diff options
author | cdoern <cdoern@redhat.com> | 2022-01-10 20:25:08 -0500 |
---|---|---|
committer | cdoern <cdoern@redhat.com> | 2022-01-12 20:49:04 -0500 |
commit | f257d983943d6ec2253d50a245cd4810cab45e4b (patch) | |
tree | 0033ace566bfd2a4e977d85b11f87d6e43b43c65 /pkg | |
parent | 7a839f7a745ed5171e2a469f6ebec34b5084c3d8 (diff) | |
download | podman-f257d983943d6ec2253d50a245cd4810cab45e4b.tar.gz podman-f257d983943d6ec2253d50a245cd4810cab45e4b.tar.bz2 podman-f257d983943d6ec2253d50a245cd4810cab45e4b.zip |
Podman Pod Create --sysctl support
added support for pod wide sysctls. The sysctls supported are the same as the continer run controls.
These controls are only valid if the proper namespaces are shared within the pod, otherwise only the infra ctr gets the sysctl
resolves #12747
Signed-off-by: cdoern <cdoern@redhat.com>
Diffstat (limited to 'pkg')
-rw-r--r-- | pkg/domain/entities/pods.go | 12 | ||||
-rw-r--r-- | pkg/specgen/podspecgen.go | 2 |
2 files changed, 13 insertions, 1 deletions
diff --git a/pkg/domain/entities/pods.go b/pkg/domain/entities/pods.go index 1b5a1be51..cc9476d79 100644 --- a/pkg/domain/entities/pods.go +++ b/pkg/domain/entities/pods.go @@ -139,6 +139,7 @@ type PodCreateOptions struct { Volume []string `json:"volume,omitempty"` VolumesFrom []string `json:"volumes_from,omitempty"` SecurityOpt []string `json:"security_opt,omitempty"` + Sysctl []string `json:"sysctl,omitempty"` } // PodLogsOptions describes the options to extract pod logs. @@ -240,7 +241,7 @@ type ContainerCreateOptions struct { StorageOpts []string SubUIDName string SubGIDName string - Sysctl []string + Sysctl []string `json:"sysctl,omitempty"` Systemd string Timeout uint TLSVerify commonFlag.OptionalBool @@ -360,6 +361,15 @@ func ToPodSpecGen(s specgen.PodSpecGenerator, p *PodCreateOptions) (*specgen.Pod } } s.Userns = p.Userns + sysctl := map[string]string{} + if ctl := p.Sysctl; len(ctl) > 0 { + sysctl, err = util.ValidateSysctls(ctl) + if err != nil { + return nil, err + } + } + s.Sysctl = sysctl + return &s, nil } diff --git a/pkg/specgen/podspecgen.go b/pkg/specgen/podspecgen.go index 33e8422fd..a18364882 100644 --- a/pkg/specgen/podspecgen.go +++ b/pkg/specgen/podspecgen.go @@ -74,6 +74,8 @@ type PodBasicConfig struct { Userns Namespace `json:"userns,omitempty"` // Devices contains user specified Devices to be added to the Pod Devices []string `json:"pod_devices,omitempty"` + // Sysctl sets kernel parameters for the pod + Sysctl map[string]string `json:"sysctl,omitempty"` } // PodNetworkConfig contains networking configuration for a pod. |