1containers-storage.conf(5)         May 2017         containers-storage.conf(5)
2
3
4

NAME

6       storage.conf - Syntax of Container Storage configuration file
7
8

DESCRIPTION

10       The STORAGE configuration file specifies all of the available container
11       storage options for tools using shared container storage, but in a TOML
12       format that can be more easily modified and versioned.
13
14

FORMAT

16       The [TOML format][toml] is used as the encoding of the configuration
17       file.  Every option and subtable listed here is nested under a global
18       "storage" table.  No bare options are used. The format of TOML can be
19       simplified to:
20
21
22              [table]
23              option = value
24
25              [table.subtable1]
26              option = value
27
28              [table.subtable2]
29              option = value
30
31
32

STORAGE TABLE

34       The storage table supports the following options:
35
36
37       driver=""
38         container storage driver (default: "overlay")
39         Default Copy On Write (COW) container storage driver
40         Valid drivers are "overlay", "vfs", "devmapper", "aufs", "btrfs", and
41       "zfs"
42         Some drivers (for example, "zfs", "btrfs", and "aufs") may not work
43       if your kernel lacks support for the filesystem
44
45
46       graphroot=""
47         container storage graph dir (default: "/var/lib/containers/storage")
48         Default directory to store all writable content created by container
49       storage programs
50
51
52       runroot=""
53         container storage run dir (default: "/var/run/containers/storage")
54         Default directory to store all temporary writable content created by
55       container storage programs
56
57
58   STORAGE OPTIONS TABLE
59       The storage.options table supports the following options:
60
61
62       additionalimagestores=[]
63         Paths to additional container image stores. Usually these are
64       read/only and stored on remote network shares.
65
66
67       mount_program=""
68         Specifies the path to a custom program to use instead of using kernel
69       defaults for mounting the file system.
70
71
72                mount_program = "/usr/bin/fuse-overlayfs"
73
74
75
76       mountopt=""
77
78
79       Comma separated list of default options to be used to mount container
80       images.  Suggested value "nodev".
81
82
83       ostree_repo = ""
84          If specified, use OSTree to deduplicate files with the overlay or
85       vfs backends.
86
87
88       size=""
89         Maximum size of a container image.   This flag can be used to set
90       quota on the size of container images. (default: 10GB)
91
92
93       skip_mount_home = "false"
94          Set to skip a PRIVATE bind mount on the storage home directory.
95       Only supported by certain container storage drivers (overlay).
96
97
98       remap-uids="" remap-gids=""
99
100
101       Remap-UIDs/GIDs is the mapping from UIDs/GIDs as they should appear
102       inside of a container, to the UIDs/GIDs outside of the container, and
103       the length of the range of UIDs/GIDs.  Additional mapped sets can be
104       listed and will be heeded by libraries, but there are limits to the
105       number of mappings which the kernel will allow when you later attempt
106       to run a container.
107
108
109               Example
110               remap-uids = 0:1668442479:65536
111               remap-gids = 0:1668442479:65536
112
113               These mappings tell the container engines to map UID 0 inside of the
114               container to UID 1668442479 outside.  UID 1 will be mapped to 1668442480.
115               UID 2 will be mapped to 1668442481, etc, for the next 65533 UIDs in
116               Succession.
117
118
119
120       remap-user="" remap-group=""
121
122
123       Remap-User/Group is a user name which can be used to look up one or
124       more UID/GID ranges in the /etc/subuid or /etc/subgid file.  Mappings
125       are set up starting with an in-container ID of 0 and then a host-level
126       ID taken from the lowest range that matches the specified name, and
127       using the length of that range.  Additional ranges are then assigned,
128       using the ranges which specify the lowest host-level IDs first, to the
129       lowest not-yet-mapped in-container ID, until all of the entries have
130       been used for maps.
131
132
133                remap-user = "storage"
134                remap-group = "storage"
135
136
137
138   STORAGE OPTIONS FOR THINPOOL TABLE
139       The storage.options.thinpool table supports the following options:
140
141
142       autoextend_percent=""
143
144
145       Tells the thinpool driver the amount by which the thinpool needs to be
146       grown. This is specified in terms of % of pool size. So a value of 20
147       means that when threshold is hit, pool will be grown by 20% of existing
148       pool size. (default: 20%)
149
150
151       autoextend_threshold=""
152
153
154       Tells the driver the thinpool extension threshold in terms of
155       percentage of pool size. For example, if threshold is 60, that means
156       when pool is 60% full, threshold has been hit. (default: 80%)
157
158
159       basesize=""
160
161
162       Specifies the size to use when creating the base device, which limits
163       the size of images and containers. (default: 10g)
164
165
166       blocksize=""
167
168
169       Specifies a custom blocksize to use for the thin pool. (default: 64k)
170
171
172       directlvm_device=""
173
174
175       Specifies a custom block storage device to use for the thin pool.
176       Required for using graphdriver devicemapper.
177
178
179       directlvm_device_force=""
180
181
182       Tells driver to wipe device (directlvm_device) even if device already
183       has a filesystem.  (default: false)
184
185
186       fs="xfs"
187
188
189       Specifies the filesystem type to use for the base device. (default:
190       xfs)
191
192
193       log_level=""
194
195
196       Sets the log level of devicemapper.
197
198
199              0: LogLevelSuppress 0 (default)
200              2: LogLevelFatal
201              3: LogLevelErr
202              4: LogLevelWarn
203              5: LogLevelNotice
204              6: LogLevelInfo
205              7: LogLevelDebug
206
207
208
209       min_free_space=""
210
211
212       Specifies the min free space percent in a thin pool required for new
213       device creation to succeed. Valid values are from 0% - 99%. Value 0%
214       disables. (default: 10%)
215
216
217       mkfsarg=""
218
219
220       Specifies extra mkfs arguments to be used when creating the base
221       device.
222
223
224       use_deferred_deletion=""
225
226
227       Marks thinpool device for deferred deletion. If the thinpool is in use
228       when the driver attempts to delete it, the driver will attempt to
229       delete device every 30 seconds until successful, or when it restarts.
230       Deferred deletion permanently deletes the device and all data stored in
231       the device will be lost. (default: true).
232
233
234       use_deferred_removal=""
235
236
237       Marks devicemapper block device for deferred removal.  If the device is
238       in use when its driver attempts to remove it, the driver tells the
239       kernel to remove the device as soon as possible.  Note this does not
240       free up the disk space, use deferred deletion to fully remove the
241       thinpool.  (default: true).
242
243
244       xfs_nospace_max_retries=""
245
246
247       Specifies the maximum number of retries XFS should attempt to complete
248       IO when ENOSPC (no space) error is returned by underlying storage
249       device. (default: 0, which means to try continuously.)
250
251

SELINUX LABELING

253       When running on an SELinux system, if you move the containers storage
254       graphroot directory, you must make sure the labeling is correct.
255
256
257       Tell SELinux about the new containers storage by setting up an
258       equivalence record.  This tells SELinux to label content under the new
259       path, as if it was stored under /var/lib/containers/storage.
260
261
262              semanage fcontext -a -e /var/lib/containers NEWSTORAGEPATH
263              restorecon -R -v /src/containers
264
265
266
267       The semanage command above tells SELinux to setup the default labeling
268       of NEWSTORAGEPATH to match /var/lib/containers.  The restorecon command
269       tells SELinux to apply the labels to the actual content.
270
271
272       Now all new content created in these directories will automatically be
273       created with the correct label.
274
275

SEE ALSO

277       semanage(8), restorecon(8)
278
279

FILES

281       Distributions often provide a /usr/share/containers/storage.conf file
282       to define default storage configuration. Administrators can override
283       this file by creating /etc/containers/storage.conf to specify their own
284       configuration. The storage.conf file for rootless users is stored in
285       the $HOME/.config/containers/storage.conf file.
286
287

HISTORY

289       May 2017, Originally compiled by Dan Walsh ⟨dwalsh@redhat.com⟩ Format
290       copied from crio.conf man page created by Aleksa Sarai ⟨asarai@suse.de⟩
291
292
293
294Dan Walsh             Container Storage ConfigurationcoFnitlaeiners-storage.conf(5)
Impressum