vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #1392 from umohnani8/pid-ns

Browse source 
Enable per pod PID namespace setting
This commit is contained in:
Mrunal Patel 2018-03-02 13:33:14 -08:00 committed by GitHub
commit 61a49a111d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
121 changed files with 11298 additions and 5324 deletions
Download patch file Download diff file Expand all files Collapse all files

2
server/container_create.go
View file

@ -1000,7 +1000,7 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
if containerConfig.GetLinux().GetSecurityContext().GetNamespaceOptions().GetPid() == pb.NamespaceMode_NODE {
// kubernetes PodSpec specify to use Host PID namespace
specgen.RemoveLinuxNamespace(string(rspec.PIDNamespace))
} else if s.config.EnableSharedPIDNamespace {
} else if containerConfig.GetLinux().GetSecurityContext().GetNamespaceOptions().GetPid() == pb.NamespaceMode_POD {
// share Pod PID namespace
pidNsPath := fmt.Sprintf("/proc/%d/ns/pid", podInfraState.Pid)
if err := specgen.AddOrReplaceLinuxNamespace(string(rspec.PIDNamespace), pidNsPath); err != nil {