68ac78ae45
Automatic merge from submit-queue Run mount in its own systemd scope. Kubelet needs to run /bin/mount in its own cgroup. - When kubelet runs as a systemd service, "systemctl restart kubelet" may kill all processes in the same cgroup and thus terminate fuse daemons that are needed for gluster and cephfs mounts. - When kubelet runs in a docker container, restart of the container kills all fuse daemons started in the container. Killing fuse daemons is bad, it basically unmounts volumes from running pods. This patch runs mount via "systemd-run --scope /bin/mount ...", which makes sure that any fuse daemons are forked in its own systemd scope (= cgroup) and they will survive restart of kubelet's systemd service or docker container. This helps with #34965 As a downside, each new fuse daemon will run in its own transient systemd service and systemctl output may be cluttered. @kubernetes/sig-storage-pr-reviews @kubernetes/sig-node-pr-reviews ```release-note fuse daemons for GlusterFS and CephFS are now run in their own systemd scope when Kubernetes runs on a system with systemd. ``` |
||
|---|---|---|
| .. | ||
| BUILD | ||
| doc.go | ||
| fake.go | ||
| mount_linux_test.go | ||
| mount_linux.go | ||
| mount_unsupported.go | ||
| mount.go | ||
| nsenter_mount_test.go | ||
| nsenter_mount_unsupported.go | ||
| nsenter_mount.go | ||
| OWNERS | ||
| safe_format_and_mount_test.go | ||