Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
osd: add privileged support (back) to blkdevmapper securityContext (w…
…ork-around) The blockdevmapper securityContext was changed to request a minimal set of required capabilities for its operation and drop running as privileged. While the base change works and is valid in terms of the container's copy operation, it turns out that OpenShift may require some additional configuration not currently covered by the limited securityContext and the capabilities granted. To not break those OpenShift deployments, make the blkdevmapper securityContext listen to the ROOK_HOSTPATH_REQUIRES_PRIVILEGED flag again to set privileged mode. This flag is true on OpenShift deployments and running as privileged works around the (missing) configuration problem for now. To properly drop privileged completely some additional investigation needs to be done on OpenShift deployments without relying on privileged execution. Signed-off-by: Omar Pakker <Omar007@users.noreply.github.com>
- Loading branch information