Set all sources so node+agent in the same process doesn't get restricted
This commit is contained in:
		 Darren Shepherd
					Darren Shepherd
				
			
				
					committed by
					
						![rafaelbreno[commit]](/assets/img/avatar_default.png) rafaelbreno[commit]
						rafaelbreno[commit]
					
				
			
			
				
	
			
			
			![rafaelbreno[commit]](/assets/img/avatar_default.png) rafaelbreno[commit]
						rafaelbreno[commit]
					
				
			
						parent
						
							8e2b47c3d4
						
					
				
				
					commit
					65014334a1
				
			| @@ -18,6 +18,8 @@ package capabilities | ||||
|  | ||||
| import ( | ||||
| 	"sync" | ||||
|  | ||||
| 	"k8s.io/kubernetes/pkg/kubelet/types" | ||||
| ) | ||||
|  | ||||
| // Capabilities defines the set of capabilities available within the system. | ||||
| @@ -62,8 +64,16 @@ func Initialize(c Capabilities) { | ||||
|  | ||||
| // Setup the capability set.  It wraps Initialize for improving usability. | ||||
| func Setup(allowPrivileged bool, perConnectionBytesPerSec int64) { | ||||
| 	all, _ := types.GetValidatedSources([]string{types.AllSource}) | ||||
|  | ||||
| 	Initialize(Capabilities{ | ||||
| 		AllowPrivileged: allowPrivileged, | ||||
| 		// TODO(vmarmol): Implement support for HostNetworkSources. | ||||
| 		PrivilegedSources: PrivilegedSources{ | ||||
| 			HostNetworkSources: all, | ||||
| 			HostPIDSources:     all, | ||||
| 			HostIPCSources:     all, | ||||
| 		}, | ||||
| 		PerConnectionBandwidthLimitBytesPerSec: perConnectionBytesPerSec, | ||||
| 	}) | ||||
| } | ||||
|   | ||||
		Reference in New Issue
	
	Block a user