mirror of https://github.com/k3s-io/k3s
Create pidns for rootless
parent
0374c4f63d
commit
782004bec9
|
@ -17,6 +17,8 @@ func setupMounts(stateDir string) error {
|
|||
{"/var/run", ""},
|
||||
{"/var/log", filepath.Join(stateDir, "logs")},
|
||||
{"/var/lib/cni", filepath.Join(stateDir, "cni")},
|
||||
{"/var/lib/kubelet", filepath.Join(stateDir, "kubelet")},
|
||||
{"/etc/rancher", filepath.Join(stateDir, "etc", "rancher")},
|
||||
}
|
||||
|
||||
for _, v := range mountMap {
|
||||
|
|
|
@ -89,7 +89,8 @@ func createParentOpt(stateDir string) (*parent.Opt, error) {
|
|||
}
|
||||
|
||||
opt := &parent.Opt{
|
||||
StateDir: stateDir,
|
||||
StateDir: stateDir,
|
||||
CreatePIDNS: true,
|
||||
}
|
||||
|
||||
mtu := 0
|
||||
|
@ -102,7 +103,7 @@ func createParentOpt(stateDir string) (*parent.Opt, error) {
|
|||
if _, err := exec.LookPath(binary); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
opt.NetworkDriver = slirp4netns.NewParentDriver(binary, mtu, ipnet, disableHostLoopback, "")
|
||||
opt.NetworkDriver = slirp4netns.NewParentDriver(binary, mtu, ipnet, disableHostLoopback, "", false, false)
|
||||
opt.PortDriver, err = portbuiltin.NewParentDriver(&logrusDebugWriter{}, stateDir)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
@ -130,5 +131,7 @@ func createChildOpt() (*child.Opt, error) {
|
|||
opt.PortDriver = portbuiltin.NewChildDriver(&logrusDebugWriter{})
|
||||
opt.CopyUpDirs = []string{"/etc", "/run", "/var/lib"}
|
||||
opt.CopyUpDriver = tmpfssymlink.NewChildDriver()
|
||||
opt.MountProcfs = true
|
||||
opt.Reaper = true
|
||||
return opt, nil
|
||||
}
|
||||
|
|
|
@ -17,7 +17,7 @@ var (
|
|||
all = "_all_"
|
||||
)
|
||||
|
||||
func Register(ctx context.Context, serviceController coreClients.ServiceController, httpsPort int) error {
|
||||
func Register(ctx context.Context, serviceController coreClients.ServiceController, enabled bool, httpsPort int) error {
|
||||
var (
|
||||
err error
|
||||
rootlessClient client.Client
|
||||
|
@ -41,6 +41,7 @@ func Register(ctx context.Context, serviceController coreClients.ServiceControll
|
|||
}
|
||||
|
||||
h := &handler{
|
||||
enabled: enabled,
|
||||
rootlessClient: rootlessClient,
|
||||
serviceClient: serviceController,
|
||||
serviceCache: serviceController.Cache(),
|
||||
|
@ -54,6 +55,7 @@ func Register(ctx context.Context, serviceController coreClients.ServiceControll
|
|||
}
|
||||
|
||||
type handler struct {
|
||||
enabled bool
|
||||
rootlessClient client.Client
|
||||
serviceClient coreClients.ServiceController
|
||||
serviceCache coreClients.ServiceCache
|
||||
|
@ -122,6 +124,11 @@ func (h *handler) toBindPorts() (map[int]int, error) {
|
|||
toBindPorts := map[int]int{
|
||||
h.httpsPort: h.httpsPort,
|
||||
}
|
||||
|
||||
if !h.enabled {
|
||||
return toBindPorts, nil
|
||||
}
|
||||
|
||||
for _, svc := range svcs {
|
||||
for _, ingress := range svc.Status.LoadBalancer.Ingress {
|
||||
if ingress.IP == "" {
|
||||
|
|
|
@ -151,8 +151,8 @@ func masterControllers(ctx context.Context, sc *Context, config *Config) error {
|
|||
return err
|
||||
}
|
||||
|
||||
if !config.DisableServiceLB && config.Rootless {
|
||||
return rootlessports.Register(ctx, sc.Core.Core().V1().Service(), config.ControlConfig.HTTPSPort)
|
||||
if config.Rootless {
|
||||
return rootlessports.Register(ctx, sc.Core.Core().V1().Service(), !config.DisableServiceLB, config.ControlConfig.HTTPSPort)
|
||||
}
|
||||
|
||||
return nil
|
||||
|
|
Loading…
Reference in New Issue