Bidirectional mount propagation for hostroot

[dougbtv]

Modifies the hostroot volume in the multus-daemonset-thick.yml example/quickstart deployment file from HostToContainer to Bidirectional. This change enables the volume to be accessible in both directions, which is necessary for users who need to share a mount with another container/pod.

This is motivated by the fact that in thin plugin mode, since all things were run on the host directly, CNI plugins wouldn't be limited by the mount propagation.

One example that has come up recently is userspace CNI interaction with kubevirt, and sharing the usage of the socket as mounted by kubevirt.

This does expose some level of risk (as noted in the mount propagation docs regarding changing of mounts), however, I don't believe it's significantly more than would've been the case in thin plugin mode.

References

• Kubernetes Volume Mount Propagation Documentation

[coveralls]

coverage: 63.116%. remained the same when pulling e45ee4105ae82d4fd659c12925a4ae9e78194c11 on dougbtv:hostroot-mount-propagation into 9f5c0239a804a90bf8913c9a386ca50eff9ce0cc on k8snetworkplumbingwg:master.

[github-actions[bot]]

This pull request is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 7 days.