Update kubelet for enumerated CRI namespaces
This adds support to both the Generic Runtime Manager and the dockershim for the CRI's enumerated namespaces.
This commit is contained in:
@@ -48,11 +48,7 @@ func (m *kubeGenericRuntimeManager) determineEffectiveSecurityContext(pod *v1.Po
|
||||
}
|
||||
|
||||
// set namespace options and supplemental groups.
|
||||
synthesized.NamespaceOptions = &runtimeapi.NamespaceOption{
|
||||
HostNetwork: pod.Spec.HostNetwork,
|
||||
HostIpc: pod.Spec.HostIPC,
|
||||
HostPid: pod.Spec.HostPID,
|
||||
}
|
||||
synthesized.NamespaceOptions = namespacesForPod(pod)
|
||||
podSc := pod.Spec.SecurityContext
|
||||
if podSc != nil {
|
||||
if podSc.FSGroup != nil {
|
||||
|
Reference in New Issue
Block a user