[WIP-Rebase] *: Add --pid-namespace=[container|pod|pod-container] #3601
Conversation
So crio callers can pick their PID namespace approach. This seems
like something that folks might want to configure per-pod, or possibly
even per-container, but for now follow --enable-shared-pid-namespace
and make it per-crio-daemon.
The "Deprecated:" paragraph approach in Go comments is recommended in
[1].
I tried to find a more compact form for the REDIS_IN_INFRA test, but:
* =~ is not in POSIX [2], so we need to use Bash's internal [[.
* '[ ! {expression} ]' is in POSIX [2], but Bash's [[ seems to look
for ! before doing variable expansion.
Because of those, we can't use POSIX's ${parameter:+word} [3]:
NOT="!"
[[ ${REDIS_IN_INFRA:+${NOT}} "$output" =~ "redis" ]]
and the best alternative I can find is the if/else that I've gone with
in this commit.
The ADDITIONAL_CRIO_OPTIONS approach is easier to maintain than the
old approach with settings for every option, because we no longer need
to maintain defaults in two locations (lib/config.go and
test/helpers.bash). For this commit, I've only dropped
ENABLE_SHARED_PID_NAMESPACE, but we may want to extend this approach
to more variables in the future.
PIDNamespaceType follows the ImageVolumes pattern at Mrunal's
recommendation [4].
[1]: https://blog.golang.org/godoc-documenting-go-code
[2]: http://pubs.opengroup.org/onlinepubs/9699919799/utilities/test.html
[3]: http://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_06_02
[4]: #1280 (comment)
Based on: #1280
Signed-off-by: W. Trevor King <[email protected]>
Signed-off-by: Douglas Schilling Landgraf <[email protected]>
|
@dougsland: PR needs rebase. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
1 similar comment
|
@dougsland: PR needs rebase. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: dougsland The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
@dougsland: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
This isn't really needed since k8s added support for sharing pid namespaces at the pod level. |
Sure @mrunalp. Thanks! |
What type of PR is this?
/kind feature
What this PR does / why we need it:
So crio callers can pick their PID namespace approach. This seems
like something that folks might want to configure per-pod, or possibly
even per-container, but for now follow --enable-shared-pid-namespace
and make it per-crio-daemon.
The "Deprecated:" paragraph approach in Go comments is recommended in
1.
I tried to find a more compact form for the REDIS_IN_INFRA test, but:
for ! before doing variable expansion.
Because of those, we can't use POSIX's ${parameter:+word} 3:
NOT="!"
[[ ${REDIS_IN_INFRA:+${NOT}} "$output" =~ "redis" ]]
and the best alternative I can find is the if/else that I've gone with
in this commit.
The ADDITIONAL_CRIO_OPTIONS approach is easier to maintain than the
old approach with settings for every option, because we no longer need
to maintain defaults in two locations (lib/config.go and
test/helpers.bash). For this commit, I've only dropped
ENABLE_SHARED_PID_NAMESPACE, but we may want to extend this approach
to more variables in the future.
PIDNamespaceType follows the ImageVolumes pattern at Mrunal's
recommendation 4.
Based on: #1280
Signed-off-by: W. Trevor King [email protected]
Signed-off-by: Douglas Schilling Landgraf [email protected]