Set up containerd use harbor.fizz.buzz.
This commit is contained in:
Tom Alexander
@@ -1,3 +1,4 @@
|
||||
# TODO: Set up a proxy to harbor for OCI compliance: https://github.com/moby/moby/pull/34319#issuecomment-720606627
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
@@ -29,30 +30,43 @@ in
|
||||
|
||||
config = lib.mkIf config.me.containerd.enable {
|
||||
virtualisation.containerd.enable = true;
|
||||
virtualisation.containerd.settings = {
|
||||
virtualisation.containerd.settings = lib.mkForce {
|
||||
"plugins" = {
|
||||
"io.containerd.grpc.v1.cri" = {
|
||||
"io.containerd.cri.v1.images" = {
|
||||
"registry" = {
|
||||
"config_path" = "/.persist/containerd/certs.d";
|
||||
};
|
||||
"snapshotter" = "overlayfs";
|
||||
};
|
||||
"io.containerd.cri.v1.runtime" = {
|
||||
"cni" = {
|
||||
"bin_dir" = "/opt/cni/bin";
|
||||
"bin_dirs" = [
|
||||
"/opt/cni/bin"
|
||||
];
|
||||
"conf_dir" = "/etc/cni/net.d";
|
||||
# "bin_dir" = "${my-cni-plugins}/bin";
|
||||
# "conf_dir" = "${my-cni-configs}";
|
||||
};
|
||||
"containerd" = {
|
||||
"default_runtime_name" = "runc";
|
||||
"runtimes" = {
|
||||
"runc" = {
|
||||
"options" = {
|
||||
"SystemdCgroup" = true;
|
||||
};
|
||||
"runtime_type" = "io.containerd.runc.v2";
|
||||
};
|
||||
};
|
||||
"snapshotter" = "overlayfs";
|
||||
};
|
||||
};
|
||||
"io.containerd.cri.v1.services" = {
|
||||
"containerd" = {
|
||||
"runtimes" = {
|
||||
"runc" = {
|
||||
"options" = {
|
||||
"SystemdCgroup" = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
"version" = 2;
|
||||
"version" = 3;
|
||||
};
|
||||
|
||||
systemd.services.containerd.preStart = ''
|
||||
|
||||
Reference in New Issue
Block a user