1libpod.conf(5)() libpod.conf(5)()
2
3
4
6 libpod.conf - libpod configuration file
7
8
10 The libpod.conf file is the default configuration file for all tools
11 using libpod to manage containers.
12
13
15 image_default_transport=""
16 Default transport method for pulling and pushing images
17
18
19 runtime=""
20 Default OCI runtime to use if nothing is specified in runtimes
21
22
23 runtimes
24 For each OCI runtime, specify a list of paths to look for. The first
25 one found is used. If the paths are empty or no valid path was found,
26 then the $PATH environment variable will be used as the fallback.
27
28
29 conmon_path=""
30 Paths to search for the conmon container manager binary. If the paths
31 are empty or no valid path was found, then the $PATH environment vari‐
32 able will be used as the fallback.
33
34
35 conmon_env_vars=""
36 Environment variables to pass into Conmon
37
38
39 cgroup_manager=""
40 Specify the CGroup Manager to use; valid values are "systemd" and
41 "cgroupfs"
42
43
44 lock_type=""
45 Specify the locking mechanism to use; valid values are "shm" and
46 "file". Change the default only if you are sure of what you are doing,
47 in general "file" is useful only on platforms where cgo is not avail‐
48 able for using the faster "shm" lock type. You may need to run "podman
49 system renumber" after you change the lock type.
50
51
52 init_path=""
53 Path to the container-init binary, which forwards signals and reaps
54 processes within containers. Note that the container-init binary will
55 only be used when the --init for podman-create and podman-run is set.
56
57
58 hooks_dir=["path", ...]
59
60
61 Each *.json file in the path configures a hook for Podman containers.
62 For more details on the syntax of the JSON files and the semantics of
63 hook injection, see oci-hooks(5). Podman and libpod currently support
64 both the 1.0.0 and 0.1.0 hook schemas, although the 0.1.0 schema is
65 deprecated.
66
67
68 Paths listed later in the array have higher precedence (oci-hooks(5)
69 discusses directory precedence).
70
71
72 For the annotation conditions, libpod uses any annotations set in the
73 generated OCI configuration.
74
75
76 For the bind-mount conditions, only mounts explicitly requested by the
77 caller via --volume are considered. Bind mounts that libpod inserts by
78 default (e.g. /dev/shm) are not considered.
79
80
81 Podman and libpod currently support an additional precreate state which
82 is called before the runtime's create operation. Unlike the other
83 stages, which receive the container state on their standard input,
84 precreate hooks receive the proposed runtime configuration on their
85 standard input. They may alter that configuration as they see fit, and
86 write the altered form to their standard output.
87
88
89 WARNING: the precreate hook lets you do powerful things, such as adding
90 additional mounts to the runtime configuration. That power also makes
91 it easy to break things. Before reporting libpod errors, try running
92 your container with precreate hooks disabled to see if the problem is
93 due to one of your hooks.
94
95
96 static_dir=""
97 Directory for persistent libpod files (database, etc)
98 By default this will be configured relative to where containers/stor‐
99 age
100 stores containers
101
102
103 tmp_dir=""
104 Directory for temporary files
105 Must be a tmpfs (wiped after reboot)
106
107
108 max_log_size=""
109 Maximum size of log files (in bytes)
110
111
112 no_pivot_root=""
113 Whether to use chroot instead of pivot_root in the runtime
114
115
116 cni_config_dir=""
117 Directory containing CNI plugin configuration files
118
119
120 cni_plugin_dir=""
121 Directories where CNI plugin binaries may be located
122
123
124 infra_image = ""
125 Infra (pause) container image name for pod infra containers. When
126 running a pod, we
127 start a pause process in a container to hold open the namespaces
128 associated with the
129 pod. This container and process, basically sleep/pause for the life‐
130 time of the pod.
131
132
133 infra_command=""
134 Command to run the infra container
135
136
137 namespace=""
138 Default libpod namespace. If libpod is joined to a namespace, it will
139 see only containers and pods
140 that were created in the same namespace, and will create new contain‐
141 ers and pods in that namespace.
142 The default namespace is "", which corresponds to no namespace. When
143 no namespace is set, all
144 containers and pods are visible.
145
146
147 label="true|false"
148 Indicates whether the containers should use label separation by
149 default.
150 Can be overridden via --security-opt label=... on the CLI.
151
152
153 num_locks=""
154 Number of locks available for containers and pods. Each created con‐
155 tainer or pod consumes one lock.
156 The default number available is 2048.
157 If this is changed, a lock renumbering must be performed, using the
158 podman system renumber command.
159
160
161 volume_path=""
162 Directory where named volumes will be created in using the default
163 volume driver.
164 By default this will be configured relative to where containers/stor‐
165 age stores containers.
166
167
168 network_cmd_path=""
169 Path to the command binary to use for setting up a network. It is
170 currently only used for setting up
171 a slirp4netns network. If "" is used then the binary is looked up
172 using the $PATH environment variable.
173
174
175 events_logger=""
176 Default method to use when logging events. Valid values are "file",
177 "journald", and "none".
178
179
180 detach_keys=""
181 Keys sequence used for detaching a container
182
183
185 /usr/share/containers/libpod.conf, default libpod configuration path
186
187
188 /etc/containers/libpod.conf, override libpod configuration path
189
190
192 Apr 2018, Originally compiled by Nathan Williams nath.e.will@gmail.com
193 ⟨mailto:nath.e.will@gmail.com⟩
194
195
196
197 libpod.conf(5)()