scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-10-31 10:18:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #35969 from sttts/sttts-dockershim-infra-sysctl-only

Browse Source 
Automatic merge from submit-queue

Only set sysctls in infra container in dockershim

Dockershim counterpart of https://github.com/kubernetes/kubernetes/pull/32383.
This commit is contained in:
Kubernetes Submit Queue
2016-11-01 23:52:06 -07:00
committed by GitHub
parent f4c2a05eea 42f6179517
commit 07f78836ea
1 changed files with 1 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/kubelet/dockershim/docker_container.go
View File

@@ -125,13 +125,6 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeApi
Privileged: config.GetPrivileged(), Privileged: config.GetPrivileged(),
} }
// Set sysctls if requested
sysctls, err := getSysctlsFromAnnotations(config.Annotations)
if err != nil {
return "", fmt.Errorf("failed to get sysctls from annotations %v for container %q: %v", config.Annotations, config.Metadata.GetName(), err)
}
hc.Sysctls = sysctls
// Apply options derived from the sandbox config. // Apply options derived from the sandbox config.
if lc := sandboxConfig.GetLinux(); lc != nil { if lc := sandboxConfig.GetLinux(); lc != nil {
// Apply Cgroup options. // Apply Cgroup options.
@@ -176,6 +169,7 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeApi
// Note: ShmSize is handled in kube_docker_client.go // Note: ShmSize is handled in kube_docker_client.go
} }
var err error
hc.SecurityOpt, err = getContainerSecurityOpts(config.Metadata.GetName(), sandboxConfig, ds.seccompProfileRoot) hc.SecurityOpt, err = getContainerSecurityOpts(config.Metadata.GetName(), sandboxConfig, ds.seccompProfileRoot)
if err != nil { if err != nil {
return "", fmt.Errorf("failed to generate container security options for container %q: %v", config.Metadata.GetName(), err) return "", fmt.Errorf("failed to generate container security options for container %q: %v", config.Metadata.GetName(), err)