github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-04 09:49:50 +00:00
Code Issues Projects Releases Wiki Activity

Add iptables lock-file mount to kube-proxy manifest

Browse Source
This commit is contained in:
Quintin Lee 2017-05-22 18:41:38 -07:00
parent 3fdf6c3d14
commit 6a380e8831
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
cluster/saltbase/salt/kube-proxy/kube-proxy.manifest
View File

@ -54,6 +54,16 @@ metadata:
component: kube-proxy component: kube-proxy
spec: spec:
hostNetwork: true hostNetwork: true
initContainers:
- name: touch-lock
image: busybox
command: ['/bin/touch', '/run/xtables.lock']
securityContext:
privileged: true
volumeMounts:
- mountPath: /run
name: run
readOnly: false
containers: containers:
- name: kube-proxy - name: kube-proxy
image: {{pillar['kube_docker_registry']}}/kube-proxy:{{pillar['kube-proxy_docker_tag']}} image: {{pillar['kube_docker_registry']}}/kube-proxy:{{pillar['kube-proxy_docker_tag']}}
@ -80,6 +90,9 @@ spec:
- mountPath: /var/lib/kube-proxy/kubeconfig - mountPath: /var/lib/kube-proxy/kubeconfig
name: kubeconfig name: kubeconfig
readOnly: false readOnly: false
- mountPath: /run/xtables.lock
name: iptableslock
readOnly: false
volumes: volumes:
- hostPath: - hostPath:
path: /usr/share/ca-certificates path: /usr/share/ca-certificates
@ -93,3 +106,9 @@ spec:
- hostPath: - hostPath:
path: /var/log path: /var/log
name: varlog name: varlog
- hostPath:
path: /run
name: run
- hostPath:
path: /run/xtables.lock
name: iptableslock