diff --git a/contributors/design-proposals/propagation.md b/contributors/design-proposals/propagation.md index 8e4492b4a85..ba8cfbb243a 100644 --- a/contributors/design-proposals/propagation.md +++ b/contributors/design-proposals/propagation.md @@ -163,20 +163,32 @@ and something prevents it from starting if `/sys` is shared. ## Decision * We will take 'Add an option in VolumeMount API' (with an annotation during - alpha instead of real VolumeMount field). + alpha instead of real VolumeMount field): * With validation that it can be used only with HostPath volumes. * With validation that shared propagation can be used only in privileged containers. + * kubernetes/kubernetes#46444 * Kubelet will make sure that at least `/var/lib/kubelet` can be share-able into - containers and it will refuse to start if it's unsuccessful. + containers and it will refuse to start if it's unsuccessful + * kubernetes/kubernetes#45724 +* Kubelet's Docker shim layer will check that it is able to run a container with + shared mount propagation on `/var/lib/kubelet` during startup and refuse to + start otherwise. This ensures that both Docker and kubelet see the same + `/var/lib/kubelet` and it can be shared into containers. + E.g. Google COS-58 runs Docker in a separate mount namespace with slave + propagation and thus can't run a container with shared propagation on + anything. Other container engines should follow the suit. * Node conformance suite will check that mount propagation in /var/lib/kubelet works. * During alpha, all the behavior above must be explicitly enabled by `kubelet --test-enable-mount-propagation` - (or `kubelet --feature-gates MountPropagation=true`?). It will be used only - for testing of volume plugins in e2e tests. Developers / testers can enable it - in their clusters, but it's clearly marked as not ready for production. + It will be used only for testing of volume plugins in e2e tests and + it will be marked as deprecated from the beginning. + Developers / testers can enable it in their clusters manually. Mount propagation may be redesigned or even removed in any future release. +* During the first alpha, the default mount propagation will be `private`. + The ultimate goal should be `rslave` as the default mount propagation + for all pods, this will require extensive testing though. ## Extra Concerns