Add containerd_extra_args (#7461)

* Add containerd_extra_args

This is useful for custom containerd config, e.g. auth

Signed-off-by: Zhong Jianxin <azuwis@gmail.com>

* Make containerd config.toml mode 0640

It may contain sensitive information like password

Signed-off-by: Zhong Jianxin <azuwis@gmail.com>
This commit is contained in:
Zhong Jianxin 2021-04-12 16:02:00 +08:00 committed by GitHub
parent 90c643f3ab
commit 420a412234
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 8 additions and 1 deletions

View file

@ -64,3 +64,6 @@ containerd_fedora_repo_base_url: "https://download.docker.com/linux/fedora/{{ an
containerd_fedora_repo_gpgkey: "https://download.docker.com/linux/fedora/gpg" containerd_fedora_repo_gpgkey: "https://download.docker.com/linux/fedora/gpg"
containerd_fedora_repo_repokey: "9DC858229FC7DD38854AE2D88D81803C0EBFCD88" containerd_fedora_repo_repokey: "9DC858229FC7DD38854AE2D88D81803C0EBFCD88"
containerd_fedora_repo_component: "stable" containerd_fedora_repo_component: "stable"
# Extra config to be put in {{ containerd_cfg_dir }}/config.toml literally
containerd_extra_args: ''

View file

@ -79,7 +79,7 @@
src: config.toml.j2 src: config.toml.j2
dest: "{{ containerd_cfg_dir }}/config.toml" dest: "{{ containerd_cfg_dir }}/config.toml"
owner: "root" owner: "root"
mode: 0644 mode: 0640
notify: restart containerd notify: restart containerd
# This is required to ensure any apt upgrade will not break kubernetes # This is required to ensure any apt upgrade will not break kubernetes

View file

@ -39,3 +39,7 @@ version = 2
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."{{ registry }}"] [plugins."io.containerd.grpc.v1.cri".registry.mirrors."{{ registry }}"]
endpoint = ["{{ ([ addr ] | flatten ) | join('","') }}"] endpoint = ["{{ ([ addr ] | flatten ) | join('","') }}"]
{% endfor %} {% endfor %}
{% if containerd_extra_args is defined %}
{{ containerd_extra_args }}
{% endif %}