kubernetes-sigs · spnngl · May 14, 2024 · Apr 12, 2024 · VannTen · May 13, 2024
diff --git a/inventory/sample/group_vars/all/containerd.yml b/inventory/sample/group_vars/all/containerd.yml
@@ -24,8 +24,21 @@
 # containerd_grpc_max_recv_message_size: 16777216
 # containerd_grpc_max_send_message_size: 16777216
 
+# Containerd debug socket location: unix or tcp format
+# containerd_debug_address: ""
+
+# Containerd log level
 # containerd_debug_level: "info"
 
+# Containerd logs format, supported values: text, json
+# containerd_debug_format: ""
+
+# Containerd debug socket UID
+# containerd_debug_uid: 0
+
+# Containerd debug socket GID
+# containerd_debug_gid: 0
+
 # containerd_metrics_address: ""
 
 # containerd_metrics_grpc_histogram: false

diff --git a/roles/container-engine/containerd/defaults/main.yml b/roles/container-engine/containerd/defaults/main.yml
@@ -46,7 +46,11 @@ containerd_base_runtime_specs:
 containerd_grpc_max_recv_message_size: 16777216
 containerd_grpc_max_send_message_size: 16777216
 
+containerd_debug_address: ""
 containerd_debug_level: "info"
+containerd_debug_format: ""
+containerd_debug_uid: 0
+containerd_debug_gid: 0
 
 containerd_metrics_address: ""
 
@@ -66,6 +70,12 @@ containerd_enable_unprivileged_ports: false
 # If enabled it will allow non root users to use icmp sockets
 containerd_enable_unprivileged_icmp: false
 
+containerd_enable_selinux: false
+containerd_disable_apparmor: false
+containerd_tolerate_missing_hugetlb_controller: true
+containerd_disable_hugetlb_controller: true
+containerd_image_pull_progress_timeout: 5m
+
 containerd_cfg_dir: /etc/containerd
 
 # Extra config to be put in {{ containerd_cfg_dir }}/config.toml literally

diff --git a/roles/container-engine/containerd/templates/config.toml.j2 b/roles/container-engine/containerd/templates/config.toml.j2
@@ -12,7 +12,11 @@ oom_score = {{ containerd_oom_score }}
   max_send_message_size = {{ containerd_grpc_max_send_message_size }}
 
 [debug]
+  address = "{{ containerd_debug_address }}"
   level = "{{ containerd_debug_level }}"
+  format = "{{ containerd_debug_format }}"
+  uid = {{ containerd_debug_uid }}
+  gid = {{ containerd_debug_gid }}
 
 [metrics]
   address = "{{ containerd_metrics_address }}"
@@ -24,6 +28,11 @@ oom_score = {{ containerd_oom_score }}
     max_container_log_line_size = {{ containerd_max_container_log_line_size }}
     enable_unprivileged_ports = {{ containerd_enable_unprivileged_ports | lower }}
     enable_unprivileged_icmp = {{ containerd_enable_unprivileged_icmp | lower }}
+    enable_selinux = {{ containerd_enable_selinux | lower }}
+    disable_apparmor = {{ containerd_disable_apparmor | lower }}
+    tolerate_missing_hugetlb_controller = {{ containerd_tolerate_missing_hugetlb_controller | lower }}
+    disable_hugetlb_controller = {{ containerd_disable_hugetlb_controller | lower }}
+    image_pull_progress_timeout = "{{ containerd_image_pull_progress_timeout }}"
 {% if enable_cdi %}
     enable_cdi = true
     cdi_spec_dirs = ["/etc/cdi", "/var/run/cdi"]