From 3101b1d171508db23338e9d6550160df5185ddc3 Mon Sep 17 00:00:00 2001 From: Jason Brooks Date: Feb 13 2018 18:52:47 +0000 Subject: Update kubelet based openshift/node see: https://github.com/projectatomic/atomic-system-containers/pull/161 --- diff --git a/Dockerfile b/Dockerfile index 83f1576..fad29d6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ MAINTAINER "Jason Brooks" ENV container=docker -ENV NAME=kubernetes-kubelet VERSION=0 RELEASE=3 ARCH=x86_64 +ENV NAME=kubernetes-kubelet VERSION=0 RELEASE=4 ARCH=x86_64 LABEL BZComponent="$NAME" \ name="$FGC/$NAME" \ version="$VERSION" \ @@ -18,8 +18,10 @@ LABEL RUN /usr/bin/docker run -d --privileged --net=host --pid=host -v /:/rootfs COPY launch.sh /usr/bin/kubelet-docker.sh -COPY service.template config.json.template /exports/ +COPY tmpfiles.template service.template config.json.template /exports/ -RUN mkdir -p /exports/hostfs/etc/kubernetes && cp /etc/kubernetes/{config,kubelet} /exports/hostfs/etc/kubernetes +RUN mkdir -p /exports/hostfs/etc/cni/net.d && \ + mkdir -p /exports/hostfs/etc/kubernetes && \ + cp /etc/kubernetes/{config,kubelet} /exports/hostfs/etc/kubernetes ENTRYPOINT ["/usr/bin/kubelet-docker.sh"] diff --git a/config.json.template b/config.json.template index 0e64af2..0292ea7 100644 --- a/config.json.template +++ b/config.json.template @@ -278,26 +278,24 @@ ] }, { + "type": "bind", + "source": "/sys", "destination": "/sys", - "type": "sysfs", - "source": "sysfs", "options": [ - "nosuid", - "noexec", - "nodev" + "rbind", + "rw" ] }, { - "destination": "/sys/fs/cgroup", - "type": "cgroup", - "source": "cgroup", - "options": [ - "nosuid", - "noexec", - "nodev", - "relatime", - "ro" - ] + "type": "bind", + "source": "/etc/cni/net.d", + "destination": "/etc/cni/net.d", + "options": [ + "bind", + "slave", + "rw", + "mode=777" + ] }, { "type": "bind", @@ -310,13 +308,30 @@ ] }, { + "type": "bind", + "source": "/etc/localtime", + "destination": "/etc/localtime", + "options": [ + "rbind", + "ro" + ] + }, + { + "type": "bind", + "source": "/etc/pki", + "destination": "/etc/pki", + "options": [ + "bind", + "ro" + ] + }, + { "destination": "/etc/resolv.conf", "type": "bind", "source": "/etc/resolv.conf", "options": [ "ro", - "rbind", - "rprivate" + "bind" ] }, { @@ -331,8 +346,8 @@ }, { "type": "bind", - "source": "/var/run/", - "destination": "/var/run/", + "source": "/var/run/secrets", + "destination": "/var/run/secrets", "options": [ "rbind", "rw", @@ -341,7 +356,7 @@ }, { "type": "bind", - "source": "/run", + "source": "${RUN_DIRECTORY}", "destination": "/run", "options": [ "rbind", @@ -351,7 +366,7 @@ }, { "type": "bind", - "source": "/var/lib", + "source": "${STATE_DIRECTORY}", "destination": "/var/lib", "options": [ "bind", @@ -361,7 +376,7 @@ }, { "type": "bind", - "source": "/var/lib/kubelet", + "source": "${STATE_DIRECTORY}/kubelet", "destination": "/var/lib/kubelet", "options": [ "rbind", @@ -379,6 +394,15 @@ "rw", "mode=755" ] + }, + { + "destination": "/tmp", + "type": "tmpfs", + "source": "tmpfs", + "options": [ + "mode=755", + "size=65536k" + ] } ], "linux": { diff --git a/tmpfiles.template b/tmpfiles.template new file mode 100644 index 0000000..bdad86c --- /dev/null +++ b/tmpfiles.template @@ -0,0 +1,2 @@ +d /var/lib/cni - - - - - +d /var/run/secrets - - - - -