roles/k8s/files: Add sample lxc config

1 files changed, 35 insertions, 0 deletions

diff --git a/roles/k8s/files/lxc-config b/roles/k8s/files/lxc-config
new file mode 100644
index 0000000..4afd9e5
--- /dev/null
+++ b/roles/k8s/files/lxc-config
@@ -0,0 +1,35 @@
+# Template used to create this container: /usr/share/lxc/templates/lxc-download
+# Parameters passed to the template:
+# For additional config options, please look at lxc.container.conf(5)
+
+# Uncomment the following line to support nesting containers:
+lxc.include = /usr/share/lxc/config/nesting.conf
+# (Be aware this has security implications)
+
+# Distribution configuration
+lxc.include = /usr/share/lxc/config/common.conf
+lxc.arch = x86_64
+
+# Allow all cgroups
+lxc.cgroup.devices.allow = a
+
+# Override mounts
+lxc.mount.auto = cgroup:mixed proc:rw sys:mixed
+
+# Clear capability drops
+lxc.cap.drop =
+
+# Bind points
+lxc.mount.entry = /dev/kmsg dev/kmsg none defaults,bind,create=file
+
+# Container specific configuration
+lxc.apparmor.profile = unconfined
+lxc.apparmor.allow_nesting = 1
+
+# Network configuration
+lxc.net.0.type = veth
+lxc.net.0.link = lxcbr0
+lxc.net.0.flags = up
+lxc.net.0.hwaddr = 00:16:3e:e0:c3:1d
+lxc.rootfs.path = dir:/var/lib/lxc/k8s-centos8/rootfs
+lxc.uts.name = k8s-centos8