Puppet Class: profile::docker::gvisor

Defined in:
modules/profile/manifests/docker/gvisor.pp

Overview

SPDX-License-Identifier: Apache-2.0 Install the gVisor container runtime for Docker.

Parameters:

  • ensure (Wmflib::Ensure) (defaults to: lookup('docker::gvisor::ensure', { default_value => 'present' })) 


3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'modules/profile/manifests/docker/gvisor.pp', line 3

class profile::docker::gvisor(
    Wmflib::Ensure $ensure = lookup('docker::gvisor::ensure', { default_value => 'present' }),
) {
    apt::repository { 'gvisor':
        ensure     =>  $ensure,
        uri        => 'http://apt.wikimedia.org/wikimedia',
        dist       => "${::lsbdistcodename}-wikimedia",
        components => 'thirdparty/gvisor',
    }

    package { 'runsc':
        ensure  =>  $ensure,
        require => Apt::Repository['gvisor'],
    }

    systemd::override { 'docker-runsc-runtime':
        ensure  => $ensure,
        unit    => 'docker.service',
        content => "[Service]\nEnvironment=DOCKER_OPTS=--add-runtime=runsc=/usr/bin/runsc\n",
        restart => true,
        require => Package['runsc'],
    }
}