lxd-profile.yaml

##
## Copyright 2023 Canonical, Ltd.
##
name: microk8s
config:
  # boot.autostart: "true"
  linux.kernel_modules: ip_vs,ip_vs_rr,ip_vs_wrr,ip_vs_sh,ip_tables,ip6_tables,netlink_diag,nf_nat,overlay,br_netfilter
  raw.lxc: |
    lxc.apparmor.profile=unconfined
    lxc.mount.auto=proc:rw sys:rw cgroup:rw
    lxc.cgroup.devices.allow=a
    lxc.cap.drop=
  security.nesting: "true"
  security.privileged: "true"
description: ""
devices:
  # aadisable:
  #   path: /sys/module/nf_conntrack/parameters/hashsize
  #   source: /sys/module/nf_conntrack/parameters/hashsize
  #   type: disk
  aadisable2:
    path: /dev/kmsg
    source: /dev/kmsg
    type: unix-char
  # aadisable3:
  #   path: /sys/fs/bpf
  #   source: /sys/fs/bpf
  #   type: disk
  # aadisable4:
  #   path: /proc/sys/net/netfilter/nf_conntrack_max
  #   source: /proc/sys/net/netfilter/nf_conntrack_max
  #   type: disk