pyrox.dev / nixpkgs
lol
fork atom

nixos/containerd: sanitize StateDirectory and RuntimeDirectory

Johan Thomsen 2142f885 08ab7e10

options
unified split
Changed files
+7 -4
nixos
modules
services
cluster
kubernetes
default.nix
kubelet.nix
virtualisation
containerd.nix
+3 -3
nixos/modules/services/cluster/kubernetes/default.nix 
···

       
7

       
7

       
 

       



     

       
8

       
8

       
 

       
  defaultContainerdConfigFile = pkgs.writeText "containerd.toml" ''


     

       
9

       
9

       
 

       
    version = 2


     

       
10

       

       
-

       
    root = "/var/lib/containerd/daemon"


     

       
11

       

       
-

       
    state = "/var/run/containerd/daemon"


     

       

       
10

       
+

       
    root = "/var/lib/containerd"


     

       

       
11

       
+

       
    state = "/run/containerd"


     

       
12

       
12

       
 

       
    oom_score = 0


     

       
13

       
13

       
 

       



     

       
14

       
14

       
 

       
    [grpc]


     

       
15

       

       
-

       
      address = "/var/run/containerd/containerd.sock"


     

       

       
15

       
+

       
      address = "/run/containerd/containerd.sock"


     

       
16

       
16

       
 

       



     

       
17

       
17

       
 

       
    [plugins."io.containerd.grpc.v1.cri"]


     

       
18

       
18

       
 

       
      sandbox_image = "pause:latest"
+1 -1
nixos/modules/services/cluster/kubernetes/kubelet.nix 
···

       
134

       
134

       
 

       
    containerRuntimeEndpoint = mkOption {


     

       
135

       
135

       
 

       
      description = "Endpoint at which to find the container runtime api interface/socket";


     

       
136

       
136

       
 

       
      type = str;


     

       
137

       

       
-

       
      default = "unix:///var/run/containerd/containerd.sock";


     

       

       
137

       
+

       
      default = "unix:///run/containerd/containerd.sock";


     

       
138

       
138

       
 

       
    };


     

       
139

       
139

       
 

       



     

       
140

       
140

       
 

       
    enable = mkEnableOption "Kubernetes kubelet.";
+3
nixos/modules/virtualisation/containerd.nix 
···

       
54

       
54

       
 

       
        LimitNOFILE = "infinity";


     

       
55

       
55

       
 

       
        TasksMax = "infinity";


     

       
56

       
56

       
 

       
        OOMScoreAdjust = "-999";


     

       

       
57

       
+

       



     

       

       
58

       
+

       
        StateDirectory = "containerd";


     

       

       
59

       
+

       
        RuntimeDirectory = "containerd";


     

       
57

       
60

       
 

       
      };


     

       
58

       
61

       
 

       
    };


     

       
59

       
62

       
 

       
  };