| add_host |
Add host to system |
| all |
The whole quantity or extent of a particular group or thing |
| blkio_weight |
Specifies per cgroup weight |
| blkio_weight_device |
Per cgroup per device rules using this interface |
| ca_cert_dir |
Path to directory containing TLS certificates and keys |
| cap_add |
List of capabilities to add to OCI container |
| cap_drop |
List of capabilities to drop from OCI container |
| cgroup_parent |
On creation, all processes are put in the cgroup that the parent process belo... |
| cgroupns |
cgroup namespace provides a mechanism to virtualize the view of the "/proc/$P... |
| cidfile |
Write the container ID to the file |
| configmap |
A ConfigMap is an API object that lets you store configuration for other obje... |
| conmon_pidfile |
File to which the conman daemon's PID is written |
| container_prefix |
Prefix for a Container |
| containers |
Bunch of containers |
| cpu_period |
Configure CPU allocation parameters using platform realtime scheduler |
| cpu_rt_period |
Configure CPU allocation parameters using platform realtime scheduler |
| cpu_rt_runtime |
A global limit on how much time platform realtime scheduling may use |
| cpu_shares |
Control how much CPU time a process in a hierarchy can use |
| cpuset_cpus |
CPUs in which to allow execution (0-3, 0,1) |
| cpuset_mems |
Memory nodes (MEMs) in which to allow execution (0-3, 0,1) on NUMA systems |
| detach |
Separate one entity to form another entity |
| detach_keys |
Override the key sequence for detaching a container |
| device_read_bps |
Limit read rate (bytes per second) from a device |
| device_read_iops |
Limit read rate (IO per second) from a device |
| device_write_bps |
Limit write rate (bytes per second) to a device |
| device_write_iops |
Limit write rate (IO per second) to a device |
| disable_dns |
Disable dns |
| entrypoint |
Point in a computer program where instruction-execution begins |
| env_host |
Environment variables for a host |
| expose |
To present to view; exhibit; display |
| extra_args |
Extra arguments passed |
| force_restart |
Force restart of entity |
| force_rm |
Force removal |
| generate_systemd |
Generate systemd unit file for a service |
| gidmap |
Group id mapping |
| group_add |
Add additional groups |
| healthcheck_start_period |
The initialization time needed for a container to bootstrap |
| hooks_dir |
Directory containing hooks, a technique to alter the behavior of a software b... |
| ignore_docker_credentials |
Credentials created using other tools such as docker login are not removed ... |
| image_strict |
Whether to compare images in idempotency by taking into account a full name w... |
| image_volume |
Volume created from an Image |
| infra_command |
Infrastructure command |
| infra_conmon_pidfile |
Write the pid of the infra container’s conmon process to a file |
| infra_image |
The image that will be created for the infra container |
| infra_name |
The name that will be used for the pod’s infra container |
| init_path |
Path to the init binary |
| ipc |
Mechanisms an operating system provides allowing processes to manage shared d... |
| kernel_memory |
The kernel has full access to the system's memory and allows processes to saf... |
| kube_file |
Path to file with YAML configuration for a Pod |
| label_file |
Line delimited file of labels |
| log_opt |
Logging driver specific options |
| macvlan |
Macvlan is a virtual LAN that you can use if you want to assign several IP ad... |
| memory_reservation |
A memory reservation ensures that even as other virtual devices on the same h... |
| memory_swap |
Memory management scheme by which a computer stores and retrieves data from s... |
| memory_swappiness |
Swappiness is a Linux kernel parameter that controls the relative weight give... |
| multi_image_archive |
Allow for creating archives with more than one image |
| network_alias |
Add network-scoped alias |
| network_aliases |
Add network-scoped alias |
| no_header |
Do not generate the header including meta data |
| no_hosts |
Do not create /etc/hosts |
| oom_kill_disable |
Whether to disable OOM Killer for the entity or not |
| oom_score_adj |
Tune the host's OOM preferences for entity (accepts -1000 to 1000) |
| pids_limit |
Tune the entity's PIDs limit |
| pod |
Vessel that contains seeds for an entity |
| pod_id_file |
Write the pod ID to the file |
| pod_prefix |
Prefix for a Pod |
| publish_all |
Publish all exposed ports to random ports on the host interfaces |
| pull |
Exert force on entity so as to cause movement towards oneself |
| push |
Exert force on entity so as to cause movement away from oneself |
| push_args |
Arguments that control push action |
| read_only_tmpfs |
If container is running in --read-only mode, then mount a read-write tmpfs on... |
| registry |
Set of records with a single structure arranged according to a criterion, pro... |
| remove_signatures |
Discard any pre-existing signatures |
| requires |
Specify one or more requirements |
| restart_policy |
Restart policy to follow when entity exits |
| restart_sec |
Time to sleep before restart |
| sdnotify |
Notify service manager about start-up completion and other service status cha... |
| seccomp_profile_root |
Directory path for seccomp profiles |
| security_opt |
Security Options |
| shm_size |
Size of /dev/shm |
| sig_proxy |
Proxy signals |
| sign_by |
Path to a key file to use to sign the package |
| skip_existing |
Skip existing entity |
| start_timeout |
Timeout (in seconds) to start a process |
| stop_signal |
Signal to stop a process |
| stop_timeout |
Timeout (in seconds) to stop a process |
| subgidname |
Name from /etc/subgid |
| subuidname |
Name from /etc/subuid |
| target_names |
Target names |
| uidmap |
Run the container in a new user namespace using the supplied mapping |
| use_names |
Use names |
| userns |
User namespaces are an isolation feature allowing processes to run with diffe... |
| volumes_from |
Mount volumes from the specified source |
| wants |
Wanted things |