Browse Source

Exec: Use nsenter to enter all host namespaces when running exec

This PS moves to pivot to the hosts namespaces rather than chroot
so as to allow scripts to run fully in the context of the host.

Change-Id: I6b4dab92b6f8a7f9fa5b895d546117fdae43d731
Signed-off-by: Pete Birley <pete@port.direct>
changes/88/642588/6
Pete Birley 3 years ago
committed by Anderson, Craig (ca846m)
parent
commit
85534b7796
  1. 2
      divingbell/templates/bin/_exec.sh.tpl
  2. 2
      setup.cfg
  3. 2
      tools/helm_install.sh

2
divingbell/templates/bin/_exec.sh.tpl

@ -217,7 +217,7 @@ UNIQUE_EOF_9c341059-25a0-4725-9489-1789e255e381
chmod 700 {{ .Values.conf.chroot_mnt_path | quote }}/tmp/exec_host_{{ .Chart.Version }}.sh
while true; do
chroot {{ .Values.conf.chroot_mnt_path | quote }} /tmp/exec_host_{{ .Chart.Version }}.sh
nsenter -t 1 -m -u -n -i -p /tmp/exec_host_{{ .Chart.Version }}.sh
sleep 2
echo 'INFO Putting the daemon to sleep.'
sleep {{ $exec_loop_sleep_interval }}

2
setup.cfg

@ -1,6 +1,6 @@
[metadata]
name = Divingbell
description-file = README.md
description-file = README.rst
author = The Airship Authors
author-email = airship-discuss@lists.airshipit.org
home-page = https://airship-divingbell.readthedocs.io/

2
tools/helm_install.sh

@ -17,7 +17,7 @@
set -x
HELM=$1
HELM_ARTIFACT_URL=${HELM_ARTIFACT_URL:-"https://storage.googleapis.com/kubernetes-helm/helm-v2.10.0-linux-amd64.tar.gz"}
HELM_ARTIFACT_URL=${HELM_ARTIFACT_URL:-"https://storage.googleapis.com/kubernetes-helm/helm-v2.13.0-linux-amd64.tar.gz"}
function install_helm_binary {

Loading…
Cancel
Save