epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2026-03-09 11:47:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Revert "Drop linux capabilities and rework users/groups"

Browse Source
This commit is contained in:
Matthew Mosesohn
2017-02-06 15:58:54 +03:00
committed by GitHub
parent b7bf502e02
commit fd30131dc2
48 changed files with 81 additions and 413 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/kubernetes/node/templates/kubelet.rkt.service.j2
View File

@@ -29,7 +29,7 @@ ExecStart=/usr/bin/rkt run \
--volume run,kind=host,source=/run,readOnly=false \
--volume usr-share-certs,kind=host,source=/usr/share/ca-certificates,readOnly=true \
--volume var-lib-docker,kind=host,source={{ docker_daemon_graph }},readOnly=false \
--volume var-lib-kubelet,kind=host,source=/var/lib/kubelet,readOnly=false \
--volume var-lib-kubelet,kind=host,source=/var/lib/kubelet,readOnly=false \
--volume var-log,kind=host,source=/var/log \
--mount volume=dns,target=/etc/resolv.conf \
--mount volume=etc-cni,target=/etc/cni \
@@ -44,7 +44,6 @@ ExecStart=/usr/bin/rkt run \
--mount volume=var-log,target=/var/log \
--stage1-from-dir=stage1-fly.aci \
{{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} \
--memory={{ kubelet_memory_limit }} --cpu={{ kubelet_cpu_limit }} \
--uuid-file-save=/var/run/kubelet.uuid \
--debug --exec=/kubelet -- \
$KUBE_LOGTOSTDERR \