nixos/containerd: sanitize StateDirectory and RuntimeDirectory

2024-11-16 14:54:29 +01:00 · 2021-05-10 12:01:10 +02:00 · 2021-05-10 12:01:10 +02:00 · 2142f88526
commit 2142f88526
parent 08ab7e10f3
3 changed files with 7 additions and 4 deletions
--- a/nixos/modules/services/cluster/kubernetes/default.nix
+++ b/nixos/modules/services/cluster/kubernetes/default.nix
@ -7,12 +7,12 @@ let

  defaultContainerdConfigFile = pkgs.writeText "containerd.toml" ''
    version = 2
-    root = "/var/lib/containerd/daemon"
-    state = "/var/run/containerd/daemon"
+    root = "/var/lib/containerd"
+    state = "/run/containerd"
    oom_score = 0

    [grpc]
-      address = "/var/run/containerd/containerd.sock"
+      address = "/run/containerd/containerd.sock"

    [plugins."io.containerd.grpc.v1.cri"]
      sandbox_image = "pause:latest"
--- a/nixos/modules/services/cluster/kubernetes/kubelet.nix
+++ b/nixos/modules/services/cluster/kubernetes/kubelet.nix
@ -134,7 +134,7 @@ in
    containerRuntimeEndpoint = mkOption {
      description = "Endpoint at which to find the container runtime api interface/socket";
      type = str;
-      default = "unix:///var/run/containerd/containerd.sock";
+      default = "unix:///run/containerd/containerd.sock";
    };

    enable = mkEnableOption "Kubernetes kubelet.";
--- a/nixos/modules/virtualisation/containerd.nix
+++ b/nixos/modules/virtualisation/containerd.nix
@ -54,6 +54,9 @@ in
        LimitNOFILE = "infinity";
        TasksMax = "infinity";
        OOMScoreAdjust = "-999";
+
+        StateDirectory = "containerd";
+        RuntimeDirectory = "containerd";
      };
    };
  };