Merge pull request #93220 from wawa0210/fix-93165

ingore apparmor on windows
This commit is contained in:
Kubernetes Prow Robot 2020-10-22 23:17:59 -07:00 committed by GitHub
commit c6f7fbcfbc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -25,6 +25,7 @@ import (
"net/url" "net/url"
"os" "os"
"path" "path"
sysruntime "runtime"
"sort" "sort"
"strings" "strings"
"sync" "sync"
@ -775,8 +776,11 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
opt(klet) opt(klet)
} }
klet.appArmorValidator = apparmor.NewValidator(containerRuntime) if sysruntime.GOOS == "linux" {
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewAppArmorAdmitHandler(klet.appArmorValidator)) // AppArmor is a Linux kernel security module and it does not support other operating systems.
klet.appArmorValidator = apparmor.NewValidator(containerRuntime)
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewAppArmorAdmitHandler(klet.appArmorValidator))
}
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewNoNewPrivsAdmitHandler(klet.containerRuntime)) klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewNoNewPrivsAdmitHandler(klet.containerRuntime))
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewProcMountAdmitHandler(klet.containerRuntime)) klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewProcMountAdmitHandler(klet.containerRuntime))