Upgrade crio.conf to version v1.19.0

afbjorklund · afbjorklund · commit 9d6a3dafabec · 2020-12-10T07:25:40.000+01:00
diff --git a/deploy/iso/minikube-iso/package/crio-bin/crio.conf b/deploy/iso/minikube-iso/package/crio-bin/crio.conf
@@ -93,7 +93,8 @@ grpc_max_recv_msg_size = 16777216
 #]
 
 # default_runtime is the _name_ of the OCI runtime to be used as the default.
-# The name is matched against the runtimes map below.
+# The name is matched against the runtimes map below. If this value is changed,
+# the corresponding existing entry from the runtimes map below will be ignored.
 default_runtime = "runc"
 
 # If true, the runtime will not use pivot_root, but instead use MS_MOVE.
@@ -241,12 +242,15 @@ gid_mappings = ""
 # value is 30s, whereas lower values are not considered by CRI-O.
 ctr_stop_timeout = 30
 
-# **DEPRECATED** this option is being replaced by manage_ns_lifecycle, which is described below.
-# manage_network_ns_lifecycle = false
-
 # manage_ns_lifecycle determines whether we pin and remove namespaces
 # and manage their lifecycle
-manage_ns_lifecycle = false
+manage_ns_lifecycle = true
+
+# drop_infra_ctr determines whether CRI-O drops the infra container
+# when a pod does not have a private PID namespace, and does not use
+# a kernel separating runtime (like kata).
+# It requires manage_ns_lifecycle to be true.
+drop_infra_ctr = false
 
 # The directory where the state of the managed namespaces gets tracked.
 # Only used when manage_ns_lifecycle is true.
@@ -283,6 +287,10 @@ runtime_type = "oci"
 runtime_root = "/run/runc"
 
 
+# crun is a fast and lightweight fully featured OCI runtime and C library for
+# running containers
+#[crio.runtime.runtimes.crun]
+
 # Kata Containers is an OCI runtime, where containers are run inside lightweight
 # VMs. Kata provides additional isolation towards the host, minimizing the host attack
 # surface and mitigating the consequences of containers breakout.
@@ -352,6 +360,8 @@ registries = [
 	"docker.io"
 ]
 
+# Temporary directory to use for storing big files
+big_files_temporary_dir = ""
 
 # The crio.network table containers settings pertaining to the management of
 # CNI plugins.
@@ -377,3 +387,6 @@ enable_metrics = true
 
 # The port on which the metrics server will listen.
 metrics_port = 9090
+
+# Local socket path to bind the metrics server to
+metrics_socket = ""
diff --git a/deploy/iso/minikube-iso/package/crio-bin/crio.conf.default b/deploy/iso/minikube-iso/package/crio-bin/crio.conf.default
@@ -93,7 +93,8 @@ grpc_max_recv_msg_size = 16777216
 #]
 
 # default_runtime is the _name_ of the OCI runtime to be used as the default.
-# The name is matched against the runtimes map below.
+# The name is matched against the runtimes map below. If this value is changed,
+# the corresponding existing entry from the runtimes map below will be ignored.
 default_runtime = "runc"
 
 # If true, the runtime will not use pivot_root, but instead use MS_MOVE.
@@ -241,12 +242,15 @@ gid_mappings = ""
 # value is 30s, whereas lower values are not considered by CRI-O.
 ctr_stop_timeout = 30
 
-# **DEPRECATED** this option is being replaced by manage_ns_lifecycle, which is described below.
-# manage_network_ns_lifecycle = false
-
 # manage_ns_lifecycle determines whether we pin and remove namespaces
 # and manage their lifecycle
-manage_ns_lifecycle = false
+manage_ns_lifecycle = true
+
+# drop_infra_ctr determines whether CRI-O drops the infra container
+# when a pod does not have a private PID namespace, and does not use
+# a kernel separating runtime (like kata).
+# It requires manage_ns_lifecycle to be true.
+drop_infra_ctr = false
 
 # The directory where the state of the managed namespaces gets tracked.
 # Only used when manage_ns_lifecycle is true.
@@ -283,6 +287,10 @@ runtime_type = "oci"
 runtime_root = "/run/runc"
 
 
+# crun is a fast and lightweight fully featured OCI runtime and C library for
+# running containers
+#[crio.runtime.runtimes.crun]
+
 # Kata Containers is an OCI runtime, where containers are run inside lightweight
 # VMs. Kata provides additional isolation towards the host, minimizing the host attack
 # surface and mitigating the consequences of containers breakout.
@@ -351,6 +359,8 @@ image_volumes = "mkdir"
 #registries = [
 # ]
 
+# Temporary directory to use for storing big files
+big_files_temporary_dir = ""
 
 # The crio.network table containers settings pertaining to the management of
 # CNI plugins.
@@ -376,3 +386,6 @@ enable_metrics = false
 
 # The port on which the metrics server will listen.
 metrics_port = 9090
+
+# Local socket path to bind the metrics server to
+metrics_socket = ""
