version: '2.2'

services:
  kubelet:
    build: .
    image: fphammerle/kubelet
    command: kubelet --container-runtime docker
    volumes:
    - '/var/run/docker.sock:/var/run/docker.sock'
    userns_mode: host
    # > F0401 17:47:53.440731       1 kubelet.go:1413] failed to start OOM watcher open /dev/kmsg: no such file or directory
    devices:
    - /dev/kmsg
    # > mount("/var/lib/kubelet", "/var/lib/kubelet", 0xc00097656c, MS_BIND, NULL) = -1 EPERM (Operation not permitted)
    # > F0401 15:36:24.291067       8 kubelet.go:1413] error configuring root directory: failed to bind-mount /var/lib/kubelet: operation not permitted
    cap_add:
    - SYS_ADMIN
    #- SYS_PTRACE
    security_opt:
    - 'apparmor:unconfined'

# https://docs.docker.com/compose/compose-file/compose-file-v2/