From 8e2b728c68ac5fb15a53b0acdad3e348419b8ffa Mon Sep 17 00:00:00 2001 From: Peri Thompson Date: Thu, 8 Jul 2021 19:38:49 +0100 Subject: [PATCH] Explicitly skip host file mounting for windows --- pkg/kubelet/kubelet_pods.go | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/pkg/kubelet/kubelet_pods.go b/pkg/kubelet/kubelet_pods.go index f78fde8ee3c..8757c566c1a 100644 --- a/pkg/kubelet/kubelet_pods.go +++ b/pkg/kubelet/kubelet_pods.go @@ -139,16 +139,25 @@ func (kl *Kubelet) makeBlockVolumes(pod *v1.Pod, container *v1.Container, podVol return devices, nil } +// shouldMountHostsFile checks if the nodes /etc/hosts should be mounted +// Kubernetes only mounts on /etc/hosts if: +// - container is not an infrastructure (pause) container +// - container is not already mounting on /etc/hosts +// - if it is Windows and ContainerD is used. +// Kubernetes will not mount /etc/hosts if: +// - when the Pod sandbox is being created, its IP is still unknown. Hence, PodIP will not have been set. +// - Windows pod contains a hostProcess container +func shouldMountHostsFile(pod *v1.Pod, podIPs []string, supportsSingleFileMapping bool) bool { + shouldMount := len(podIPs) > 0 && supportsSingleFileMapping + if runtime.GOOS == "windows" && utilfeature.DefaultFeatureGate.Enabled(features.WindowsHostProcessContainers) { + return shouldMount && !kubecontainer.HasWindowsHostProcessContainer(pod) + } + return shouldMount +} + // makeMounts determines the mount points for the given container. func makeMounts(pod *v1.Pod, podDir string, container *v1.Container, hostName, hostDomain string, podIPs []string, podVolumes kubecontainer.VolumeMap, hu hostutil.HostUtils, subpather subpath.Interface, expandEnvs []kubecontainer.EnvVar, supportsSingleFileMapping bool) ([]kubecontainer.Mount, func(), error) { - // Kubernetes only mounts on /etc/hosts if: - // - container is not an infrastructure (pause) container - // - container is not already mounting on /etc/hosts - // - OS is not Windows - // - if it is Windows, ContainerD is used. - // Kubernetes will not mount /etc/hosts if: - // - when the Pod sandbox is being created, its IP is still unknown. Hence, PodIP will not have been set. - mountEtcHostsFile := len(podIPs) > 0 && supportsSingleFileMapping + mountEtcHostsFile := shouldMountHostsFile(pod, podIPs, supportsSingleFileMapping) klog.V(3).InfoS("Creating hosts mount for container", "pod", klog.KObj(pod), "containerName", container.Name, "podIPs", podIPs, "path", mountEtcHostsFile) mounts := []kubecontainer.Mount{} var cleanupAction func()