mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2025-06-13 10:33:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

helm: Add selinuxMount flag to enable/disable /etc/selinux host mount

Browse Source 
Add selinuxMount flag to enable/disable /etc/selinux host mount inside pods
to support selinux-enabled filesystems

Signed-off-by: Francesco Astegiano <francesco.astegiano@gmail.com>
This commit is contained in:
Francesco Astegiano
2022-02-16 00:13:39 +01:00
committed by mergify[bot]
parent ea89b26f65
commit 4235178f7c
8 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
charts/ceph-csi-cephfs/templates/nodeplugin-daemonset.yaml
View File

@ -112,9 +112,11 @@ spec:
name: host-mount
- mountPath: /sys
name: host-sys
{{- if .Values.selinuxMount }}
- mountPath: /etc/selinux
name: etc-selinux
readOnly: true
{{- end }}
- mountPath: /lib/modules
name: lib-modules
readOnly: true
@ -176,9 +178,11 @@ spec:
- name: host-sys
hostPath:
path: /sys
{{- if .Values.selinuxMount }}
- name: etc-selinux
hostPath:
path: /etc/selinux
{{- end }}
- name: host-mount
hostPath:
path: /run/mount

2
charts/ceph-csi-cephfs/templates/nodeplugin-psp.yaml
View File

@ -40,8 +40,10 @@ spec:
readOnly: false
- pathPrefix: '/sys'
readOnly: false
{{- if .Values.selinuxMount }}
- pathPrefix: '/etc/selinux'
readOnly: true
{{- end }}
- pathPrefix: '/lib/modules'
readOnly: true
- pathPrefix: '{{ .Values.kubeletDir }}'