# This file is copied from https://github.com/kubernetes-sigs/kind/blob/main/images/base/files/etc/containerd/config.toml # CHANGES: [plugins."io.containerd.grpc.v1.cri".registry] was added to allow containerd to pull images from p2p mirror. # explicitly use v2 config format version = 2 [plugins."io.containerd.grpc.v1.cri".registry] config_path = "/etc/containerd/certs.d" [proxy_plugins] # fuse-overlayfs is used for rootless [proxy_plugins."fuse-overlayfs"] type = "snapshot" address = "/run/containerd-fuse-overlayfs.sock" [plugins."io.containerd.grpc.v1.cri".containerd] # save disk space when using a single snapshotter discard_unpacked_layers = true # explicitly use default snapshotter so we can sed it in entrypoint snapshotter = "overlayfs" # explicit default here, as we're configuring it below default_runtime_name = "runc" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] # set default runtime handler to v2, which has a per-pod shim runtime_type = "io.containerd.runc.v2" # Generated by "ctr oci spec" and modified at base container to mount poduct_uuid base_runtime_spec = "/etc/containerd/cri-base.json" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] # use systemd cgroup by default SystemdCgroup = true # Setup a runtime with the magic name ("test-handler") used for Kubernetes # runtime class tests ... [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.test-handler] # same settings as runc runtime_type = "io.containerd.runc.v2" base_runtime_spec = "/etc/containerd/cri-base.json" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.test-handler.options] SystemdCgroup = true [plugins."io.containerd.grpc.v1.cri"] # use fixed sandbox image sandbox_image = "registry.k8s.io/pause:3.7" # allow hugepages controller to be missing # see https://github.com/containerd/cri/pull/1501 tolerate_missing_hugepages_controller = true # restrict_oom_score_adj needs to be true when running inside UserNS (rootless) restrict_oom_score_adj = false