Merge pull request #101020 from cindy52/bugfix/etcd

Change file owner of /mnt/disks/master-pd/var/etcd  instead of /var/etcd
This commit is contained in:
Kubernetes Prow Robot 2021-04-13 12:09:47 -07:00 committed by GitHub
commit 318db993c8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 10 deletions

View File

@ -1859,16 +1859,10 @@ function prepare-etcd-manifest {
# Replace the volume host path.
sed -i -e "s@/mnt/master-pd/var/etcd@/mnt/disks/master-pd/var/etcd@g" "${temp_file}"
# Replace the run as user and run as group
pod_run_as_user=""
pod_run_as_group=""
container_security_context=""
if [[ -n "${ETCD_RUNASUSER:-}" && -n "${ETCD_RUNASGROUP:-}" ]]; then
pod_run_as_user="\"runAsUser\": ${ETCD_RUNASUSER},"
pod_run_as_group="\"runAsGroup\": ${ETCD_RUNASGROUP},"
container_security_context="\"securityContext\": {\"allowPrivilegeEscalation\": false, \"capabilities\": {\"drop\": [\"all\"]}},"
container_security_context="\"securityContext\": {\"runAsUser\": ${ETCD_RUNASUSER}, \"runAsGroup\": ${ETCD_RUNASGROUP}, \"allowPrivilegeEscalation\": false, \"capabilities\": {\"drop\": [\"all\"]}},"
fi
sed -i -e "s@{{ run_as_user }}@${pod_run_as_user}@g" "${temp_file}"
sed -i -e "s@{{ run_as_group }}@${pod_run_as_group}@g" "${temp_file}"
sed -i -e "s@{{security_context}}@${container_security_context}@g" "${temp_file}"
mv "${temp_file}" /etc/kubernetes/manifests
}
@ -1891,7 +1885,7 @@ function start-etcd-servers {
rm -f /etc/init.d/etcd
fi
if [[ -n "${ETCD_RUNASUSER:-}" && -n "${ETCD_RUNASGROUP:-}" ]]; then
chown -R "${ETCD_RUNASUSER}":"${ETCD_RUNASGROUP}" /var/etcd/
chown -R "${ETCD_RUNASUSER}":"${ETCD_RUNASGROUP}" /mnt/disks/master-pd/var/etcd
fi
prepare-log-file /var/log/etcd.log "${ETCD_RUNASUSER:-0}"
prepare-etcd-manifest "" "2379" "2380" "200m" "etcd.manifest"

View File

@ -7,8 +7,6 @@
},
"spec":{
"securityContext": {
{{ run_as_user }}
{{ run_as_group }}
"seccompProfile": {
"type": "RuntimeDefault"
}