Skip to main content

Container runtime configuration

Chef 360 Platform’s k0s comes bundled with containerd as the default container runtime interface (CRI) and runc as the default low-level runtime. Usually they don’t require any configuration changes, but this page provides some configuration examples if you need them.

containerd configuration

By default Chef 360 Platform manages the full containerd configuration. In specific advanced use cases it’s possible to fully overriding these setting, and thus also managing, the configuration themselves.

Warning

Changes to the containerd runtime aren’t restricted, but not recommended. These changes may be overridden automatically through the Chef 360 Platform upgrade process. Contact Chef Support before you customize the runtime so it can be documented in your account.

User managed containerd configuration

In the default k0s generated configuration there’s a “magic” comment telling k0s it’s k0s managed:

# k0s_managed=true

If you wish to take over the configuration management remove this line.

To make changes to containerd configuration you must first generate a default containerd configuration, with the default values set to /etc/k0s/containerd.toml:

containerd config default > /etc/k0s/containerd.toml

k0s runs containerd with the following default values:

/var/lib/k0s/bin/containerd \
    --root=/var/lib/k0s/containerd \
    --state=/run/k0s/containerd \
    --address=/run/k0s/containerd.sock \
    --config=/etc/k0s/containerd.toml

Next, add the following default values to the configuration file:

version = 2
root = "/var/lib/k0s/containerd"
state = "/run/k0s/containerd"
...

[grpc]
  address = "/run/k0s/containerd.sock"

k0s managed dynamic runtime configuration

As of 1.27.1, k0s allows dynamic configuration of containerd CRI runtimes. This works by k0s creating a special directory in /etc/k0s/containerd.d/ where users can place partial containerd configuration files.

K0s will automatically pick up these files and add them as containerd configuration imports. If a partial configuration file contains a CRI plugin configuration section, k0s will instead treat such a file as a [merge patch] to k0s’s default containerd configuration. This is to mitigate [containerd’s decision] to replace rather than merge individual plugin configuration sections from imported configuration files. However, this behavior [may][containerd#7347] [change][containerd#9982] in future releases of containerd.

Thank you for your feedback!

×