github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Moved getSecurityOpts() function to OS specific manager variant

pull/6/head
Jitendra Bhurat 2016-10-13 12:01:15 -04:00 committed by Paulo Pires
parent 9ef35289e4
commit a659ac99b6
No known key found for this signature in database
GPG Key ID: F3F6ED5C522EAA71
3 changed files with 29 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
pkg/kubelet/dockertools/docker_manager.go
View File

@ -1113,23 +1113,6 @@ func (dm *DockerManager) fmtDockerOpts(opts []dockerOpt) ([]string, error) {
return fmtOpts, nil
}
func (dm *DockerManager) getSecurityOpts(pod *api.Pod, ctrName string) ([]dockerOpt, error) {
var securityOpts []dockerOpt
if seccompOpts, err := dm.getSeccompOpts(pod, ctrName); err != nil {
return nil, err
} else {
securityOpts = append(securityOpts, seccompOpts...)
}
if appArmorOpts, err := dm.getAppArmorOpts(pod, ctrName); err != nil {
return nil, err
} else {
securityOpts = append(securityOpts, appArmorOpts...)
}
return securityOpts, nil
}
type dockerOpt struct {
// The key-value pair passed to docker.
key, value string

23
pkg/kubelet/dockertools/docker_manager_linux.go
View File

@ -1,6 +1,9 @@
package dockertools
import dockertypes "github.com/docker/engine-api/types"
import (
dockertypes "github.com/docker/engine-api/types"
"k8s.io/kubernetes/pkg/api"
)
func getContainerIP(container *dockertypes.ContainerJSON) string {
result := ""
@ -22,3 +25,21 @@ func getNetworkingMode() string { return "" }
func containerProvidesPodIP(name *KubeletContainerName) bool {
return name.ContainerName == PodInfraContainerName
}
// Returns Seccomp and AppArmor Security options
func (dm *DockerManager) getSecurityOpts(pod *api.Pod, ctrName string) ([]dockerOpt, error) {
var securityOpts []dockerOpt
if seccompOpts, err := dm.getSeccompOpts(pod, ctrName); err != nil {
return nil, err
} else {
securityOpts = append(securityOpts, seccompOpts...)
}
if appArmorOpts, err := dm.getAppArmorOpts(pod, ctrName); err != nil {
return nil, err
} else {
securityOpts = append(securityOpts, appArmorOpts...)
}
return securityOpts, nil
}

7
pkg/kubelet/dockertools/docker_manager_windows.go
View File

@ -3,6 +3,8 @@ package dockertools
import (
"os"
"k8s.io/kubernetes/pkg/api"
dockertypes "github.com/docker/engine-api/types"
)
@ -31,3 +33,8 @@ func getNetworkingMode() string {
func containerProvidesPodIP(name *KubeletContainerName) bool {
return name.ContainerName != PodInfraContainerName
}
// Returns nil as both Seccomp and AppArmor security options are not valid on Windows
func (dm *DockerManager) getSecurityOpts(pod *api.Pod, ctrName string) ([]dockerOpt, error) {
return nil, nil
}