container_create: only bind mount /etc/hosts if not provided by k8s
k8s already mounts /etc/hosts from /var/lib/kubelet/pods/<ID>/etc-hosts even for host network. We shouldn't play with it unless we're running from crictl for instance. Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
parent
4fee97abe3
commit
cf37995d30
1 changed files with 11 additions and 2 deletions
|
@ -1079,8 +1079,17 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
|
||||||
specgen.AddMount(mnt)
|
specgen.AddMount(mnt)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Bind mount /etc/hosts for host networking containers
|
isInCRIMounts := func(dst string, mounts []*pb.Mount) bool {
|
||||||
if hostNetwork(containerConfig) {
|
for _, m := range mounts {
|
||||||
|
if m.ContainerPath == dst {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
if !isInCRIMounts("/etc/hosts", containerConfig.GetMounts()) && hostNetwork(containerConfig) {
|
||||||
|
// Only bind mount for host netns and when CRI does not give us any hosts file
|
||||||
mnt = rspec.Mount{
|
mnt = rspec.Mount{
|
||||||
Type: "bind",
|
Type: "bind",
|
||||||
Source: "/etc/hosts",
|
Source: "/etc/hosts",
|
||||||
|
|
Loading…
Reference in a new issue