
||||||
@ -435,12 +455,6 @@ log_driver = "journald"
|
|||||||
#
|
#
|
||||||
#lock_type** = "shm"
|
#lock_type** = "shm"
|
||||||
|
|
||||||
# Indicates if Podman is running inside a VM via Podman Machine.
|
|
||||||
# Podman uses this value to do extra setup around networking from the
|
|
||||||
# container inside the VM to to host.
|
|
||||||
#
|
|
||||||
#machine_enabled = false
|
|
||||||
|
|
||||||
# MultiImageArchive - if true, the container engine allows for storing archives
|
# MultiImageArchive - if true, the container engine allows for storing archives
|
||||||
# (e.g., of the docker-archive transport) with multiple images. By default,
|
# (e.g., of the docker-archive transport) with multiple images. By default,
|
||||||
# Podman creates single-image archives.
|
# Podman creates single-image archives.
|
||||||
@ -461,9 +475,26 @@ log_driver = "journald"
|
|||||||
#network_cmd_path = ""
|
#network_cmd_path = ""
|
||||||
|
|
||||||
# Default options to pass to the slirp4netns binary.
|
# Default options to pass to the slirp4netns binary.
|
||||||
# For example "allow_host_loopback=true"
|
# Valid options values are:
|
||||||
#
|
#
|
||||||
#network_cmd_options = ["enable_ipv6=true",]
|
# - allow_host_loopback=true|false: Allow the slirp4netns to reach the host loopback IP (`10.0.2.2`).
|
||||||
|
# Default is false.
|
||||||
|
# - mtu=MTU: Specify the MTU to use for this network. (Default is `65520`).
|
||||||
|
# - cidr=CIDR: Specify ip range to use for this network. (Default is `10.0.2.0/24`).
|
||||||
|
# - enable_ipv6=true|false: Enable IPv6. Default is true. (Required for `outbound_addr6`).
|
||||||
|
# - outbound_addr=INTERFACE: Specify the outbound interface slirp should bind to (ipv4 traffic only).
|
||||||
|
# - outbound_addr=IPv4: Specify the outbound ipv4 address slirp should bind to.
|
||||||
|
# - outbound_addr6=INTERFACE: Specify the outbound interface slirp should bind to (ipv6 traffic only).
|
||||||
|
# - outbound_addr6=IPv6: Specify the outbound ipv6 address slirp should bind to.
|
||||||
|
# - port_handler=rootlesskit: Use rootlesskit for port forwarding. Default.
|
||||||
|
# Note: Rootlesskit changes the source IP address of incoming packets to a IP address in the container
|
||||||
|
# network namespace, usually `10.0.2.100`. If your application requires the real source IP address,
|
||||||
|
# e.g. web server logs, use the slirp4netns port handler. The rootlesskit port handler is also used for
|
||||||
|
# rootless containers when connected to user-defined networks.
|
||||||
|
# - port_handler=slirp4netns: Use the slirp4netns port forwarding, it is slower than rootlesskit but
|
||||||
|
# preserves the correct source IP address. This port handler cannot be used for user-defined networks.
|
||||||
|
#
|
||||||
|
#network_cmd_options = []
|
||||||
|
|
||||||
# Whether to use chroot instead of pivot_root in the runtime
|
# Whether to use chroot instead of pivot_root in the runtime
|
||||||
#
|
#
|
||||||
@ -535,9 +566,9 @@ log_driver = "journald"
|
|||||||
# URI to access the Podman service
|
# URI to access the Podman service
|
||||||
# Examples:
|
# Examples:
|
||||||
# rootless "unix://run/user/$UID/podman/podman.sock" (Default)
|
# rootless "unix://run/user/$UID/podman/podman.sock" (Default)
|
||||||
# rootfull "unix://run/podman/podman.sock (Default)
|
# rootful "unix://run/podman/podman.sock (Default)
|
||||||
# remote rootless ssh://engineering.lab.company.com/run/user/1000/podman/podman.sock
|
# remote rootless ssh://engineering.lab.company.com/run/user/1000/podman/podman.sock
|
||||||
# remote rootfull ssh://root@10.10.1.136:22/run/podman/podman.sock
|
# remote rootful ssh://root@10.10.1.136:22/run/podman/podman.sock
|
||||||
#
|
#
|
||||||
# uri = "ssh://user@production.example.com/run/user/1001/podman/podman.sock"
|
# uri = "ssh://user@production.example.com/run/user/1001/podman/podman.sock"
|
||||||
# Path to file containing ssh identity key
|
# Path to file containing ssh identity key
|
||||||
@ -629,7 +660,7 @@ log_driver = "journald"
|
|||||||
|
|
||||||
# Host directories to be mounted as volumes into the VM by default.
|
# Host directories to be mounted as volumes into the VM by default.
|
||||||
# Environment variables like $HOME as well as complete paths are supported for
|
# Environment variables like $HOME as well as complete paths are supported for
|
||||||
# the source and destination. An optional third field `:ro` can be used to
|
# the source and destination. An optional third field `:ro` can be used to
|
||||||
# tell the container engines to mount the volume readonly.
|
# tell the container engines to mount the volume readonly.
|
||||||
#
|
#
|
||||||
# volumes = [
|
# volumes = [
|
||||||
|
@ -59,6 +59,13 @@ Example: "run.oci.keep_original_groups=1"
|
|||||||
Used to change the name of the default AppArmor profile of container engines.
|
Used to change the name of the default AppArmor profile of container engines.
|
||||||
The default profile name is "container-default".
|
The default profile name is "container-default".
|
||||||
|
|
||||||
|
**base_hosts_file**=""
|
||||||
|
|
||||||
|
The hosts entries from the base hosts file are added to the containers hosts
|
||||||
|
file. This must be either an absolute path or as special values "image" which
|
||||||
|
uses the hosts file from the container image or "none" which means
|
||||||
|
no base hosts file is used. The default is "" which will use /etc/hosts.
|
||||||
|
|
||||||
**cgroups**="enabled"
|
**cgroups**="enabled"
|
||||||
|
|
||||||
Determines whether the container will create CGroups.
|
Determines whether the container will create CGroups.
|
||||||
@ -143,6 +150,16 @@ environment variables to the container.
|
|||||||
|
|
||||||
Pass all host environment variables into the container.
|
Pass all host environment variables into the container.
|
||||||
|
|
||||||
|
**host_containers_internal_ip**=""
|
||||||
|
|
||||||
|
Set the ip for the host.containers.internal entry in the containers /etc/hosts
|
||||||
|
file. This can be set to "none" to disable adding this entry. By default it
|
||||||
|
will automatically choose the host ip.
|
||||||
|
|
||||||
|
NOTE: When using podman machine this entry will never be added to the containers
|
||||||
|
hosts file instead the gvproxy dns resolver will resolve this hostname. Therefore
|
||||||
|
it is not possible to disable the entry in this case.
|
||||||
|
|
||||||
**http_proxy**=true
|
**http_proxy**=true
|
||||||
|
|
||||||
Default proxy environment variables will be passed into the container.
|
Default proxy environment variables will be passed into the container.
|
||||||
@ -405,10 +422,13 @@ if you want to set environment variables for the container.
|
|||||||
|
|
||||||
Define where event logs will be stored, when events_logger is "file".
|
Define where event logs will be stored, when events_logger is "file".
|
||||||
|
|
||||||
**events_logfile_max_size**=0
|
**events_logfile_max_size**="1m"
|
||||||
|
|
||||||
Sets the maximum size for events_logfile_path in bytes. When the limit is exceeded,
|
Sets the maximum size for events_logfile_path.
|
||||||
the logfile will be rotated and the old one will be deleted.
|
The unit can be b (bytes), k (kilobytes), m (megabytes) or g (gigabytes).
|
||||||
|
The format for the size is `<number><unit>`, e.g., `1b` or `3g`.
|
||||||
|
If no unit is included then the size will be in bytes.
|
||||||
|
When the limit is exceeded, the logfile will be rotated and the old one will be deleted.
|
||||||
If the maximumn size is set to 0, then no limit will be applied,
|
If the maximumn size is set to 0, then no limit will be applied,
|
||||||
and the logfile will not be rotated.
|
and the logfile will not be rotated.
|
||||||
|
|
||||||
@ -484,12 +504,6 @@ Change the default only if you are sure of what you are doing, in general
|
|||||||
faster "shm" lock type. You may need to run "podman system renumber" after you
|
faster "shm" lock type. You may need to run "podman system renumber" after you
|
||||||
change the lock type.
|
change the lock type.
|
||||||
|
|
||||||
**machine_enabled**=false
|
|
||||||
|
|
||||||
Indicates if Podman is running inside a VM via Podman Machine.
|
|
||||||
Podman uses this value to do extra setup around networking from the
|
|
||||||
container inside the VM to to host.
|
|
||||||
|
|
||||||
**multi_image_archive**=false
|
**multi_image_archive**=false
|
||||||
|
|
||||||
Allows for creating archives (e.g., tarballs) with more than one image. Some container engines, such as Podman, interpret additional arguments as tags for one image and hence do not store more than one image. The default behavior can be altered with this option.
|
Allows for creating archives (e.g., tarballs) with more than one image. Some container engines, such as Podman, interpret additional arguments as tags for one image and hence do not store more than one image. The default behavior can be altered with this option.
|
||||||
@ -506,16 +520,16 @@ and pods are visible.
|
|||||||
|
|
||||||
Path to the slirp4netns binary.
|
Path to the slirp4netns binary.
|
||||||
|
|
||||||
**network_cmd_options**=["enable_ipv6=true",]
|
**network_cmd_options**=[]
|
||||||
|
|
||||||
Default options to pass to the slirp4netns binary.
|
Default options to pass to the slirp4netns binary.
|
||||||
|
|
||||||
Valid options values are:
|
Valid options values are:
|
||||||
|
|
||||||
- **allow_host_loopback=true|false**: Allow the slirp4netns to reach the host loopback IP (`10.0.2.2`, which is added to `/etc/hosts` as `host.containers.internal` for your convenience). Default is false.
|
- **allow_host_loopback=true|false**: Allow the slirp4netns to reach the host loopback IP (`10.0.2.2`). Default is false.
|
||||||
- **mtu=MTU**: Specify the MTU to use for this network. (Default is `65520`).
|
- **mtu=MTU**: Specify the MTU to use for this network. (Default is `65520`).
|
||||||
- **cidr=CIDR**: Specify ip range to use for this network. (Default is `10.0.2.0/24`).
|
- **cidr=CIDR**: Specify ip range to use for this network. (Default is `10.0.2.0/24`).
|
||||||
- **enable_ipv6=true|false**: Enable IPv6. Default is false. (Required for `outbound_addr6`).
|
- **enable_ipv6=true|false**: Enable IPv6. Default is true. (Required for `outbound_addr6`).
|
||||||
- **outbound_addr=INTERFACE**: Specify the outbound interface slirp should bind to (ipv4 traffic only).
|
- **outbound_addr=INTERFACE**: Specify the outbound interface slirp should bind to (ipv4 traffic only).
|
||||||
- **outbound_addr=IPv4**: Specify the outbound ipv4 address slirp should bind to.
|
- **outbound_addr=IPv4**: Specify the outbound ipv4 address slirp should bind to.
|
||||||
- **outbound_addr6=INTERFACE**: Specify the outbound interface slirp should bind to (ipv6 traffic only).
|
- **outbound_addr6=INTERFACE**: Specify the outbound interface slirp should bind to (ipv6 traffic only).
|
||||||
@ -625,8 +639,8 @@ URI to access the Podman service
|
|||||||
|
|
||||||
- **rootless local** - unix://run/user/1000/podman/podman.sock
|
- **rootless local** - unix://run/user/1000/podman/podman.sock
|
||||||
- **rootless remote** - ssh://user@engineering.lab.company.com/run/user/1000/podman/podman.sock
|
- **rootless remote** - ssh://user@engineering.lab.company.com/run/user/1000/podman/podman.sock
|
||||||
- **rootfull local** - unix://run/podman/podman.sock
|
- **rootful local** - unix://run/podman/podman.sock
|
||||||
- **rootfull remote** - ssh://root@10.10.1.136:22/run/podman/podman.sock
|
- **rootful remote** - ssh://root@10.10.1.136:22/run/podman/podman.sock
|
||||||
|
|
||||||
**identity="~/.ssh/id_rsa**
|
**identity="~/.ssh/id_rsa**
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user