runtime: bind-mount mounted block device into container

When the mounted block device isn't a layer, we want to mount it into containers, but since it's already mounted with the correct fs (e.g., tar, ext4, etc.) in the pod, we just bind-mount it into the container. Fixes: #7536 Signed-off-by: Wedson Almeida Filho <walmeida@microsoft.com>
2025-04-28 03:42:09 +00:00 · 2023-06-16 00:44:34 -03:00 · 2023-06-16 00:44:34 -03:00 · 4fbe0a3a53
commit 4fbe0a3a53
parent 7e1b1949d4
1 changed files with 4 additions and 0 deletions
--- a/src/runtime/virtcontainers/kata_agent.go
+++ b/src/runtime/virtcontainers/kata_agent.go
@ -1662,6 +1662,10 @@ func (k *kataAgent) handleBlkOCIMounts(c *Container, spec *specs.Spec) ([]*grpc.
 				"new-source":      path,
 			}).Debug("Replacing OCI mount source")
 			spec.Mounts[idx].Source = path
+			if HasOption(spec.Mounts[idx].Options, vcAnnotations.IsFileBlockDevice) {
+				// The device is already mounted, just bind to path in container.
+				spec.Mounts[idx].Options = []string{"bind"}
+			}
 			break
 		}