mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-10-22 23:21:18 +00:00
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. kubeadm: chroot to new --rootfs arg **What this PR does / why we need it**: This change adds a new --rootfs=path option to kubeadm, and (if provided) chroot()s to this path before performing file operations. This makes it possible to run the kubeadm binary from a container, but perform remaining file operations against the host filesystem using something like: ``` docker run -v /:/rootfs --net=host --uts=host --pid=host \ kubeadm:latest init ... ``` (Assuming something like the included `examples/kubeadm/Dockerfile` which sets CMD to `kubeadm --rootfs=/rootfs` - Edit: Dockerfile has been removed from this PR, but you get the idea) Fixes kubernetes/kubeadm#503 **Special notes for your reviewer**: - I'm not sure where is best to put the Dockerfile, or hook it up to the build process. Advice sought. - The kubeadm command line arg handling was less unified than I was expecting to find. I've implemented this arg for `init` and `join`. I can add it to all the others too, if we're happy with the approach. An alternative would be to add the arg in the parent `KubeadmCommand`, possibly with a `PersistantFlag` - then it would automatically exist for all kubeadm subcommands. - It would be slightly preferable if we could order `--rootfs` _before_ the subcommand so we could apply the arg automatically with `ENTRYPOINT ["kubeadm", "--rootfs=/rootfs"]`. This would be the only such flag in `kubeadm` however, so I have not implemented it that way atm. (Another alternative would be an env var) **Release note**: ```release-note Adds a new EXPERIMENTAL `--rootfs` flag to kubeadm, which (if specified) causes kubeadm to chroot before performing any file operations. This is expected to be useful when setting up kubernetes on a different filesystem, such as invoking kubeadm from docker. ```