diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index ea2fde1502..f1bcabf40f 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -615,7 +615,7 @@ func Inherit(infra libpod.Container, s *specgen.SpecGenerator, rt *libpod.Runtim } // this causes errors when shmSize is the default value, it will still get passed down unless we manually override. - if s.IpcNS.NSMode == specgen.Host && (compatibleOptions.ShmSize != nil && compatibleOptions.IsDefaultShmSize()) { + if inheritSpec.IpcNS.NSMode == specgen.Host && (compatibleOptions.ShmSize != nil && compatibleOptions.IsDefaultShmSize()) { s.ShmSize = nil } return options, infraSpec, compatibleOptions, nil diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go index 5186a2f722..8564cb01f3 100644 --- a/pkg/specgen/generate/kube/kube.go +++ b/pkg/specgen/generate/kube/kube.go @@ -16,6 +16,7 @@ import ( "github.com/containers/common/libimage" "github.com/containers/common/libnetwork/types" + "github.com/containers/common/pkg/config" "github.com/containers/common/pkg/parse" "github.com/containers/common/pkg/secrets" cutil "github.com/containers/common/pkg/util" @@ -145,6 +146,21 @@ type CtrSpecGenOptions struct { func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGenerator, error) { s := specgen.NewSpecGenerator(opts.Container.Image, false) + rtc, err := config.Default() + if err != nil { + return nil, err + } + + if s.CgroupsMode == "" { + s.CgroupsMode = rtc.Cgroups() + } + if len(s.ImageVolumeMode) == 0 { + s.ImageVolumeMode = rtc.Engine.ImageVolumeMode + } + if s.ImageVolumeMode == "bind" { + s.ImageVolumeMode = "anonymous" + } + // pod name should be non-empty for Deployment objects to be able to create // multiple pods having containers with unique names if len(opts.PodName) < 1 { @@ -196,7 +212,7 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener s.InitContainerType = opts.InitContainerType setupSecurityContext(s, opts.Container.SecurityContext, opts.PodSecurityContext) - err := setupLivenessProbe(s, opts.Container, opts.RestartPolicy) + err = setupLivenessProbe(s, opts.Container, opts.RestartPolicy) if err != nil { return nil, fmt.Errorf("failed to configure livenessProbe: %w", err) } diff --git a/test/e2e/config/containers-cgroup.conf b/test/e2e/config/containers-cgroup.conf new file mode 100644 index 0000000000..220c1f850c --- /dev/null +++ b/test/e2e/config/containers-cgroup.conf @@ -0,0 +1,12 @@ +[containers] +netns="host" +userns="host" +ipcns="host" +utsns="host" +cgroupns="host" +cgroups="disabled" +log_driver = "k8s-file" +[engine] +cgroup_manager = "cgroupfs" +events_logger="file" +runtime="crun" diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go index c85f4813c0..9f74ecc681 100644 --- a/test/e2e/play_kube_test.go +++ b/test/e2e/play_kube_test.go @@ -175,8 +175,19 @@ spec: volumes: - name: foo secret: - secretName: oldsecret -` + secretName: oldsecret` + +var simplePodYaml = ` +apiVersion: v1 +kind: Pod +metadata: + name: libpod-test +spec: + containers: + - image: quay.io/libpod/alpine_nginx:latest + command: + - sleep + - "3600"` var unknownKindYaml = ` apiVersion: v1 @@ -4376,4 +4387,13 @@ ENV OPENJ9_JAVA_OPTIONS=%q deleteAndTestSecret(podmanTest, "newsecret") }) + It("podman play kube with disabled cgroup", func() { + os.Setenv("CONTAINERS_CONF", "config/containers-cgroup.conf") + err := writeYaml(simplePodYaml, kubeYaml) + Expect(err).To(BeNil()) + + kube := podmanTest.Podman([]string{"play", "kube", kubeYaml}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + }) })