richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

fix kube-vip container securityContext (#11647)

pull/11657/head
kyrie 1 month ago
committed by GitHub
parent
5aea2abc40
commit
693eb74f52
No known key found for this signature in database GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 0 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      roles/kubernetes/node/templates/manifests/kube-vip.manifest.j2

5
roles/kubernetes/node/templates/manifests/kube-vip.manifest.j2
View File

@ -104,11 +104,16 @@ spec:
imagePullPolicy: {{ k8s_image_pull_policy }}
name: kube-vip
resources: {}
{% if kube_vip_lb_fwdmethod == "masquerade" %}
securityContext:
privileged: true
{% else %}
securityContext:
capabilities:
add:
- NET_ADMIN
- NET_RAW
{% endif %}
volumeMounts:
- mountPath: /etc/kubernetes/admin.conf
name: kubeconfig

Write Preview
Loading…
Cancel
Save