Kuryr: Mount /run/netns to ensure netns access

openshift/machine-config-operator#1689 moves pod namespaces from /proc into /run/netns. As Kuryr needs access to them in order to manipulate interfaces, we need to mount the new directory and this commit does that. Note that CNI will pass /var/run/netns in netns paths, but /var/run is a symlink to /run, so it should be just fine.
openshift · May 5, 2020 · 9c07f82 · 9c07f82
1 parent 3364052
commit 9c07f82
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/bindata/network/kuryr/005-daemon.yaml b/bindata/network/kuryr/005-daemon.yaml
@@ -56,6 +56,9 @@ spec:
           mountPath: /host_proc
         - name: openvswitch
           mountPath: /var/run/openvswitch
+        - name: netns
+          mountPath: /run/netns
+          mountPropagation: HostToContainer
 {{ if (default true .DaemonEnableProbes) eq "true" }}
         readinessProbe:
           failureThreshold: 10
@@ -85,6 +88,9 @@ spec:
       - name: proc
         hostPath:
           path: /proc
+      - name: netns
+        hostPath:
+          path: /run/netns
       - name: openvswitch
         hostPath:
           path: /var/run/openvswitch