search

containers / virtcontainers

A Go package for building hardware virtualized container runtimes
Apache License 2.0
139 stars 43 forks source link

Run cc-shim in the network namespace of pod #618

Closed miaoyq closed 6 years ago

miaoyq commented 6 years ago

Now, the container pid that is get by docker inspect -f '{{.State.Pid}}' [container_id] is the pid of shim process, and the shim process is in the host netwok namespace.

In some case, we should get the netwok namespace of container via the container pid (e.g. dockershim), This PR moves the shim process into the pod network namespace like VM procewss.

Fixes #615 Related to https://github.com/clearcontainers/runtime/issues/987#issuecomment-364452318

/cc @sboeuf @sameo @plutoinmii

Signed-off-by: Yanqiang Miao miao.yanqiang@zte.com.cn

miaoyq commented 6 years ago

@sboeuf Thanks for your review. Will address your comments.

miaoyq commented 6 years ago

@sboeuf Done. PTAL

sameo commented 6 years ago

LGTM

Approved with PullApprove Approved with PullApprove