support no_pivot option for runc

Signed-off-by: yanxuean <yan.xuean@zte.com.cn>
2018-07-16 13:54:49 +08:00
parent 7beac6fcc1
commit 7065dd81f9
4 changed files with 17 additions and 2 deletions
--- a/pkg/server/container_start.go
+++ b/pkg/server/container_start.go
@@ -108,7 +108,11 @@ func (c *criService) startContainer(ctx context.Context,
 		return cntr.IO, nil
 	}

-	task, err := container.NewTask(ctx, ioCreation)
+	var taskOpts []containerd.NewTaskOpts
+	if c.config.NoPivot {
+		taskOpts = append(taskOpts, containerd.WithNoPivotRoot)
+	}
+	task, err := container.NewTask(ctx, ioCreation, taskOpts...)
 	if err != nil {
 		return errors.Wrap(err, "failed to create containerd task")
 	}
--- a/pkg/server/sandbox_run.go
+++ b/pkg/server/sandbox_run.go
@@ -293,8 +293,13 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
 		// Create sandbox task in containerd.
 		log.Tracef("Create sandbox container (id=%q, name=%q).",
 			id, name)
+
+		var taskOpts []containerd.NewTaskOpts
+		if c.config.NoPivot {
+			taskOpts = append(taskOpts, containerd.WithNoPivotRoot)
+		}
 		// We don't need stdio for sandbox container.
-		task, err := container.NewTask(ctx, containerdio.NullIO)
+		task, err := container.NewTask(ctx, containerdio.NullIO, taskOpts...)
 		if err != nil {
 			return status, errors.Wrap(err, "failed to create containerd task")
 		}