Hi all,
I am able to easily deploy a POD with privileged mode enabled in my openshift
cluster. I am also able to deploy a non-privileged application from a
service/deploymentConfig template. But, I am unable to create a template which
deploys a POD with privileged mode enabled. Is this possible? Here is a
sample template:
{
"kind": "Template",
"apiVersion": "v1",
"metadata": {
"name": "heketi",
"annotations": {
"description": "Heketi application",
"tags": "glusterfs,heketi"
}
},
"labels": {
"template": "heketi"
},
"objects": [
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}",
"annotations": {
"description": "Exposes Heketi service"
}
},
"spec": {
"ports": [
{
"name": "rest-api",
"port": 8080,
"targetPort": 8080
}
],
"selector": {
"name": "${NAME}"
}
}
},
{
"kind": "DeploymentConfig",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}",
"annotations": {
"description": "Defines how to deploy Heketi"
}
},
"spec": {
"replicas": 1,
"selector": {
"name": "${NAME}"
},
"template": {
"metadata": {
"name": "${NAME}",
"labels": {
"name": "${NAME}"
}
},
"triggers": [
{
"type": "ConfigChange"
}
],
"strategy": {
"type": "Rolling"
},
"spec": {
"containers": [
{
"securityContext" : {
"capabilities" : {},
"privileged" : true
}
"name": "heketi",
"image": "heketi/heketi:dev",
"ports": [
{
"containerPort": 8080
}
],
"volumeMounts": [
{
"name": "db",
"mountPath": "/var/lib/heketi"
}
],
"readinessProbe": {
"timeoutSeconds": 3,
"initialDelaySeconds": 3,
"httpGet": {
"path": "/hello",
"port": 8080
}
},
"livenessProbe": {
"timeoutSeconds": 3,
"initialDelaySeconds": 30,
"httpGet": {
"path": "/hello",
"port": 8080
}
}
}
],
"volumes": [
{
"name": "db"
}
]
}
}
}
}
],
"parameters": [
{
"name": "NAME",
"displayName": "Name",
"description": "The name assigned to all of the frontend objects defined
in this template.",
"required": true,
"value": "heketi"
}
]
}
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
