Merge pull request #26397 from euank/fixReadOnlyRootfsPanic

Automatic merge from submit-queue

rkt: Fix panic in setting ReadOnlyRootFS

What the title says. I wish this method were broken out in a reasonably unit testable way. fixing this panic is more important for the second though, testing will come in a later commit.

I observed the panic in a `./hack/local-up-cluster.sh` run with rkt as the container runtime.

This is also the panic that's failing our jenkins against master ([recent run](https://console.cloud.google.com/m/cloudstorage/b/rktnetes-jenkins/o/logs/kubernetes-e2e-gce/1946/artifacts/jenkins-e2e-minion-group-qjh3/kubelet.log for the log output of a recent run))

cc @tmrts @yifan-gu
This commit is contained in:
k8s-merge-robot
2016-05-29 02:17:09 -07:00

View File

@@ -767,10 +767,9 @@ func (r *Runtime) newAppcRuntimeApp(pod *api.Pod, podIP string, c api.Container,
} }
ra := appcschema.RuntimeApp{ ra := appcschema.RuntimeApp{
Name: convertToACName(c.Name), Name: convertToACName(c.Name),
Image: appcschema.RuntimeImage{ID: *hash}, Image: appcschema.RuntimeImage{ID: *hash},
App: imgManifest.App, App: imgManifest.App,
ReadOnlyRootFS: *c.SecurityContext.ReadOnlyRootFilesystem,
Annotations: []appctypes.Annotation{ Annotations: []appctypes.Annotation{
{ {
Name: *appctypes.MustACIdentifier(k8sRktContainerHashAnno), Name: *appctypes.MustACIdentifier(k8sRktContainerHashAnno),
@@ -783,6 +782,10 @@ func (r *Runtime) newAppcRuntimeApp(pod *api.Pod, podIP string, c api.Container,
}, },
} }
if c.SecurityContext != nil && c.SecurityContext.ReadOnlyRootFilesystem != nil {
ra.ReadOnlyRootFS = *c.SecurityContext.ReadOnlyRootFilesystem
}
if mnt != nil { if mnt != nil {
ra.Annotations = append(ra.Annotations, appctypes.Annotation{ ra.Annotations = append(ra.Annotations, appctypes.Annotation{
Name: *appctypes.MustACIdentifier(k8sRktTerminationMessagePathAnno), Name: *appctypes.MustACIdentifier(k8sRktTerminationMessagePathAnno),