search

Mirantis / cri-dockerd

dockerd as a compliant Container Runtime Interface for Kubernetes
https://mirantis.github.io/cri-dockerd/
Apache License 2.0
1.12k stars 291 forks source link

Enabling hostIPC does not have any effect #399

Open remod opened 2 months ago

remod commented 2 months ago

Expected Behavior

I expect that I can use the host's IPC using k3s and cri-dockerd.

This means that I can set hostIPC: true and the IpcMode of the resulting docker container is set as if you'd run a docker container manually with docker run --ipc=host ....

docker inspect ... should return "IpcMode": "host", in both cases.

Actual Behavior

With k3s and cri-dockerd, docker inspect ... returns "IpcMode": "container:e86cde4006dd4ebb82229db13e77b223e248b4969dc3738d58600971874ff372", even though I set hostIPC: true.

Steps to Reproduce the Problem

  1. Installed K3s: curl -sfL https://get.k3s.io | sh -
  2. Create a pod definition: 
    echo "apiVersion: v1
kind: Pod
metadata:
name: test-ipc
spec:
hostIPC: true
containers:
- name: test-ipc
  image: ubuntu:focal
  command: [\"sh\", \"-c\"]
  args: [\"while true; do echo 'foo'; sleep 1; done;\"]" > test-ipc-pod.yaml
  3. Install pod: kubectl apply -f test-ipc-pod.yaml
  4. Check IPC mode: docker inspect $(docker ps -q --filter "name=k8s_test-ipc") | grep IpcMode

Specifications

k3s version v1.30.1+k3s1 (80978b5b)
go version go1.22.2
Linux remod-p1 6.8.0-41-generic #41-Ubuntu SMP PREEMPT_DYNAMIC Fri Aug  2 20:41:06 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
zhangguanzhang commented 3 weeks ago

pause IPCmode = host others = container it