forked from lf-edge/eve
-
Notifications
You must be signed in to change notification settings - Fork 0
/
rootfs.yml.in
130 lines (130 loc) · 3.38 KB
/
rootfs.yml.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
kernel:
image: KERNEL_TAG
cmdline: "rootdelay=3"
init:
- linuxkit/init:07d37c3ae7fad5ddcb54c8dc65774ae050851f04
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:95d5f0d2d8dc63bd87e96b7b39cf026cb86125c9
# pillar's logic rely on existence of getty and /etc/init.d/001-getty inside
- linuxkit/getty:e74e6cad132403d1a6d6cd25b136a7c69c99f3f7
- linuxkit/memlogd:1ded209c4cc10aa8de2099f4156164b59df14e3c
- DOM0ZTOOLS_TAG
- GRUB_TAG
- FW_TAG
- XEN_TAG
- GPTTOOLS_TAG
- KEXEC_TAG
onboot:
- name: rngd
image: RNGD_TAG
command: ["/sbin/rngd", "-1"]
- name: sysctl
image: linuxkit/sysctl:c6f23919b8610c7645a89a89f863c6209bc84bee
binds:
- /etc/sysctl.d:/etc/sysctl.d
capabilities:
- CAP_SYS_ADMIN
- CAP_NET_ADMIN
# If you change the order of storage-init don't forget to
# change path to the "002-installer" in "pkg/mkimage-raw-efi/Dockerfile" and
# "pkg/mkverification-raw-efi/Dockerfile" accordingly:
# storage-init must follow installer
- name: storage-init
image: STORAGE_INIT_TAG
# kdump goes strictly after storage-init
- name: kdump
image: KDUMP_TAG
# If you change the order of pillar-onboot don't forget to
# change path to the "/containers/onboot/004-pillar-onboot/lower" in
# "pkg/mkimage-raw-efi/config.json" and "pkg/mkverification-raw-efi/config.json"
# accordingly: 004-pillar-onboot must follow the order number of pillar-onboot
# to prepare services to start
- name: pillar-onboot
image: PILLAR_TAG
command: ["/opt/zededa/bin/onboot.sh"]
- name: apparmor
image: APPARMOR_TAG
# measure-config must be executed after any other container that changes
# /config. Let's keep it the latest
- name: measure-config
image: MEASURE_CONFIG_TAG
services:
- name: newlogd
image: NEWLOGD_TAG
cgroupsPath: /eve/services/newlogd
oomScoreAdj: -999
- name: edgeview
image: EDGEVIEW_TAG
cgroupsPath: /eve/services/eve-edgeview
oomScoreAdj: -800
- name: debug
image: DEBUG_TAG
cgroupsPath: /eve/services/debug
oomScoreAdj: -999
- name: wwan
image: WWAN_TAG
cgroupsPath: /eve/services/wwan
oomScoreAdj: -999
- name: wlan
image: WLAN_TAG
cgroupsPath: /eve/services/wlan
oomScoreAdj: -999
- name: guacd
image: GUACD_TAG
cgroupsPath: /eve/services/guacd
oomScoreAdj: -999
- name: pillar
image: PILLAR_TAG
cgroupsPath: /eve/services/pillar
oomScoreAdj: -999
- name: memory-monitor
image: MEMORY_MONITOR_TAG
cgroupsPath: /eve/services/memory-monitor
oomScoreAdj: -1000
- name: vtpm
image: VTPM_TAG
cgroupsPath: /eve/services/vtpm
oomScoreAdj: -999
- name: watchdog
image: WATCHDOG_TAG
cgroupsPath: /eve/services/watchdog
oomScoreAdj: -1000
- name: xen-tools
image: XENTOOLS_TAG
cgroupsPath: /eve/services/xen-tools
oomScoreAdj: -999
files:
- path: /etc/eve-release
source: eve_version
- path: etc/linuxkit-eve-config.yml
metadata: yaml
- path: /etc/eve-hv-type
contents: 'EVE_HV'
- path: /opt/vendor
directory: true
- path: /etc/securetty
contents: |
console
tty0
tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8
tty9
tty10
tty11
hvc0
ttyS0
ttyS1
ttyS2
ttyAMA0
ttyAMA1
ttyTCU0
ttyTHS0
ttyTHS1
ttymxc0
ttymxc2