From 7830dcce7efe9648d1ecf1440e520dd034ba0ca4 Mon Sep 17 00:00:00 2001 From: Chao Xu Date: Wed, 10 Jun 2015 16:00:20 -0700 Subject: [PATCH 1/2] update example/nfs to v1 --- examples/nfs/nfs-server-pod.yaml | 6 +++--- examples/nfs/nfs-server-service.yaml | 2 +- examples/nfs/nfs-web-pod.yaml | 4 +--- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/examples/nfs/nfs-server-pod.yaml b/examples/nfs/nfs-server-pod.yaml index e0bb565e6eb..baf5641fcb6 100644 --- a/examples/nfs/nfs-server-pod.yaml +++ b/examples/nfs/nfs-server-pod.yaml @@ -1,4 +1,4 @@ -apiVersion: v1beta3 +apiVersion: v1 kind: Pod metadata: name: nfs-server @@ -8,8 +8,8 @@ spec: containers: - name: nfs-server image: jsafrane/nfs-data - privileged: true ports: - name: nfs containerPort: 2049 - protocol: tcp + securityContext: + privileged: true diff --git a/examples/nfs/nfs-server-service.yaml b/examples/nfs/nfs-server-service.yaml index 634087122ef..a9966c3fce1 100644 --- a/examples/nfs/nfs-server-service.yaml +++ b/examples/nfs/nfs-server-service.yaml @@ -1,5 +1,5 @@ kind: Service -apiVersion: v1beta3 +apiVersion: v1 metadata: name: nfs-server spec: diff --git a/examples/nfs/nfs-web-pod.yaml b/examples/nfs/nfs-web-pod.yaml index 0c897fd910e..94fd76a2c69 100644 --- a/examples/nfs/nfs-web-pod.yaml +++ b/examples/nfs/nfs-web-pod.yaml @@ -2,7 +2,7 @@ # This pod imports nfs-server.default.kube.local:/ into /var/www/html # -apiVersion: v1beta3 +apiVersion: v1 kind: Pod metadata: name: nfs-web @@ -13,7 +13,6 @@ spec: ports: - name: web containerPort: 80 - protocol: tcp volumeMounts: # name must match the volume name below - name: nfs @@ -24,4 +23,3 @@ spec: # FIXME: use the right hostname server: nfs-server.default.kube.local path: "/" - readOnly: false From 37408447a9ed82375cb79bea547a5af1e8957e68 Mon Sep 17 00:00:00 2001 From: Chao Xu Date: Thu, 11 Jun 2015 10:33:29 -0700 Subject: [PATCH 2/2] add instructions on how to allow privileged containers --- examples/nfs/README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/examples/nfs/README.md b/examples/nfs/README.md index c716dcf8dcf..d1144442967 100644 --- a/examples/nfs/README.md +++ b/examples/nfs/README.md @@ -8,6 +8,19 @@ in a pod. The example below shows how to export a NFS share from a pod and import it into another one. +###Prerequisites +The nfs server pod creates a privileged container, so if you are using a Salt based KUBERNETES_PROVIDER (**gce**, **vagrant**, **aws**), you have to enable the ability to create privileged containers by API. + +```shell +#At the root of Kubernetes source code +$ vi cluster/saltbase/pillar/privilege.sls + +# If true, allow privileged containers to be created by API +allow_privileged: true +``` + +Rebuild the Kubernetes and spin up a cluster using your preferred KUBERNETES_PROVIDER. + ### NFS server part Define [NFS server pod](nfs-server-pod.yaml) and