MCPcopy
hub / github.com/microsoft/retina / hostNetworkPodForNodeDebug

Function hostNetworkPodForNodeDebug

shell/manifests.go:27–101  ·  view source on GitHub ↗
(config Config, debugPodNamespace, nodeName string)

Source from the content-addressed store, hash-verified

25}
26
27func hostNetworkPodForNodeDebug(config Config, debugPodNamespace, nodeName string) *v1.Pod {
28 pod := &v1.Pod{
29 ObjectMeta: metav1.ObjectMeta{
30 Name: randomRetinaShellContainerName(),
31 Namespace: debugPodNamespace,
32 },
33 Spec: v1.PodSpec{
34 NodeName: nodeName,
35 RestartPolicy: v1.RestartPolicyNever,
36 Tolerations: []v1.Toleration{{Operator: v1.TolerationOpExists}},
37 HostNetwork: true,
38 HostPID: config.HostPID,
39 Containers: []v1.Container{
40 {
41 Name: "retina-shell",
42 Image: config.RetinaShellImage,
43 Stdin: true,
44 TTY: true,
45 SecurityContext: &v1.SecurityContext{
46 Capabilities: &v1.Capabilities{
47 Drop: []v1.Capability{"ALL"},
48 Add: stringSliceToCapabilities(config.Capabilities),
49 },
50 },
51 },
52 },
53 },
54 }
55
56 if config.MountHostFilesystem || config.AllowHostFilesystemWrite {
57 pod.Spec.Volumes = append(pod.Spec.Volumes,
58 v1.Volume{
59 Name: "host-filesystem",
60 VolumeSource: v1.VolumeSource{
61 HostPath: &v1.HostPathVolumeSource{
62 Path: "/",
63 },
64 },
65 },
66 v1.Volume{
67 Name: "run",
68 VolumeSource: v1.VolumeSource{
69 HostPath: &v1.HostPathVolumeSource{
70 Path: "/run",
71 },
72 },
73 },
74 )
75 pod.Spec.Containers[0].VolumeMounts = append(pod.Spec.Containers[0].VolumeMounts,
76 v1.VolumeMount{
77 Name: "host-filesystem",
78 MountPath: "/host",
79 ReadOnly: !config.AllowHostFilesystemWrite,
80 },
81 v1.VolumeMount{
82 Name: "run",
83 MountPath: "/run",
84 },

Calls 2