NoPivotRoot = false
NoNewKeyring = false
ShimCgroup = ""
IoUid = 0
IoGid = 0
Root = ""
CriuPath = ""
SystemdCgroup = false
Last active
January 1, 2023 17:37
-
-
Save No9/094828de33fb6048d7f12318a5eccc85 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # configuration is based on https://github.com/containerd/containerd/blob/v1.6.0-rc.1/docs/cri/config.md | |
| version = 2 | |
| root = "/var/data/cripersistentstorage" | |
| state = "/run/containerd" | |
| oom_score = 0 | |
| [grpc] | |
| address = "/run/containerd/containerd.sock" | |
| uid = 0 | |
| gid = 0 | |
| max_recv_message_size = 16777216 | |
| max_send_message_size = 16777216 | |
| [debug] | |
| address = "" | |
| uid = 0 | |
| gid = 0 | |
| level = "" | |
| [metrics] | |
| address = "10.135.106.154:10210" | |
| grpc_histogram = false | |
| [cgroup] | |
| path = "/podruntime/runtime" | |
| [plugins] | |
| [plugins."io.containerd.monitor.v1.cgroups"] | |
| no_prometheus = false | |
| [plugins."io.containerd.grpc.v1.cri"] | |
| disable_tcp_service = true | |
| stream_server_address = "127.0.0.1" | |
| stream_server_port = "0" | |
| stream_idle_timeout = "15m" | |
| enable_selinux = false | |
| selinux_category_range = 1024 | |
| sandbox_image = "de.icr.io/armada-master/pause:3.8" | |
| stats_collect_period = 10 | |
| systemd_cgroup = false | |
| enable_tls_streaming = false | |
| tolerate_missing_hugetlb_controller = true | |
| ignore_image_defined_volumes = false | |
| [plugins."io.containerd.grpc.v1.cri".containerd] | |
| snapshotter = "overlayfs" | |
| default_runtime_name = "runc" | |
| no_pivot = false | |
| disable_snapshot_annotations = true | |
| discard_unpacked_layers = false | |
| [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] | |
| runtime_type = "io.containerd.runc.v2" | |
| pod_annotations = [] | |
| container_annotations = [] | |
| privileged_without_host_devices = false | |
| base_runtime_spec = "" | |
| [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] | |
| NoPivotRoot = false | |
| NoNewKeyring = false | |
| ShimCgroup = "" | |
| IoUid = 0 | |
| IoGid = 0 | |
| BinaryName = "" | |
| Root = "" | |
| CriuPath = "" | |
| SystemdCgroup = false | |
| [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.crun] | |
| runtime_type = "io.containerd.runc.v2" | |
| pod_annotations = ["*.wasm.*", "wasm.*", "module.wasm.image/*", "*.module.wasm.image", "module.wasm.image/variant.*"] | |
| privileged_without_host_devices = false | |
| [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.crun.options] | |
| BinaryName = "/usr/local/sbin/crun" | |
| [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.untrusted] | |
| runtime_type = "io.containerd.runc.v2" | |
| pod_annotations = [] | |
| container_annotations = [] | |
| privileged_without_host_devices = false | |
| [plugins."io.containerd.grpc.v1.cri".cni] | |
| bin_dir = "/opt/cni/bin" | |
| conf_dir = "/etc/cni/net.d" | |
| max_conf_num = 1 | |
| conf_template = "" | |
| [plugins."io.containerd.grpc.v1.cri".registry] | |
| config_path = "/etc/containerd/certs.d" | |
| [plugins."io.containerd.service.v1.diff-service"] | |
| default = ["walking"] | |
| [plugins."io.containerd.gc.v1.scheduler"] | |
| pause_threshold = 0.02 | |
| deletion_threshold = 0 | |
| mutation_threshold = 100 | |
| schedule_delay = "0s" | |
| startup_delay = "100ms" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM ubuntu:18.04 as ubuntu18builder | |
| RUN apt-get update | |
| RUN apt-get install -y software-properties-common | |
| # RUN add-apt-repository ppa:ubuntu-toolchain-r/test | |
| RUN apt-get update | |
| RUN apt-get install -y make git gcc-8 g++-8 build-essential pkgconf libtool \ | |
| libsystemd-dev libprotobuf-c-dev libcap-dev libseccomp-dev libyajl-dev \ | |
| libgcrypt20-dev go-md2man autoconf python3 automake \ | |
| cmake libboost-all-dev wget libssl-dev | |
| ENV CC=gcc-8 | |
| ENV CXX=g++-8 | |
| RUN wget https://apt.llvm.org/llvm.sh | |
| RUN chmod +x llvm.sh | |
| RUN ./llvm.sh 12 all | |
| RUN wget https://github.com/Kitware/CMake/releases/download/v3.25.1/cmake-3.25.1.tar.gz | |
| RUN tar xvzf cmake-3.25.1.tar.gz | |
| WORKDIR "/cmake-3.25.1" | |
| RUN ./bootstrap && make && make install | |
| WORKDIR "/" | |
| RUN git clone --depth 1 --branch llvmorg-12.0.1 https://github.com/llvm/llvm-project llvm-project | |
| RUN mkdir build | |
| WORKDIR "/build" | |
| RUN ls ../llvm-project | |
| RUN cmake -DCMAKE_BUILD_TYPE=Release -DLLVM_ENABLE_PROJECTS=lld -DCMAKE_INSTALL_PREFIX=/usr/local ../llvm-project/llvm | |
| RUN make install | |
| WORKDIR "/" | |
| RUN git clone --depth 1 -b 0.11.2 https://github.com/WasmEdge/WasmEdge.git | |
| WORKDIR "/WasmEdge" | |
| RUN mkdir build | |
| WORKDIR "/WasmEdge/build" | |
| RUN cmake -DCMAKE_BUILD_TYPE=Release -DWASMEDGE_BUILD_TESTS=ON .. && make -j && make install | |
| WORKDIR "/" | |
| RUN git clone --depth 1 -b 1.7.2 --recursive https://github.com/containers/crun.git | |
| WORKDIR /crun | |
| RUN ./autogen.sh | |
| RUN ./configure --with-wasmedge | |
| RUN make | |
| RUN ./crun --version | |
| FROM registry.access.redhat.com/ubi8/ubi-minimal | |
| WORKDIR "/vendor/ubuntu_18_04" | |
| COPY --from=ubuntu18builder /WasmEdge/build/lib/api/libwasmedge.so.0 /crun/crun /usr/lib/x86_64-linux-gnu/libyajl.so.2 ./ | |
| WORKDIR "/app" | |
| COPY install.sh remove.sh ./ | |
| RUN chmod +x install.sh remove.sh | |
| CMD ["/app/install.sh"] |
kubectl run -it --restart=Never wasi-demo --image=docker.io/wasmedge/example-wasi:latest --annotations="module.wasm.image/variant=compat-smart" --overrides='{"kind":"Pod", "apiVersion":"v1", "spec": {"hostNetwork": true, "runtimeClassName": "crun"}}' /wasi_example_main.wasm 50000000[plugins."io.containerd.grpc.v1.cri".containerd]
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.crun]
runtime_type = "io.containerd.runc.v2"
pod_annotations = ["*.wasm.*", "wasm.*", "module.wasm.image/*", "*.module.wasm.image", "module.wasm.image/variant.*"]
privileged_without_host_devices = false
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.crun.options]
BinaryName = "/usr/local/sbin/crun"cat /etc/containerd/config.toml # configuration is based on https://github.com/containerd/containerd/blob/v1.6.0-rc.1/docs/cri/config.md
version = 2
root = "/var/data/cripersistentstorage"
state = "/run/containerd"
oom_score = 0
[grpc]
address = "/run/containerd/containerd.sock"
uid = 0
gid = 0
max_recv_message_size = 16777216
max_send_message_size = 16777216
[debug]
address = ""
uid = 0
gid = 0
level = ""
[metrics]
address = "10.144.212.19:10210"
grpc_histogram = false
[cgroup]
path = "/podruntime/runtime"
[plugins]
[plugins."io.containerd.monitor.v1.cgroups"]
no_prometheus = false
[plugins."io.containerd.grpc.v1.cri"]
disable_tcp_service = true
stream_server_address = "127.0.0.1"
stream_server_port = "0"
stream_idle_timeout = "15m"
enable_selinux = false
selinux_category_range = 1024
sandbox_image = "de.icr.io/armada-master/pause:3.7"
stats_collect_period = 10
systemd_cgroup = false
enable_tls_streaming = false
tolerate_missing_hugetlb_controller = true
ignore_image_defined_volumes = false
[plugins."io.containerd.grpc.v1.cri".containerd]
snapshotter = "overlayfs"
default_runtime_name = "runc"
no_pivot = false
disable_snapshot_annotations = true
discard_unpacked_layers = false
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
runtime_type = "io.containerd.runc.v2"
pod_annotations = []
container_annotations = []
privileged_without_host_devices = false
base_runtime_spec = ""
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
NoPivotRoot = false
NoNewKeyring = false
ShimCgroup = ""
IoUid = 0
IoGid = 0
BinaryName = ""
Root = ""
CriuPath = ""
SystemdCgroup = false
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.untrusted]
runtime_type = "io.containerd.runc.v2"
pod_annotations = []
container_annotations = []
privileged_without_host_devices = false
[plugins."io.containerd.grpc.v1.cri".cni]
bin_dir = "/opt/cni/bin"
conf_dir = "/etc/cni/net.d"
max_conf_num = 1
conf_template = ""
[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/etc/containerd/certs.d"
[plugins."io.containerd.service.v1.diff-service"]
default = ["walking"]
[plugins."io.containerd.gc.v1.scheduler"]
pause_threshold = 0.02
deletion_threshold = 0
mutation_threshold = 100
schedule_delay = "0s"
startup_delay = "100ms"which runc
/usr/local/sbin/runccat /etc/os-release
NAME="Ubuntu"
VERSION="18.04.6 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.6 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM ubuntu:18.04 as ubuntu18builder | |
| RUN apt-get update | |
| RUN apt-get install -y software-properties-common | |
| RUN add-apt-repository ppa:ubuntu-toolchain-r/test | |
| RUN apt-get update | |
| RUN apt-get install -y make git gcc-10 g++-10 build-essential pkgconf libtool \ | |
| libsystemd-dev libprotobuf-c-dev libcap-dev libseccomp-dev libyajl-dev \ | |
| libgcrypt20-dev go-md2man autoconf python3 automake \ | |
| cmake libboost-all-dev wget libssl-dev | |
| ENV CC=gcc-10 | |
| ENV CXX=g++-10 | |
| RUN wget https://apt.llvm.org/llvm.sh | |
| RUN chmod +x llvm.sh | |
| RUN ./llvm.sh 12 all | |
| RUN wget https://github.com/Kitware/CMake/releases/download/v3.25.1/cmake-3.25.1.tar.gz | |
| RUN tar xvzf cmake-3.25.1.tar.gz | |
| WORKDIR "/cmake-3.25.1" | |
| RUN ./bootstrap && make && make install | |
| WORKDIR "/" | |
| RUN git clone --depth 1 --branch llvmorg-12.0.1 https://github.com/llvm/llvm-project llvm-project | |
| RUN mkdir build | |
| WORKDIR "/build" | |
| RUN ls ../llvm-project | |
| RUN cmake -DCMAKE_BUILD_TYPE=Release -DLLVM_ENABLE_PROJECTS=lld -DCMAKE_INSTALL_PREFIX=/usr/local ../llvm-project/llvm | |
| RUN make install | |
| WORKDIR "/" | |
| RUN git clone --depth 1 -b 0.11.2 https://github.com/WasmEdge/WasmEdge.git | |
| WORKDIR "/WasmEdge" | |
| RUN mkdir build | |
| WORKDIR "/WasmEdge/build" | |
| RUN cmake -DCMAKE_BUILD_TYPE=Release -DWASMEDGE_BUILD_TESTS=ON .. && make -j && make install | |
| WORKDIR "/" | |
| RUN git clone --depth 1 -b 1.7.2 --recursive https://github.com/containers/crun.git | |
| WORKDIR /crun | |
| RUN ./autogen.sh | |
| RUN ./configure --with-wasmedge | |
| RUN make | |
| RUN ./crun --version | |
| FROM registry.access.redhat.com/ubi8/ubi-minimal | |
| WORKDIR "/vendor/ubuntu_18_04" | |
| COPY --from=ubuntu18builder /WasmEdge/build/lib/api/libwasmedge.so.0 /crun/crun /usr/lib/x86_64-linux-gnu/libyajl.so.2 ./ | |
| WORKDIR "/app" | |
| COPY install.sh remove.sh ./ | |
| RUN chmod +x install.sh remove.sh | |
| CMD ["/app/install.sh"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment