vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

config: Add host privileged runtime configuration

Browse source 
Not all runtimes are able to handle some of the kubelet
security context options, in particular the ones granting
host privileges to containers.

By adding a host privileged runtime path configuration, we
allow ocid to use a different runtime for host privileged
operations like e.g. host namespaces access.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
This commit is contained in:
Samuel Ortiz 2017-02-21 00:33:01 +01:00
parent b872bc2fde
commit 2fc4d0cac1
2 changed files with 13 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
cmd/ocid/config.go
View file

@ -42,6 +42,12 @@ listen = "{{ .Listen }}"
# runtime is a path to the OCI runtime which ocid will be using.
runtime = "{{ .Runtime }}"
# runtime_host_privileged is a path to the OCI runtime which ocid
# will be using for host privileged operations.
# If this string is empty, ocid will not try to use the "runtime"
# for all operations.
runtime_host_privileged = "{{ .RuntimeHostPrivileged }}"
# conmon is the path to conmon binary, used for managing the runtime.
conmon = "{{ .Conmon }}"