container: Bind mount hosts file for host networking containers

Fixes #451

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
This commit is contained in:
Samuel Ortiz 2017-04-22 02:54:29 +02:00
parent 5fe841c19d
commit 3b691d085c

View file

@ -175,6 +175,15 @@ func setupContainerUser(specgen *generate.Generator, rootfs string, sc *pb.Linux
return nil return nil
} }
func hostNetwork(containerConfig *pb.ContainerConfig) bool {
securityContext := containerConfig.GetLinux().GetSecurityContext()
if securityContext == nil || securityContext.GetNamespaceOptions() == nil {
return false
}
return securityContext.GetNamespaceOptions().HostNetwork
}
// ensureSaneLogPath is a hack to fix https://issues.k8s.io/44043 which causes // ensureSaneLogPath is a hack to fix https://issues.k8s.io/44043 which causes
// logPath to be a broken symlink to some magical Docker path. Ideally we // logPath to be a broken symlink to some magical Docker path. Ideally we
// wouldn't have to deal with this, but until that issue is fixed we have to // wouldn't have to deal with this, but until that issue is fixed we have to
@ -455,6 +464,11 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
specgen.AddBindMount(sb.resolvPath, "/etc/resolv.conf", []string{"ro"}) specgen.AddBindMount(sb.resolvPath, "/etc/resolv.conf", []string{"ro"})
} }
// Bind mount /etc/hosts for host networking containers
if hostNetwork(containerConfig) {
specgen.AddBindMount("/etc/hosts", "/etc/hosts", []string{"ro"})
}
if sb.hostname != "" { if sb.hostname != "" {
specgen.SetHostname(sb.hostname) specgen.SetHostname(sb.hostname)
} }