docs/config.md
nerdctl.toml| :zap: Requirement | nerdctl >= 0.16 |
|---|
This document describes the configuration file of nerdctl (nerdctl.toml).
This file is unrelated to the configuration file of containerd (config.toml) .
/etc/nerdctl/nerdctl.toml~/.config/nerdctl/nerdctl.tomlThe path can be overridden with $NERDCTL_TOML.
# This is an example of /etc/nerdctl/nerdctl.toml .
# Unrelated to the daemon's /etc/containerd/config.toml .
debug = false
debug_full = false
address = "unix:///run/k3s/containerd/containerd.sock"
namespace = "k8s.io"
snapshotter = "stargz"
cgroup_manager = "cgroupfs"
hosts_dir = ["/etc/containerd/certs.d", "/etc/docker/certs.d"]
experimental = true
userns_remap = ""
dns = ["8.8.8.8", "1.1.1.1"]
dns_opts = ["ndots:1", "timeout:2"]
dns_search = ["example.com", "example.org"]
| TOML property | CLI flag | Env var | Description | Availability |
|---|---|---|---|---|
debug | --debug | Debug mode | Since 0.16.0 | |
debug_full | --debug-full | Debug mode (with full output) | Since 0.16.0 | |
address | --address,--host,-a,-H | $CONTAINERD_ADDRESS | containerd address | Since 0.16.0 |
namespace | --namespace,-n | $CONTAINERD_NAMESPACE | containerd namespace | Since 0.16.0 |
snapshotter | --snapshotter,--storage-driver | $CONTAINERD_SNAPSHOTTER | containerd snapshotter | Since 0.16.0 |
cni_path | --cni-path | $CNI_PATH | CNI binary directory | Since 0.16.0 |
cni_netconfpath | --cni-netconfpath | $NETCONFPATH | CNI config directory | Since 0.16.0 |
data_root | --data-root | Persistent state directory | Since 0.16.0 | |
cgroup_manager | --cgroup-manager | cgroup manager | Since 0.16.0 | |
insecure_registry | --insecure-registry | Allow insecure registry | Since 0.16.0 | |
hosts_dir | --hosts-dir | certs.d directory | Since 0.16.0 | |
experimental | --experimental | NERDCTL_EXPERIMENTAL | Enable experimental features | Since 0.22.3 |
host_gateway_ip | --host-gateway-ip | NERDCTL_HOST_GATEWAY_IP | IP address that the special 'host-gateway' string in --add-host resolves to. Defaults to the IP address of the host. It has no effect without setting --add-host | Since 1.3.0 |
bridge_ip | --bridge-ip | NERDCTL_BRIDGE_IP | IP address for the default nerdctl bridge network, e.g., 10.1.100.1/24 | Since 2.0.1 |
kube_hide_dupe | --kube-hide-dupe | Deduplicate images for Kubernetes with namespace k8s.io, no more redundant <none> ones are displayed | Since 2.0.3 | |
cdi_spec_dirs | --cdi-spec-dirs | The folders to use when searching for CDI (container-device-interface) specifications. | Since 2.1.0 | |
userns_remap | --userns-remap | Support idmapping of containers. This options is only supported on rootful linux. If host is passed, no idmapping is done. if a user name is passed, it does idmapping based on the uidmap and gidmap ranges specified in /etc/subuid and /etc/subgid respectively. | Since 2.1.0 | |
dns | Set global DNS servers for containers | Since 2.1.3 | ||
dns_opts | Set global DNS options for containers | Since 2.1.3 | ||
dns_search | Set global DNS search domains for containers | Since 2.1.3 |
The properties are parsed in the following precedence:
nerdctl --help to see the default values)registry.mdfaq.md/etc/containerd/config.toml)