mirror of
https://github.com/kata-containers/kata-containers.git
synced 2026-05-17 04:52:23 +00:00
5c21b1faf3
This change crystallizes and simplifies the current handling of /dev hostPath mounts with virtually no functional change. Before this change: - If a mount DESTINATION is in /dev and it is a non-regular file on the HOST, the shim passes the OCI bind mount as is to the guest (e.g. /dev/kmsg:/dev/kmsg). The container rightfully sees the GUEST device. - If the mount DESTINATION does not exist on the host, the shim relies on k8s/containerd to automatically create a directory (ie. non-regular file) on the HOST. The shim then also passes the OCI bind mount as is to the guest. The container rightfully sees the GUEST device. - For other /dev mounts, the shim passes the device major/minor to the guest over virtio-fs. The container rightfully sees the GUEST device. After this change: - If a mount SOURCE is in /dev and it is a non-regular file on the HOST, the shim passes the OCI bind mount as is to the guest. The container rightfully sees the GUEST device. - The shim does not anymore rely on k8s/containerd to create missing mount directories. Instead it explicitely handles missing mount SOURCES, and treats them like the previous bullet point. - The shim no longer uses virtio-fs to pass /dev device major/minor to the guest, instead it passes the OCI bind mount as is. Signed-off-by: Aurélien Bombo <abombo@microsoft.com>
25 lines
446 B
YAML
25 lines
446 B
YAML
#
|
|
# Copyright (c) 2025 Microsoft Corporation
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
|
|
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: hostpath-kmsg
|
|
spec:
|
|
terminationGracePeriodSeconds: 0
|
|
runtimeClassName: kata
|
|
restartPolicy: Never
|
|
volumes:
|
|
- name: dev-kmsg
|
|
hostPath:
|
|
path: /dev/kmsg
|
|
containers:
|
|
- image: quay.io/prometheus/busybox:latest
|
|
name: container
|
|
volumeMounts:
|
|
- name: dev-kmsg
|
|
mountPath: /dev/kmsg
|