mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-29 14:37:00 +00:00
Merge pull request #12895 from lvlv/uts
use host uts namespace when pod.Spec.HostNetwork is true
This commit is contained in:
commit
1db153cee3
@ -572,7 +572,8 @@ func (dm *DockerManager) runContainer(
|
|||||||
opts *kubecontainer.RunContainerOptions,
|
opts *kubecontainer.RunContainerOptions,
|
||||||
ref *api.ObjectReference,
|
ref *api.ObjectReference,
|
||||||
netMode string,
|
netMode string,
|
||||||
ipcMode string) (string, error) {
|
ipcMode string,
|
||||||
|
utsMode string) (string, error) {
|
||||||
|
|
||||||
dockerName := KubeletContainerName{
|
dockerName := KubeletContainerName{
|
||||||
PodFullName: kubecontainer.GetPodFullName(pod),
|
PodFullName: kubecontainer.GetPodFullName(pod),
|
||||||
@ -679,6 +680,7 @@ func (dm *DockerManager) runContainer(
|
|||||||
Binds: binds,
|
Binds: binds,
|
||||||
NetworkMode: netMode,
|
NetworkMode: netMode,
|
||||||
IpcMode: ipcMode,
|
IpcMode: ipcMode,
|
||||||
|
UTSMode: utsMode,
|
||||||
// Memory and CPU are set here for newer versions of Docker (1.6+).
|
// Memory and CPU are set here for newer versions of Docker (1.6+).
|
||||||
Memory: memoryLimit,
|
Memory: memoryLimit,
|
||||||
MemorySwap: -1,
|
MemorySwap: -1,
|
||||||
@ -1240,7 +1242,11 @@ func (dm *DockerManager) runContainerInPod(pod *api.Pod, container *api.Containe
|
|||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
id, err := dm.runContainer(pod, container, opts, ref, netMode, ipcMode)
|
utsMode := ""
|
||||||
|
if pod.Spec.HostNetwork {
|
||||||
|
utsMode = "host"
|
||||||
|
}
|
||||||
|
id, err := dm.runContainer(pod, container, opts, ref, netMode, ipcMode, utsMode)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
@ -1303,7 +1309,7 @@ func (dm *DockerManager) runContainerInPod(pod *api.Pod, container *api.Containe
|
|||||||
// This resolv.conf file is shared by all containers of the same pod, and needs to be modified only once per pod.
|
// This resolv.conf file is shared by all containers of the same pod, and needs to be modified only once per pod.
|
||||||
// we modify it when the pause container is created since it is the first container created in the pod since it holds
|
// we modify it when the pause container is created since it is the first container created in the pod since it holds
|
||||||
// the networking namespace.
|
// the networking namespace.
|
||||||
if container.Name == PodInfraContainerName {
|
if container.Name == PodInfraContainerName && utsMode != "host" {
|
||||||
err = addNDotsOption(containerInfo.ResolvConfPath)
|
err = addNDotsOption(containerInfo.ResolvConfPath)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1991,6 +1991,46 @@ func TestSyncPodWithTerminationLog(t *testing.T) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestSyncPodWithHostNetwork(t *testing.T) {
|
||||||
|
dm, fakeDocker := newTestDockerManager()
|
||||||
|
pod := &api.Pod{
|
||||||
|
ObjectMeta: api.ObjectMeta{
|
||||||
|
UID: "12345678",
|
||||||
|
Name: "foo",
|
||||||
|
Namespace: "new",
|
||||||
|
},
|
||||||
|
Spec: api.PodSpec{
|
||||||
|
Containers: []api.Container{
|
||||||
|
{Name: "bar"},
|
||||||
|
},
|
||||||
|
HostNetwork: true,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
runSyncPod(t, dm, fakeDocker, pod)
|
||||||
|
|
||||||
|
verifyCalls(t, fakeDocker, []string{
|
||||||
|
// Create pod infra container.
|
||||||
|
"create", "start", "inspect_container",
|
||||||
|
// Create container.
|
||||||
|
"create", "start", "inspect_container",
|
||||||
|
})
|
||||||
|
|
||||||
|
fakeDocker.Lock()
|
||||||
|
if len(fakeDocker.Created) != 2 ||
|
||||||
|
!matchString(t, "k8s_POD\\.[a-f0-9]+_foo_new_", fakeDocker.Created[0]) ||
|
||||||
|
!matchString(t, "k8s_bar\\.[a-f0-9]+_foo_new_", fakeDocker.Created[1]) {
|
||||||
|
t.Errorf("Unexpected containers created %v", fakeDocker.Created)
|
||||||
|
}
|
||||||
|
|
||||||
|
utsMode := fakeDocker.Container.HostConfig.UTSMode
|
||||||
|
if utsMode != "host" {
|
||||||
|
t.Errorf("Pod with host network must have \"host\" utsMode, actual: \"%v\"", utsMode)
|
||||||
|
}
|
||||||
|
|
||||||
|
fakeDocker.Unlock()
|
||||||
|
}
|
||||||
|
|
||||||
func TestGetPodStatusSortedContainers(t *testing.T) {
|
func TestGetPodStatusSortedContainers(t *testing.T) {
|
||||||
dm, fakeDocker := newTestDockerManager()
|
dm, fakeDocker := newTestDockerManager()
|
||||||
dockerInspect := map[string]*docker.Container{}
|
dockerInspect := map[string]*docker.Container{}
|
||||||
|
Loading…
Reference in New Issue
Block a user