burble/nomad-driver-containerd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add host_dns flag into TaskConfig.

Browse Source
This commit is contained in:
Shishir Mahajan 2020-09-29 14:32:51 -07:00
parent 0b406c2320
commit b810840bec
No known key found for this signature in database
GPG Key ID: D41782E7688DEC4A
2 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
containerd/containerd.go
View File

@ -142,6 +142,12 @@ func (d *Driver) createContainer(containerConfig *ContainerConfig, config *TaskC
mounts = append(mounts, m) mounts = append(mounts, m)
} }
// Setup host DNS (/etc/resolv.conf) into the container.
if config.HostDNS {
dnsMount := buildMountpoint("bind", "/etc/resolv.conf", "/etc/resolv.conf", []string{"rbind", "ro"})
mounts = append(mounts, dnsMount)
}
// Setup "/secrets" (NOMAD_SECRETS_DIR) in the container. // Setup "/secrets" (NOMAD_SECRETS_DIR) in the container.
if containerConfig.SecretsDir != "" { if containerConfig.SecretsDir != "" {
secretsMount := buildMountpoint("bind", "/secrets", containerConfig.SecretsDir, []string{"rbind", "ro"}) secretsMount := buildMountpoint("bind", "/secrets", containerConfig.SecretsDir, []string{"rbind", "ro"})

19
containerd/driver.go
View File

@ -85,13 +85,17 @@ var (
// this is used to validate the configuration specified for the plugin // this is used to validate the configuration specified for the plugin
// when a job is submitted. // when a job is submitted.
taskConfigSpec = hclspec.NewObject(map[string]*hclspec.Spec{ taskConfigSpec = hclspec.NewObject(map[string]*hclspec.Spec{
"image": hclspec.NewAttr("image", "string", true), "image": hclspec.NewAttr("image", "string", true),
"command": hclspec.NewAttr("command", "string", false), "command": hclspec.NewAttr("command", "string", false),
"args": hclspec.NewAttr("args", "list(string)", false), "args": hclspec.NewAttr("args", "list(string)", false),
"cap_add": hclspec.NewAttr("cap_add", "list(string)", false), "cap_add": hclspec.NewAttr("cap_add", "list(string)", false),
"cap_drop": hclspec.NewAttr("cap_drop", "list(string)", false), "cap_drop": hclspec.NewAttr("cap_drop", "list(string)", false),
"devices": hclspec.NewAttr("devices", "list(string)", false), "devices": hclspec.NewAttr("devices", "list(string)", false),
"privileged": hclspec.NewAttr("privileged", "bool", false), "privileged": hclspec.NewAttr("privileged", "bool", false),
"host_dns": hclspec.NewDefault(
hclspec.NewAttr("host_dns", "bool", false),
hclspec.NewLiteral("true"),
),
"seccomp": hclspec.NewAttr("seccomp", "bool", false), "seccomp": hclspec.NewAttr("seccomp", "bool", false),
"seccomp_profile": hclspec.NewAttr("seccomp_profile", "string", false), "seccomp_profile": hclspec.NewAttr("seccomp_profile", "string", false),
"readonly_rootfs": hclspec.NewAttr("readonly_rootfs", "bool", false), "readonly_rootfs": hclspec.NewAttr("readonly_rootfs", "bool", false),
@ -146,6 +150,7 @@ type TaskConfig struct {
Seccomp bool `codec:"seccomp"` Seccomp bool `codec:"seccomp"`
SeccompProfile string `codec:"seccomp_profile"` SeccompProfile string `codec:"seccomp_profile"`
Privileged bool `codec:"privileged"` Privileged bool `codec:"privileged"`
HostDNS bool `codec:"host_dns"`
ReadOnlyRootfs bool `codec:"readonly_rootfs"` ReadOnlyRootfs bool `codec:"readonly_rootfs"`
HostNetwork bool `codec:"host_network"` HostNetwork bool `codec:"host_network"`
Mounts []Mount `codec:"mounts"` Mounts []Mount `codec:"mounts"`