Skip to content
Snippets Groups Projects
Commit bd0bc312 authored by Derek Su's avatar Derek Su
Browse files

Run the container of the helper pod in privileged mode


Under the SELinux mode, the helper pod fails to do any flesystem operation.

Signed-off-by: default avatarDerek Su <derek.su@suse.com>
parent cd3205a5
No related branches found
No related tags found
No related merge requests found
......@@ -518,6 +518,7 @@ func (p *LocalPathProvisioner) createHelperPod(action ActionType, cmd []string,
if o.Node != "" {
helperPod.Spec.NodeName = o.Node
}
privileged := true
helperPod.Spec.ServiceAccountName = p.serviceAccountName
helperPod.Spec.RestartPolicy = v1.RestartPolicyNever
helperPod.Spec.Tolerations = append(helperPod.Spec.Tolerations, lpvTolerations...)
......@@ -527,6 +528,9 @@ func (p *LocalPathProvisioner) createHelperPod(action ActionType, cmd []string,
helperPod.Spec.Containers[0].Args = []string{"-p", filepath.Join(parentDir, volumeDir),
"-s", strconv.FormatInt(o.SizeInBytes, 10),
"-m", string(o.Mode)}
helperPod.Spec.Containers[0].SecurityContext = &v1.SecurityContext{
Privileged: &privileged,
}
// If it already exists due to some previous errors, the pod will be cleaned up later automatically
// https://github.com/rancher/local-path-provisioner/issues/27
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment