Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mimic pinns namespace path layout #1067

Merged
merged 1 commit into from
Feb 3, 2023
Merged

Mimic pinns namespace path layout #1067

merged 1 commit into from
Feb 3, 2023

Conversation

saschagrunert
Copy link
Member

What type of PR is this?

/kind feature

What this PR does / why we need it:

CNI expects namespaces available under /var/run/netns, which means we now change the overall layout of the namespaces to match pinns.

Which issue(s) this PR fixes:

Fixes #1065

Special notes for your reviewer:

None

Does this PR introduce a user-facing change?

Mimic pinns namespace path layout for `conmonrs pause`

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Feb 1, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: saschagrunert

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved label Feb 1, 2023
@saschagrunert saschagrunert mentioned this pull request Feb 1, 2023
Closed
@saschagrunert saschagrunert mentioned this pull request Feb 1, 2023
Closed
@codecov-commenter
Copy link

codecov-commenter commented Feb 1, 2023
edited
Loading

Codecov Report

Merging #1067 (a974feb) into main (3ec8b5d) will increase coverage by 0.44%.
The diff coverage is n/a.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1067      +/-   ##
==========================================
+ Coverage   33.39%   33.83%   +0.44%     
==========================================
  Files          13       13              
  Lines        1126     1126              
  Branches      389      387       -2     
==========================================
+ Hits          376      381       +5     
+ Misses        494      486       -8     
- Partials      256      259       +3

@saschagrunert saschagrunert force-pushed the pause-paths branch 6 times, most recently from a974feb to 48a559e Compare February 2, 2023 09:24
@saschagrunert
Mimic pinns namespace path layout
82618ac 
CNI expects namespaces available under `/var/run/netns`, which means we
now change the overall layout of the namespaces to match `pinns`.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
haircommander
haircommander reviewed Feb 2, 2023
View reviewed changes
conmon-rs/server/src/config.rs
/// Run pause, which bind mounts selected namespaces to the local file system.
///
/// If a namespace is not selected by one of the flags, then it will fallback to the host
/// namespace and still create the bind mount to it. All namespaces are mounted to
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know this behavior was added in #1064 but something I've just thought of: we will needessly mount a namespace for private namespaces (container level), as we unconditionally do the host mounting, but then it wouldn't be used. I think that's okay and not that much overhead, but it would be more mounts than needed (for instance, kube can't even specify mount namespaces, so it's always private, but we always create a host level mount namespace)

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I'm gonna open an issue to track

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#1081

@haircommander
Copy link
Collaborator

LGTM, thanks!

@saschagrunert
Copy link
Member Author

saschagrunert commented Feb 3, 2023
edited
Loading

@rphillips @haircommander I'd say we merge this (already a large PR) and iterate on the open issues

@haircommander
Copy link
Collaborator

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Feb 3, 2023
@openshift-merge-robot openshift-merge-robot merged commit 4e4ffb9 into containers:main Feb 3, 2023
@saschagrunert saschagrunert deleted the pause-paths branch February 6, 2023 07:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@haircommander haircommander haircommander left review comments

@rphillips rphillips rphillips left review comments

Assignees

@haircommander haircommander

Labels
approved kind/feature lgtm release-note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

PAUSE_PATH should be configurable
5 participants
@saschagrunert @codecov-commenter @haircommander @rphillips @openshift-merge-robot