1/etc/containerd/config.toml(5)File Formats Manual/etc/containerd/config.toml(5)
2
3
4

NAME

6       containerd-config.toml - configuration file for containerd
7
8

SYNOPSIS

10       The config.toml file is a configuration file for the containerd daemon.
11       The file must be placed  at  /etc/containerd/config.toml  or  specified
12       with the --config option of containerd to be used by the daemon. If the
13       file does not exist at the appropriate location or is not provided  via
14       the --config option containerd uses its default configuration settings,
15       which can be displayed with the containerd config(1) command.
16
17

DESCRIPTION

19       The TOML file used to configure the containerd daemon  settings  has  a
20       short list of global settings followed by a series of sections for spe‐
21       cific areas of daemon configuration. There is also a section for  plug‐
22       ins  that allows each containerd plugin to have an area for plugin-spe‐
23       cific configuration and settings.
24
25

FORMAT

27       version
28              The version field in the config file specifies the config’s ver‐
29              sion.  If  no version number is specified inside the config file
30              then it is assumed to be a version 1 config and parsed as  such.
31              Please  use  version = 2 to enable version 2 config as version 1
32              has been deprecated.
33
34
35       root   The  root   directory   for   containerd   metadata.   (Default:
36              "/var/lib/containerd")
37
38
39       state  The state directory for containerd (Default: "/run/containerd")
40
41
42       plugin_dir
43              The directory for dynamic plugins to be stored
44
45
46       [grpc] Section  for gRPC socket listener settings. Contains the follow‐
47              ing properties:
48
49
50address (Default: "/run/containerd/containerd.sock")
51
52tcp_address
53
54tcp_tls_cert
55
56tcp_tls_key
57
58uid (Default: 0)
59
60gid (Default: 0)
61
62max_recv_message_size
63
64max_send_message_size
65
66
67
68       [ttrpc]
69              Section for TTRPC settings. Contains properties:
70
71
72address (Default: "")
73
74uid (Default: 0)
75
76gid (Default: 0)
77
78
79
80       [debug]
81              Section to enable and configure a debug  socket  listener.  Con‐
82              tains four properties:
83
84
85address (Default: "/run/containerd/debug.sock")
86
87uid (Default: 0)
88
89gid (Default: 0)
90
91level (Default: "info") sets the debug log level
92
93
94
95       [metrics]
96              Section to enable and configure a metrics listener. Contains two
97              properties:
98
99
100address (Default: "") Metrics endpoint does not listen by  de‐
101                fault
102
103grpc_histogram  (Default: false) Turn on or off gRPC histogram
104                metrics
105
106
107
108       disabled_plugins
109              Disabled plugins are IDs of plugins to disable. Disabled plugins
110              won't be initialized and started.
111
112
113       required_plugins
114              Required  plugins  are IDs of required plugins. Containerd exits
115              if any required plugin doesn't exist or fails to be  initialized
116              or started.
117
118
119       [plugins]
120              The  plugins section contains configuration options exposed from
121              installed plugins.  The following plugins are enabled by default
122              and  their  settings  are shown below.  Plugins that are not en‐
123              abled by default will provide  their  own  configuration  values
124              documentation.
125
126
127[plugins."io.containerd.monitor.v1.cgroups"]  has  one  option
128                no_prometheus (Default: false)
129
130[plugins."io.containerd.service.v1.diff-service"] has one  op‐
131                tion default, a list by default set to ["walking"]
132
133[plugins."io.containerd.runtime.v1.linux"] has several options
134                for configuring the runtime, shim, and related options:
135
136shim specifies the shim binary (Default: "containerd-shim"),
137
138runtime  is  the  OCI  compliant  runtime  binary  (Default:
139                  "runc"),
140
141runtime_root  is the root directory used by the runtime (De‐
142                  fault: ""),
143
144no_shim specifies whether to use a  shim  or  not  (Default:
145                  false),
146
147shim_debug turns on debugging for the shim (Default: false)
148
149
150
151[plugins."io.containerd.gc.v1.scheduler"]  has several options
152                that perform advanced tuning for the scheduler:
153
154pause_threshold is the maximum amount of time GC  should  be
155                  scheduled (Default: 0.02),
156
157deletion_threshold guarantees GC is scheduled after n number
158                  of deletions (Default: 0 [not triggered]),
159
160mutation_threshold guarantees GC is scheduled after n number
161                  of database mutations (Default: 100),
162
163schedule_delay  defines the delay after trigger event before
164                  scheduling a GC (Default "0ms" [immediate]),
165
166startup_delay defines the delay after startup before  sched‐
167                  uling a GC (Default "100ms")
168
169
170
171[plugins."io.containerd.runtime.v2.task"]   specifies  options
172                for configuring the runtime shim:
173
174platforms specifies the list of supported platforms
175
176sched_core Core scheduling is a  feature  that  allows  only
177                  trusted  tasks  to  run concurrently on cpus sharing compute
178                  resources (eg: hyperthreads on a core). (Default: false)
179
180
181
182[plugins."io.containerd.service.v1.tasks-service"] has one op‐
183                tion:
184
185rdt_config_file  (Linux only) specifies path to a configura‐
186                  tion used for configuring RDT (Default: ""). Enables support
187                  for  Intel  RDT, a technology for cache and memory bandwidth
188                  management.       See       https://github.com/intel/goresc
189                  trl/blob/v0.2.0/doc/rdt.md#configuration  for details of the
190                  configuration file format.
191
192
193
194
195
196       oom_score
197              The out of memory (OOM) score applied to the  containerd  daemon
198              process (Default: 0)
199
200
201       [cgroup]
202              Section for Linux cgroup specific settings
203
204
205path  (Default:  "")  Specify a custom cgroup path for created
206                containers
207
208
209
210       [proxy_plugins]
211              Proxy plugins configures plugins which are communicated to  over
212              gRPC
213
214
215type (Default: "")
216
217address (Default: "")
218
219
220
221       timeouts
222              Timeouts specified as a duration
223
224
225       imports
226              Imports  is a list of additional configuration files to include.
227              This allows to split the main configuration file and  keep  some
228              sections  separately (for example vendors may keep a custom run‐
229              time configuration in a separate file without modifying the main
230              config.toml).   Imported files will overwrite simple fields like
231              int or string (if not empty)  and  will  append  array  and  map
232              fields.   Imported  files  are  also  versioned, and the version
233              can't be higher than the main config.
234
235
236       stream_processors
237
238
239accepts (Default: "[]") Accepts specific media-types
240
241returns (Default: "") Returns the media-type
242
243path (Default: "") Path or name of the binary
244
245args (Default: "[]") Args to the binary
246
247
248

EXAMPLE

250       The following is a complete config.toml default configuration example:
251
252       version = 2
253
254       root = "/var/lib/containerd"
255       state = "/run/containerd"
256       oom_score = 0
257       imports = ["/etc/containerd/runtime_*.toml", "./debug.toml"]
258
259       [grpc]
260         address = "/run/containerd/containerd.sock"
261         uid = 0
262         gid = 0
263
264       [debug]
265         address = "/run/containerd/debug.sock"
266         uid = 0
267         gid = 0
268         level = "info"
269
270       [metrics]
271         address = ""
272         grpc_histogram = false
273
274       [cgroup]
275         path = ""
276
277       [plugins]
278         [plugins."io.containerd.monitor.v1.cgroups"]
279           no_prometheus = false
280         [plugins."io.containerd.service.v1.diff-service"]
281           default = ["walking"]
282         [plugins."io.containerd.runtime.v1.linux"]
283           shim = "containerd-shim"
284           runtime = "runc"
285           runtime_root = ""
286           no_shim = false
287           shim_debug = false
288         [plugins."io.containerd.gc.v1.scheduler"]
289           pause_threshold = 0.02
290           deletion_threshold = 0
291           mutation_threshold = 100
292           schedule_delay = 0
293           startup_delay = "100ms"
294         [plugins."io.containerd.runtime.v2.task"]
295           platforms = ["linux/amd64"]
296           sched_core = true
297         [plugins."io.containerd.service.v1.tasks-service"]
298           rdt_config_file = "/etc/rdt-config.yaml"
299
300
301

BUGS

303       Please   file   any   specific   issues   that   you    encounter    at
304       https://github.com/containerd/containerd.
305
306

AUTHOR

308       Phil Estes estesp@gmail.com ⟨mailto:estesp@gmail.com⟩
309
310

SEE ALSO

312       ctr(8), containerd-config(8), containerd(8)
313
314
315
316                                  04/05/2022    /etc/containerd/config.toml(5)
Impressum