https://bugzilla.redhat.com/show_bug.cgi?id=1224417
Eric Paris <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #3 from Eric Paris <[email protected]> --- I'll let you tell me the right label, this is likely not quite it, but the best we can do now. Lets assume you define a pod that uses an NFS mount as its volume. The kubelet will mount the NFS export inside /var/lib/kubelet/$somedir and will then tell docker to volume mount /var/lib/kubelet/$somedir into the container. If you define a 'secret' for a container the kubelet will mount tmpfs in /var/lib/kubelet/$somedir and the secret as a file in the tmpfs, and then tell docker to volume mount it into your container. At this point kube is pretty stupid, it does no/little labeling really. I think we're going to need to move the docker/svirt level knowledge up into kube. (It'll eventually land on pmorie's plate I'd bet) so that kube can mount with good labels that docker can use. But for now, kubelet does nothing smart... This is a lot like the label on /var/lib/docker/[something] Which you know better than me.... -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ golang mailing list [email protected] https://lists.fedoraproject.org/mailman/listinfo/golang
