Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
deploy: no need to have volumes for /dev in privileged containers
It seems recent versions of CRI-O cause problems when bind-mounting /dev into a privileged container. When a container is privileged, it automatically gets access to /dev, a bind-mount is setup by the runtime. With the new CRI-O versions, the following error is reported and the containers fail to start: Warning Unhealthy 1m (x346 over 1h) kubelet, cnv-executor-lbednar-node2.example.com (combined from similar events): Liveness probe errored: rpc error: code = Unknown desc = command error: time="2018-11-15T14:27:20Z" level=error msg="open /dev/null: permission denied " open /dev/null: permission denied exec failed: container_linux.go:336: starting container process caused "read init-p: connection reset by peer" , stdout: , stderr: , exit code -1 Fixes: https://bugzilla.redhat.com/1651270
- Loading branch information