From 8e90e67eea8547d804f912cd6f165ea08fd24c05 Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Thu, 6 Apr 2017 09:29:36 +0100 Subject: [PATCH] swarmd: host pid namespace for CNI access to /proc/PID/ns/net Since containers are spawned by containerd (which is in the host PID namespace) and not in the swarmd container's namespace. Signed-off-by: Ian Campbell --- projects/swarmd/swarmd.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/projects/swarmd/swarmd.yml b/projects/swarmd/swarmd.yml index 2302ddb8e..fa4effbc6 100644 --- a/projects/swarmd/swarmd.yml +++ b/projects/swarmd/swarmd.yml @@ -48,6 +48,7 @@ services: - CAP_SYS_CHROOT - CAP_KILL - CAP_AUDIT_WRITE + pid: host net: host binds: - /run/containerd/containerd.sock:/run/containerd/containerd.sock