From 671c0ed5159263995a666451ef9c866c8bbb7adf Mon Sep 17 00:00:00 2001
From: Shishir Mahajan <smahajan@roblox.com>
Date: Tue, 13 Apr 2021 10:49:37 -0700
Subject: [PATCH] Update containerd task driver options.

- image_pull_timeout
- pids_limit
- sysctl
---
 .../docs/drivers/external/containerd.mdx      | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/website/content/docs/drivers/external/containerd.mdx b/website/content/docs/drivers/external/containerd.mdx
index 2deacb9d3..97e434680 100644
--- a/website/content/docs/drivers/external/containerd.mdx
+++ b/website/content/docs/drivers/external/containerd.mdx
@@ -90,6 +90,10 @@ config {
 }
 ```
 
+- `image_pull_timeout` - (Optional) A time duration that controls how long
+  `containerd-driver` will wait before cancelling an in-progress pull of the
+  OCI image as specified in `image`. Defaults to `"5m"`.
+
 - `command` - (Optional) Command to override command defined in the image.
 
 ```hcl
@@ -124,6 +128,9 @@ config {
 }
 ```
 
+- `pids_limit` - (Optional) An integer value that specifies the pid limit for
+  the container. Defaults to unlimited.
+
 - `host_dns` - (Optional) `true` (default) or `false` By default, a container
   launched using `containerd-driver` will use host `/etc/resolv.conf`. This is
   similar to [Docker's behavior]. However, if you don't want to use
@@ -145,6 +152,18 @@ config {
 }
 ```
 
+- `sysctl` - (Optional) A key-value map of sysctl configurations to set to the
+  containers on start.
+
+```hcl
+  config {
+    sysctl = {
+      "net.core.somaxconn"  = "16384"
+      "net.ipv4.ip_forward" = "1"
+    }
+  }
+```
+
 - `readonly_rootfs` - (Optional) `true` or `false` (default) Container root
   filesystem will be read-only.