fix(ovs): add capability to openvswitch
While OpenVSwitch works in the gate using kubernetes 1.16, running this in kubernetes 1.18 causes a permission denied error while executing chroot in an init container script [0]. This adds the SYS_CHROOT capability to address the error. [0] https://opendev.org/openstack/openstack-helm-infra/src/branch/master/openvswitch/templates/bin/_openvswitch-vswitchd-init-modules.sh.tpl#L18-L20 Change-Id: I62c01678cce6cd4e98418ed5518613ccd5eecbf9 Signed-off-by: Tin Lam <tin@irrational.io>
This commit is contained in:
parent
eaaf0062e4
commit
587182c779
@ -88,6 +88,7 @@ pod:
|
|||||||
capabilities:
|
capabilities:
|
||||||
add:
|
add:
|
||||||
- SYS_MODULE
|
- SYS_MODULE
|
||||||
|
- SYS_CHROOT
|
||||||
readOnlyRootFilesystem: true
|
readOnlyRootFilesystem: true
|
||||||
vswitchd:
|
vswitchd:
|
||||||
runAsUser: 0
|
runAsUser: 0
|
||||||
|
Loading…
Reference in New Issue
Block a user