aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2020-09-11 05:56:35 -0400
committerGitHub <noreply@github.com>2020-09-11 05:56:35 -0400
commitd1798d038376bf494f19b1531b9e0450592b24b9 (patch)
tree3b57e8f2834975ce0a3190c4670dfca781bbc73a
parente59c3ce1c529eaa26360cf69264bd5c24ee45c6c (diff)
parentb80b95eea0c2f32de6101e558ce5314e1bd08c25 (diff)
downloadpodman-d1798d038376bf494f19b1531b9e0450592b24b9.tar.gz
podman-d1798d038376bf494f19b1531b9e0450592b24b9.tar.bz2
podman-d1798d038376bf494f19b1531b9e0450592b24b9.zip
Merge pull request #7591 from haircommander/play-kube-process-namespace
play/generate: support shareProcessNamespace
-rw-r--r--libpod/kube.go8
-rw-r--r--pkg/domain/infra/abi/play.go6
-rw-r--r--test/e2e/generate_kube_test.go29
3 files changed, 42 insertions, 1 deletions
diff --git a/libpod/kube.go b/libpod/kube.go
index 864bc78c7..9d5cbe68b 100644
--- a/libpod/kube.go
+++ b/libpod/kube.go
@@ -69,12 +69,20 @@ func (p *Pod) GenerateForKube() (*v1.Pod, []v1.ServicePort, error) {
return nil, servicePorts, err
}
servicePorts = containerPortsToServicePorts(ports)
+
}
pod, err := p.podWithContainers(allContainers, ports)
if err != nil {
return nil, servicePorts, err
}
pod.Spec.HostAliases = extraHost
+
+ if p.SharesPID() {
+ // unfortunately, go doesn't have a nice way to specify a pointer to a bool
+ b := true
+ pod.Spec.ShareProcessNamespace = &b
+ }
+
return pod, servicePorts, nil
}
diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go
index 47d1c48f2..6dfb52c63 100644
--- a/pkg/domain/infra/abi/play.go
+++ b/pkg/domain/infra/abi/play.go
@@ -132,7 +132,11 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY
libpod.WithInfraContainer(),
libpod.WithPodName(podName),
}
- // TODO for now we just used the default kernel namespaces; we need to add/subtract this from yaml
+ // TODO we only configure Process namespace. We also need to account for Host{IPC,Network,PID}
+ // which is not currently possible with pod create
+ if podYAML.Spec.ShareProcessNamespace != nil && *podYAML.Spec.ShareProcessNamespace {
+ podOptions = append(podOptions, libpod.WithPodPID())
+ }
hostname := podYAML.Spec.Hostname
if hostname == "" {
diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go
index 3c3fb5a4d..e886c6000 100644
--- a/test/e2e/generate_kube_test.go
+++ b/test/e2e/generate_kube_test.go
@@ -348,4 +348,33 @@ var _ = Describe("Podman generate kube", func() {
Expect(inspect.ExitCode()).To(Equal(0))
Expect(inspect.OutputToString()).To(ContainSubstring(vol1))
})
+
+ It("podman generate kube sharing pid namespace", func() {
+ podName := "test"
+ podSession := podmanTest.Podman([]string{"pod", "create", "--name", podName, "--share", "pid"})
+ podSession.WaitWithDefaultTimeout()
+ Expect(podSession.ExitCode()).To(Equal(0))
+
+ session := podmanTest.Podman([]string{"create", "--pod", podName, "--name", "test1", ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ outputFile := filepath.Join(podmanTest.RunRoot, "pod.yaml")
+ kube := podmanTest.Podman([]string{"generate", "kube", podName, "-f", outputFile})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(0))
+
+ rm := podmanTest.Podman([]string{"pod", "rm", "-f", podName})
+ rm.WaitWithDefaultTimeout()
+ Expect(rm.ExitCode()).To(Equal(0))
+
+ play := podmanTest.Podman([]string{"play", "kube", outputFile})
+ play.WaitWithDefaultTimeout()
+ Expect(play.ExitCode()).To(Equal(0))
+
+ inspect := podmanTest.Podman([]string{"pod", "inspect", podName})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(Equal(0))
+ Expect(inspect.OutputToString()).To(ContainSubstring(`"pid"`))
+ })
})