container_create: only bind mount /etc/hosts if not provided by k8s

k8s already mounts /etc/hosts from /var/lib/kubelet/pods/<ID>/etc-hosts
even for host network. We shouldn't play with it unless we're running
from crictl for instance.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
Antonio Murdaca 2018-01-24 13:29:28 +01:00
parent 4fee97abe3
commit cf37995d30
No known key found for this signature in database
GPG key ID: B2BEAD150DE936B9

View file

@ -1079,8 +1079,17 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
specgen.AddMount(mnt)
}
// Bind mount /etc/hosts for host networking containers
if hostNetwork(containerConfig) {
isInCRIMounts := func(dst string, mounts []*pb.Mount) bool {
for _, m := range mounts {
if m.ContainerPath == dst {
return true
}
}
return false
}
if !isInCRIMounts("/etc/hosts", containerConfig.GetMounts()) && hostNetwork(containerConfig) {
// Only bind mount for host netns and when CRI does not give us any hosts file
mnt = rspec.Mount{
Type: "bind",
Source: "/etc/hosts",