openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
fd7984cfcdc722eaa70f93fd7f5da48ba445a590
openshift-docs/modules/create-crio-default-capabilities.adoc
Michael Burke 272935f010 Created Cri-O default capabilities section follow up
2025-02-26 10:36:09 -05:00

47 lines
2.3 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * machine_configuration/machine-configs-custom.adoc
:_mod-docs-content-type: CONCEPT
[id="create-crio-default-capabilities_{context}"]
= Creating a drop-in file for the default CRI-O capabilities
You can change some of the settings associated with the {product-title} CRI-O runtime for the nodes associated with a specific machine config pool (MCP). By using a controller custom resource (CR), you set the configuration values and add a label to match the MCP. The Machine Config Operator (MCO) then rebuilds the `crio.conf` and `default.conf` configuration files on the associated nodes with the updated values.
Earlier versions of {product-title} included specific machine configs by default. If you updated to a later version of {product-title}, those machine configs were retained to ensure that clusters running on the same {product-title} version have the same machine configs.
You can create multiple `ContainerRuntimeConfig` CRs, as needed, with a limit of 10 per cluster. For the first `ContainerRuntimeConfig` CR, the MCO creates a machine config appended with `containerruntime`. With each subsequent CR, the controller creates a `containerruntime` machine config with a numeric suffix. For example, if you have a `containerruntime` machine config with a `-2` suffix, the next `containerruntime` machine config is appended with `-3`.
If you want to delete the machine configs, delete them in reverse order to avoid exceeding the limit. For example, delete the `containerruntime-3` machine config before you delete the `containerruntime-2` machine config.
[NOTE]
====
If you have a machine config with a `containerruntime-9` suffix and you create another `ContainerRuntimeConfig` CR, a new machine config is not created, even if there are fewer than 10 `containerruntime` machine configs.
====
.Example of multiple ContainerRuntimeConfig CRs
[source,terminal]
----
$ oc get ctrcfg
----
.Example output
[source,terminal]
----
NAME AGE
ctr-overlay 15m
ctr-level 5m45s
----
.Example showing multiple containerruntime related system configs
[source,terminal]
----
$ cat /proc/1/status | grep Cap
----
[source,terminal]
----
$ capsh --decode=<decode_CapBnd_value> <1>
----
<1> Replace `<decode_CapBnd_value>` with the specific value you want to decode.
View Git Blame Copy Permalink