Kubernetes: enable mount propagation

This PS enables the mount propogation feature gate.

Change-Id: I7a37f45ff6061b144c6f04233712cd84fccb3e83
This commit is contained in:
Pete Birley 2018-04-19 21:38:32 -05:00
parent 39ab1c3b5d
commit b9edac6148
3 changed files with 5 additions and 1 deletions

View File

@ -19,6 +19,9 @@ ExecStart=/usr/bin/dockerd-current \
--storage-driver=overlay2 \ --storage-driver=overlay2 \
--log-driver=json-file \ --log-driver=json-file \
--iptables=false --iptables=false
# NOTE(portdirect): fix mount propagation for CentOS, this is done post start,
# as docker seems to reset this.
ExecStartPost=/usr/bin/mount --make-rshared /
ExecReload=/bin/kill -s HUP $MAINPID ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576 LimitNOFILE=1048576
LimitNPROC=1048576 LimitNPROC=1048576

View File

@ -32,6 +32,7 @@ tokenTTL: 24h0m0s
selfHosted: {{ k8s.selfHosted }} selfHosted: {{ k8s.selfHosted }}
apiServerExtraArgs: apiServerExtraArgs:
service-node-port-range: "1024-65535" service-node-port-range: "1024-65535"
feature-gates: "MountPropagation=true"
controllerManagerExtraArgs: controllerManagerExtraArgs:
address: "0.0.0.0" address: "0.0.0.0"
port: "10252" port: "10252"

View File

@ -7,7 +7,7 @@ Environment="KUBELET_AUTHZ_ARGS=--authorization-mode=Webhook --client-ca-file=/e
Environment="KUBELET_CADVISOR_ARGS=--cadvisor-port=0" Environment="KUBELET_CADVISOR_ARGS=--cadvisor-port=0"
Environment="KUBELET_CERTIFICATE_ARGS=--rotate-certificates=true --cert-dir=/var/lib/kubelet/pki" Environment="KUBELET_CERTIFICATE_ARGS=--rotate-certificates=true --cert-dir=/var/lib/kubelet/pki"
Environment="KUBELET_NODE_LABELS=--node-labels {{ kubelet.kubelet_labels }}" Environment="KUBELET_NODE_LABELS=--node-labels {{ kubelet.kubelet_labels }}"
Environment="KUBELET_EXTRA_ARGS=--max-pods=220 --pods-per-core=0" Environment="KUBELET_EXTRA_ARGS=--max-pods=220 --pods-per-core=0 --feature-gates MountPropagation=true"
#ExecStartPre=-+/sbin/restorecon -v /usr/bin/kubelet #SELinux #ExecStartPre=-+/sbin/restorecon -v /usr/bin/kubelet #SELinux
ExecStart= ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ_ARGS $KUBELET_CADVISOR_ARGS $KUBELET_CERTIFICATE_ARGS $KUBELET_NODE_LABELS $KUBELET_EXTRA_ARGS ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ_ARGS $KUBELET_CADVISOR_ARGS $KUBELET_CERTIFICATE_ARGS $KUBELET_NODE_LABELS $KUBELET_EXTRA_ARGS