scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-01 10:48:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

cmd/kubelet

Browse Source
This commit is contained in:
Chao Xu
2016-11-18 12:50:58 -08:00
parent 7eeb71f698
commit 5e1adf91df
178 changed files with 3685 additions and 3560 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
pkg/kubelet/util.go
View File

@@ -20,14 +20,14 @@ import (
"fmt"
"os"
"k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/pkg/api/v1"
"k8s.io/kubernetes/pkg/capabilities"
kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
"k8s.io/kubernetes/pkg/securitycontext"
)
// Check whether we have the capabilities to run the specified pod.
func canRunPod(pod *api.Pod) error {
func canRunPod(pod *v1.Pod) error {
if !capabilities.Get().AllowPrivileged {
for _, container := range pod.Spec.Containers {
if securitycontext.HasPrivilegedRequest(&container) {
@@ -41,11 +41,7 @@ func canRunPod(pod *api.Pod) error {
}
}
if pod.Spec.SecurityContext == nil {
return nil
}
if pod.Spec.SecurityContext.HostNetwork {
if pod.Spec.HostNetwork {
allowed, err := allowHostNetwork(pod)
if err != nil {
return err
@@ -55,7 +51,7 @@ func canRunPod(pod *api.Pod) error {
}
}
if pod.Spec.SecurityContext.HostPID {
if pod.Spec.HostPID {
allowed, err := allowHostPID(pod)
if err != nil {
return err
@@ -65,7 +61,7 @@ func canRunPod(pod *api.Pod) error {
}
}
if pod.Spec.SecurityContext.HostIPC {
if pod.Spec.HostIPC {
allowed, err := allowHostIPC(pod)
if err != nil {
return err
@@ -79,7 +75,7 @@ func canRunPod(pod *api.Pod) error {
}
// Determined whether the specified pod is allowed to use host networking
func allowHostNetwork(pod *api.Pod) (bool, error) {
func allowHostNetwork(pod *v1.Pod) (bool, error) {
podSource, err := kubetypes.GetPodSource(pod)
if err != nil {
return false, err
@@ -93,7 +89,7 @@ func allowHostNetwork(pod *api.Pod) (bool, error) {
}
// Determined whether the specified pod is allowed to use host networking
func allowHostPID(pod *api.Pod) (bool, error) {
func allowHostPID(pod *v1.Pod) (bool, error) {
podSource, err := kubetypes.GetPodSource(pod)
if err != nil {
return false, err
@@ -107,7 +103,7 @@ func allowHostPID(pod *api.Pod) (bool, error) {
}
// Determined whether the specified pod is allowed to use host ipc
func allowHostIPC(pod *api.Pod) (bool, error) {
func allowHostIPC(pod *v1.Pod) (bool, error) {
podSource, err := kubetypes.GetPodSource(pod)
if err != nil {
return false, err