Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Pass the extension name to the controller with an environment variable
PR openshift#266 added the possibility to use different names for the extension depending on the CoreOS flavour presumably running on the host : "kata-containers" by default and "sandboxed-containers" for RHCOS. This is based on OS detection using os-release(5) files. In order to make a good guess, this logic should be handed over the os-release files of the host, otherwise arbitrary os-release files from the controller image might be used instead. This is exactly what happens in the case of Red Hat's OpenShift Sandboxed Containers (OSC) : the controller image is based on RHEL8. It legitimately fails the RHCOS detection heuristics and we end up trying to use the "kata-containers" name that doesn't exist in RHCOS. Thus preventing deployment of kata and putting the cluster in a degraded state. Trying to make assumptions on the host OS isn't generally recommanded. It is at best fragile and at worse potentially insecure if it requires to expose host details inside containers. This isn't really a direction that OSC is willing to take. Also, there is no real need for runtime detection in the code : the CoreOS flavour is an invariant that can be passed to the controller process when it starts. Let's go for a more simple and robust solution : make it configurable with an environment variable. This allows easy customization in the manifest files and doesn't raise any security concern. "kata-containers" remains the default so this should not change any existing behavior for FCOS. OSC will adapt its downstream manifests to use the RHCOS-friendly name. Fixes: https://issues.redhat.com/browse/KATA-2079 Signed-off-by: Greg Kurz <groug@kaod.org>
- Loading branch information
