github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-03 02:07:38 +00:00
Code Issues Projects Releases Wiki Activity

dockershim: only set sysctl in infra container

Browse Source
This commit is contained in:
Dr. Stefan Schimanski
2016-11-01 13:21:12 +01:00
parent cc84673ebe
commit 42f6179517
1 changed files with 1 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/kubelet/dockershim/docker_container.go
View File

@@ -125,13 +125,6 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeApi
Privileged: config.GetPrivileged(),
}
// Set sysctls if requested
sysctls, err := getSysctlsFromAnnotations(config.Annotations)
if err != nil {
return "", fmt.Errorf("failed to get sysctls from annotations %v for container %q: %v", config.Annotations, config.Metadata.GetName(), err)
}
hc.Sysctls = sysctls
// Apply options derived from the sandbox config.
if lc := sandboxConfig.GetLinux(); lc != nil {
// Apply Cgroup options.
@@ -176,6 +169,7 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeApi
// Note: ShmSize is handled in kube_docker_client.go
}
var err error
hc.SecurityOpt, err = getContainerSecurityOpts(config.Metadata.GetName(), sandboxConfig, ds.seccompProfileRoot)
if err != nil {
return "", fmt.Errorf("failed to generate container security options for container %q: %v", config.Metadata.GetName(), err)