vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

sandbox: Use first class sysctls instead of annotations

Browse source 
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
Mrunal Patel 2017-10-19 15:23:41 -07:00 committed by Antonio Murdaca
parent c25530ac0b
commit 815bb7652b
No known key found for this signature in database
GPG key ID: B2BEAD150DE936B9
8 changed files with 57 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

11
server/sandbox_run.go
View file

@ -398,15 +398,8 @@ func (s *Server) RunPodSandbox(ctx context.Context, req *pb.RunPodSandboxRequest
}
// extract linux sysctls from annotations and pass down to oci runtime
safe, unsafe, err := SysctlsFromPodAnnotations(kubeAnnotations)
if err != nil {
return nil, err
}
for _, sysctl := range safe {
g.AddLinuxSysctl(sysctl.Name, sysctl.Value)
}
for _, sysctl := range unsafe {
g.AddLinuxSysctl(sysctl.Name, sysctl.Value)
for key, value := range req.GetConfig().GetLinux().GetSysctls() {
g.AddLinuxSysctl(key, value)
}
// Set OOM score adjust of the infra container to be very low