github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
k3s/pkg/kubelet
History
Kubernetes Submit Queue 009858f18d Merge pull request #48555 from redbaron/hostPath-and-subPath-symlink 
Automatic merge from submit-queue

Fix subPath existence check to not follow symlink

**What this PR does / why we need it**:
Volume mounting logic introduced in #43775 and #45623 checks
for subPath existence before attempting to create a directory,
should subPath not be present.

This breaks if subPath is a dangling symlink, os.Stat returns
"do not exist" status, yet `os.MkdirAll` can't create directory
as symlink is present at the given path.

This patch makes existence check to use os.Lstat which works for
normal files/directories as well as doesn't not attempt to follow
symlink, therefore it's "do not exist" status is more reliable when
making a decision whether to create directory or not.

subPath symlinks can be dangling in situations where kubelet is
running in a container itself with access to docker socket, such
as CoreOS's kubelet-wrapper script

**Release note**:
```release-note
Fix pods failing to start when subPath is a dangling symlink from kubelet point of view, which can happen if it is running inside a container
```
 		2017-07-12 23:43:12 -07:00
..
apis Change CRI package name to runtime. 2017-06-20 15:43:11 -07:00
cadvisor Kubelet: 2017-06-27 18:45:02 -07:00
certificate Move the kubelet certificate management code into a single package 2017-07-05 18:11:49 -04:00
client run hack/update-all 2017-06-22 11:31:03 -07:00
cm Merge pull request #48567 from jingxu97/July/getcapacity 2017-07-12 00:10:18 -07:00
config Merge pull request #47643 from CaoShuFeng/golang.org/x/exp/inotify 2017-06-29 16:20:32 -07:00
configmap run hack/update-all 2017-06-22 11:31:03 -07:00
container run hack/update-all 2017-06-22 11:31:03 -07:00
custommetrics run hack/update-all 2017-06-22 11:31:03 -07:00
dockershim Merge pull request #48742 from yujuhong/rm-unused 2017-07-12 08:05:15 -07:00
envvars run hack/update-all 2017-06-22 11:31:03 -07:00
events run hack/update-all 2017-06-22 11:31:03 -07:00
eviction run hack/update-all 2017-06-22 11:31:03 -07:00
gpu Add unit test coverage for nvidiaGPUManager initialization 2017-06-29 10:17:05 -07:00
images run hack/update-all 2017-06-22 11:31:03 -07:00
kuberuntime Name change: s/timstclair/tallclair/ 2017-07-10 14:05:46 -07:00
leaky
lifecycle Name change: s/timstclair/tallclair/ 2017-07-10 14:05:46 -07:00
metrics Unregister some metrics 2017-05-17 18:31:56 +08:00
network share iptables util client within kubenet 2017-07-05 14:54:14 -07:00
pleg Merge pull request #45496 from andyxning/fix_pleg_relist_time 2017-05-21 04:17:14 -07:00
pod run hack/update-all 2017-06-22 11:31:03 -07:00
preemption fix-review 2017-07-05 15:40:51 +08:00
prober run hack/update-all 2017-06-22 11:31:03 -07:00
qos run hack/update-all 2017-06-22 11:31:03 -07:00
remote Update CRI references 2017-06-09 10:16:40 +08:00
rkt Merge pull request #48508 from mengqiy/fix_term 2017-07-06 00:08:49 -07:00
rktshim Update CRI references 2017-06-09 10:16:40 +08:00
secret run hack/update-all 2017-06-22 11:31:03 -07:00
server Merge pull request #48641 from smarterclayton/refactor_exec 2017-07-12 14:08:10 -07:00
status run hack/update-all 2017-06-22 11:31:03 -07:00
sysctl run hack/update-all 2017-06-22 11:31:03 -07:00
types Improved code coverage for pkg/kubelet/types/pod_update 2017-07-12 16:21:42 +08:00
util kubelet should resume csr bootstrap 2017-06-22 23:45:15 +02:00
volumemanager update test function calls 2017-07-04 12:35:14 -07:00
BUILD Move the kubelet certificate management code into a single package 2017-07-05 18:11:49 -04:00
OWNERS Name change: s/timstclair/tallclair/ 2017-07-10 14:05:46 -07:00
active_deadline.go run hack/update-all 2017-06-22 11:31:03 -07:00
active_deadline_test.go run hack/update-all 2017-06-22 11:31:03 -07:00
disk_manager.go
disk_manager_test.go
doc.go
kubelet.go Move the kubelet certificate management code into a single package 2017-07-05 18:11:49 -04:00
kubelet_cadvisor.go Kubelet: 2017-06-27 18:45:02 -07:00
kubelet_cadvisor_test.go Kubelet: 2017-06-27 18:45:02 -07:00
kubelet_getters.go run hack/update-all 2017-06-22 11:31:03 -07:00
kubelet_getters_test.go Use the assert/require package in kubelet unit tests 2017-03-16 10:21:44 -07:00
kubelet_network.go kubelet: remove NET_PLUGIN_CAPABILITY_SHAPING 2017-06-30 11:51:22 -05:00
kubelet_network_test.go kubelet: remove unused bandwidth shaping teardown code 2017-06-30 11:51:22 -05:00
kubelet_node_status.go Name change: s/timstclair/tallclair/ 2017-07-10 14:05:46 -07:00
kubelet_node_status_test.go Kubelet: 2017-06-27 18:45:02 -07:00
kubelet_pods.go Merge pull request #48555 from redbaron/hostPath-and-subPath-symlink 2017-07-12 23:43:12 -07:00
kubelet_pods_test.go run hack/update-all 2017-06-22 11:31:03 -07:00
kubelet_pods_windows_test.go run root-rewrite-v1-..., compile 2017-06-22 10:25:57 -07:00
kubelet_resources.go run hack/update-all 2017-06-22 11:31:03 -07:00
kubelet_resources_test.go run hack/update-all 2017-06-22 11:31:03 -07:00
kubelet_test.go Added case on 'terminated-but-not-yet-deleted' for Admit. 2017-07-01 15:51:03 +08:00
kubelet_volumes.go run hack/update-all 2017-06-22 11:31:03 -07:00
kubelet_volumes_test.go run hack/update-all 2017-06-22 11:31:03 -07:00
networks.go run root-rewrite-v1-..., compile 2017-06-22 10:25:57 -07:00
networks_test.go Bump kubelet/networks test coverage 2017-05-17 11:20:06 +02:00
oom_watcher.go run hack/update-all 2017-06-22 11:31:03 -07:00
oom_watcher_test.go run root-rewrite-import-client-go-api-types 2017-06-22 11:30:59 -07:00
pod_container_deletor.go
pod_container_deletor_test.go
pod_workers.go run hack/update-all 2017-06-22 11:31:03 -07:00
pod_workers_test.go run hack/update-all 2017-06-22 11:31:03 -07:00
reason_cache.go
reason_cache_test.go
runonce.go run root-rewrite-v1-..., compile 2017-06-22 10:25:57 -07:00
runonce_test.go Merge pull request #38431 from NickrenREN/newVolumeMgr-return 2017-06-22 16:43:29 -07:00
runtime.go
util.go run root-rewrite-v1-..., compile 2017-06-22 10:25:57 -07:00
volume_host.go run hack/update-all 2017-06-22 11:31:03 -07:00