From 14a1a4546c9d3adc28ad082e97be893e41b29ce2 Mon Sep 17 00:00:00 2001
From: flouthoc <flouthoc.git@gmail.com>
Date: Sat, 8 May 2021 00:36:45 +0530
Subject: Kube like pods should share ipc,net,uts by default

Signed-off-by: flouthoc <flouthoc.git@gmail.com>
---
 pkg/specgen/generate/kube/kube.go | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'pkg')

diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go
index ccce3edba..4e41061a5 100644
--- a/pkg/specgen/generate/kube/kube.go
+++ b/pkg/specgen/generate/kube/kube.go
@@ -23,6 +23,10 @@ func ToPodGen(ctx context.Context, podName string, podYAML *v1.PodTemplateSpec)
 	p := specgen.NewPodSpecGenerator()
 	p.Name = podName
 	p.Labels = podYAML.ObjectMeta.Labels
+	// Kube pods must share {ipc, net, uts} by default
+	p.SharedNamespaces = append(p.SharedNamespaces, "ipc")
+	p.SharedNamespaces = append(p.SharedNamespaces, "net")
+	p.SharedNamespaces = append(p.SharedNamespaces, "uts")
 	// TODO we only configure Process namespace. We also need to account for Host{IPC,Network,PID}
 	// which is not currently possible with pod create
 	if podYAML.Spec.ShareProcessNamespace != nil && *podYAML.Spec.ShareProcessNamespace {
-- 
cgit v1.2.3-54-g00ecf