-
Notifications
You must be signed in to change notification settings - Fork 66
/
mount.yaml
133 lines (133 loc) · 2.95 KB
/
mount.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
mount:
# Basic binaries and libraries
- type: bind
source: /bin
target: /bin
readonly: true
- type: bind
source: /lib
target: /lib
readonly: true
- type: bind
source: /lib64
target: /lib64
readonly: true
- type: bind
source: /usr
target: /usr
readonly: true
- type: bind
source: /etc/ld.so.cache
target: /etc/ld.so.cache
readonly: true
# Some compiler have multiple versions
- type: bind
source: /etc/alternatives
target: /etc/alternatives
readonly: true
# fpc wants /etc/fpc.cfg
- type: bind
source: /etc/fpc.cfg
target: /etc/fpc.cfg
readonly: true
# mono wants /etc/mono
- type: bind
source: /etc/mono
target: /etc/mono
readonly: true
# ghc wants /var/lib/ghc
- type: bind
source: /var/lib/ghc
target: /var/lib/ghc
readonly: true
# go wants /dev/null
- type: bind
source: /dev/null
target: /dev/null
# java 17 wants /etc/java-17-openjdk
- type: bind
source: /etc/java-17-openjdk
target: /etc/java-17-openjdk
readonly: true
# node wants /dev/urandom
- type: bind
source: /dev/urandom
target: /dev/urandom
# additional devices
- type: bind
source: /dev/random
target: /dev/random
- type: bind
source: /dev/zero
target: /dev/zero
- type: bind
source: /dev/full
target: /dev/full
# work dir
- type: tmpfs
target: /w
data: size=128m,nr_inodes=4k
# tmp dir
- type: tmpfs
target: /tmp
data: size=128m,nr_inodes=4k
# MPI wants shm
# - type: tmpfs
# target: /dev/shm
# data: size=64m,nr_inodes=4k
# (optional) bind a /etc/passwd to show customized user name
- type: bind
source: containerPasswd.txt
target: /etc/passwd
# (optional) bind a /.env to load default environment variable for the container
- type: bind
source: dotenv
target: /.env
#readonly: true
# MPI wants /sys, readonly may not work for /sys
# - type: bind
# source: /sys
# target: /sys
# # readonly: true
# java & ghc wants /proc/self/exe
proc: true
# procrw enables read-write permission on /proc for special usage like CUDA
#procrw: true
# create /dev standard io
symLink:
- linkPath: /dev/fd
target: /proc/self/fd
- linkPath: /dev/stdin
target: /proc/self/fd/0
- linkPath: /dev/stdout
target: /proc/self/fd/1
- linkPath: /dev/stderr
target: /proc/self/fd/2
# mask mounted paths with empty / null mount
maskPath:
- /sys/firmware
- /sys/devices/virtual/powercap
- /proc/acpi
- /proc/asound
- /proc/kcore
- /proc/keys
- /proc/latency_stats
- /proc/timer_list
- /proc/timer_stats
- /proc/sched_debug
- /proc/scsi
- /usr/lib/wsl/drivers
- /usr/lib/wsl/lib
# container work directory
workDir: /w
# container host name
hostName: go-judge
# container domain name
domainName: go-judge
# container user uid
uid: 1536
# container user gid
gid: 1536
# init cmd does additional setups
# MPI want network
#initCmd: ip link set dev lo up