diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2022-05-10 13:28:16 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-05-10 13:28:16 -0400 |
| commit | 76dc9ef32dd8645e07365e1c0eb483219ab7e614 (patch) | |
| tree | f5c93b3cc9ce18bb91c1cdc90e223973ba4f5d7c /pkg/specgen | |
| parent | 18713f589c1ed9144d873f2656f2067ebf6f3ba2 (diff) | |
| parent | 0774a4ce131754b282443e85cc77c308123ef9c0 (diff) | |
| download | podman-76dc9ef32dd8645e07365e1c0eb483219ab7e614.tar.gz podman-76dc9ef32dd8645e07365e1c0eb483219ab7e614.tar.bz2 podman-76dc9ef32dd8645e07365e1c0eb483219ab7e614.zip | |
Merge pull request #14140 from giuseppe/play-kube-userns
kube: add support for --userns=[auto|host]
Diffstat (limited to 'pkg/specgen')
| -rw-r--r-- | pkg/specgen/generate/kube/kube.go | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go index 04195d15a..e4c149abf 100644 --- a/pkg/specgen/generate/kube/kube.go +++ b/pkg/specgen/generate/kube/kube.go @@ -120,6 +120,8 @@ type CtrSpecGenOptions struct { RestartPolicy string // NetNSIsHost tells the container to use the host netns NetNSIsHost bool + // UserNSIsHost tells the container to use the host userns + UserNSIsHost bool // SecretManager to access the secrets SecretsManager *secrets.SecretsManager // LogDriver which should be used for the container @@ -389,8 +391,9 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener if opts.NetNSIsHost { s.NetNS.NSMode = specgen.Host } - // Always set the userns to host since k8s doesn't have support for userns yet - s.UserNS.NSMode = specgen.Host + if opts.UserNSIsHost { + s.UserNS.NSMode = specgen.Host + } // Add labels that come from kube if len(s.Labels) == 0 { |