diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2020-09-11 05:56:35 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-09-11 05:56:35 -0400 |
commit | d1798d038376bf494f19b1531b9e0450592b24b9 (patch) | |
tree | 3b57e8f2834975ce0a3190c4670dfca781bbc73a | |
parent | e59c3ce1c529eaa26360cf69264bd5c24ee45c6c (diff) | |
parent | b80b95eea0c2f32de6101e558ce5314e1bd08c25 (diff) | |
download | podman-d1798d038376bf494f19b1531b9e0450592b24b9.tar.gz podman-d1798d038376bf494f19b1531b9e0450592b24b9.tar.bz2 podman-d1798d038376bf494f19b1531b9e0450592b24b9.zip |
Merge pull request #7591 from haircommander/play-kube-process-namespace
play/generate: support shareProcessNamespace
-rw-r--r-- | libpod/kube.go | 8 | ||||
-rw-r--r-- | pkg/domain/infra/abi/play.go | 6 | ||||
-rw-r--r-- | test/e2e/generate_kube_test.go | 29 |
3 files changed, 42 insertions, 1 deletions
diff --git a/libpod/kube.go b/libpod/kube.go index 864bc78c7..9d5cbe68b 100644 --- a/libpod/kube.go +++ b/libpod/kube.go @@ -69,12 +69,20 @@ func (p *Pod) GenerateForKube() (*v1.Pod, []v1.ServicePort, error) { return nil, servicePorts, err } servicePorts = containerPortsToServicePorts(ports) + } pod, err := p.podWithContainers(allContainers, ports) if err != nil { return nil, servicePorts, err } pod.Spec.HostAliases = extraHost + + if p.SharesPID() { + // unfortunately, go doesn't have a nice way to specify a pointer to a bool + b := true + pod.Spec.ShareProcessNamespace = &b + } + return pod, servicePorts, nil } diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go index 47d1c48f2..6dfb52c63 100644 --- a/pkg/domain/infra/abi/play.go +++ b/pkg/domain/infra/abi/play.go @@ -132,7 +132,11 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY libpod.WithInfraContainer(), libpod.WithPodName(podName), } - // TODO for now we just used the default kernel namespaces; we need to add/subtract this from yaml + // TODO we only configure Process namespace. We also need to account for Host{IPC,Network,PID} + // which is not currently possible with pod create + if podYAML.Spec.ShareProcessNamespace != nil && *podYAML.Spec.ShareProcessNamespace { + podOptions = append(podOptions, libpod.WithPodPID()) + } hostname := podYAML.Spec.Hostname if hostname == "" { diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go index 3c3fb5a4d..e886c6000 100644 --- a/test/e2e/generate_kube_test.go +++ b/test/e2e/generate_kube_test.go @@ -348,4 +348,33 @@ var _ = Describe("Podman generate kube", func() { Expect(inspect.ExitCode()).To(Equal(0)) Expect(inspect.OutputToString()).To(ContainSubstring(vol1)) }) + + It("podman generate kube sharing pid namespace", func() { + podName := "test" + podSession := podmanTest.Podman([]string{"pod", "create", "--name", podName, "--share", "pid"}) + podSession.WaitWithDefaultTimeout() + Expect(podSession.ExitCode()).To(Equal(0)) + + session := podmanTest.Podman([]string{"create", "--pod", podName, "--name", "test1", ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + outputFile := filepath.Join(podmanTest.RunRoot, "pod.yaml") + kube := podmanTest.Podman([]string{"generate", "kube", podName, "-f", outputFile}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + + rm := podmanTest.Podman([]string{"pod", "rm", "-f", podName}) + rm.WaitWithDefaultTimeout() + Expect(rm.ExitCode()).To(Equal(0)) + + play := podmanTest.Podman([]string{"play", "kube", outputFile}) + play.WaitWithDefaultTimeout() + Expect(play.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"pod", "inspect", podName}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(Equal(0)) + Expect(inspect.OutputToString()).To(ContainSubstring(`"pid"`)) + }) }) |