github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
ab5b43fe80
containerd/pkg/cri/opts
History
Rodrigo Campos 97dfa7f556 cri/server: Pass down uidMappings to OCI runtime 
When the kubelet sends the uid/gid mappings for a mount, just pass them
down to the OCI runtime.

OCI runtimes support this since runc 1.2 and crun 1.8.1.

And whenever we add mounts (container mounts or image spec volumes) and
userns are requested by the kubelet, we use those mappings in the mounts
so the mounts are idmapped correctly. If no userns is used, we don't
send any mappings which just keeps the current behavior.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
2023-09-13 16:42:31 +02:00
..
container.go Pass in imagespec.Platform to WithVolumes() 2023-06-08 12:31:04 +03:00
spec_darwin_opts.go Add basic spec and mounts for Darwin 2023-01-12 17:00:40 -08:00
spec_linux_opts.go cri/server: Pass down uidMappings to OCI runtime 2023-09-13 16:42:31 +02:00
spec_linux_test.go Refactor pkg packages 2020-10-08 17:30:17 -07:00
spec_linux.go cri: spec_linux: drop unused retvals 2023-08-17 18:52:37 +02:00
spec_nonlinux.go Support CDI devices in ctr --device flag 2023-05-31 16:14:01 +02:00
spec_nonwindows.go Add ArgsEscaped support for CRI 2023-03-03 13:38:06 -08:00
spec_opts_test.go Have separate spec builder for each platform 2023-01-11 13:12:25 -08:00
spec_opts.go cri: update WithoutDefaultSecuritySettings comment 2023-05-07 15:22:35 -07:00
spec_windows_opts.go fix: Update error message format based on feedback 2023-03-17 06:49:12 +11:00
spec_windows_test.go Have separate spec builder for each platform 2023-01-11 13:12:25 -08:00
spec_windows.go go.mod: github.com/opencontainers/image-spec v1.1.0-rc3 2023-05-09 23:35:58 +09:00