manifests: updater mount the directory, not the socket

Quoting kube docs: ``` when accessing the `/var/lib/kubelet/pod-resources/kubelet.sock` from DaemonSet or any other app deployed as a container on the host, which is mounting socket as a volume, it is a good practice to mount directory `/var/lib/kubelet/pod-resources/` instead of the `/var/lib/kubelet/pod-resources/kubelet.sock`. This will ensure that after kubelet restart, container will be able to re-connect to this socket. Container mounts are managed by inode referencing the socket or directory, depending on what was mounted. When kubelet restarts, socket is deleted and a new socket is created, while directory stays untouched. So the original inode for the socket become unusable. Inode to directory will continue working. ``` Signed-off-by: Francesco Romani <[email protected]>
k8stopologyawareschedwg · Aug 2, 2023 · 6edffb0 · 6edffb0
1 parent 5fdf71f
commit 6edffb0
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 9 deletions.
diff --git a/pkg/manifests/yaml/nfd/topologyupdater/daemonset.yaml b/pkg/manifests/yaml/nfd/topologyupdater/daemonset.yaml
@@ -39,8 +39,8 @@ spec:
           volumeMounts:
             - mountPath: /host-var/lib/kubelet/config.yaml
               name: kubelet-podresources-conf
-            - mountPath: /host-var/lib/kubelet/pod-resources/kubelet.sock
-              name: kubelet-podresources-sock
+            - mountPath: /host-var/lib/kubelet/pod-resources
+              name: kubelet-podresources-dir
             - mountPath: /host-sys
               name: host-sys
       dnsPolicy: ClusterFirstWithHostNet
@@ -53,5 +53,5 @@ spec:
             path: /var/lib/kubelet/config.yaml
           name: kubelet-podresources-conf
         - hostPath:
-            path: /var/lib/kubelet/pod-resources/kubelet.sock
-          name: kubelet-podresources-sock
+            path: /var/lib/kubelet/pod-resources
+          name: kubelet-podresources-dir
diff --git a/pkg/manifests/yaml/rte/daemonset.yaml b/pkg/manifests/yaml/rte/daemonset.yaml
@@ -45,16 +45,16 @@ spec:
           - name: host-sys
             mountPath: "/host-sys"
             readOnly: true
-          - name: host-podresources-socket
-            mountPath: "/host-podresources-socket/kubelet.sock"
+          - name: host-podresources-dir
+            mountPath: "/host-podresources-socket"
       - name: shared-pool-container
         image: gcr.io/google_containers/pause-amd64:3.0
       volumes:
       - name: host-sys
         hostPath:
           path: "/sys"
           type: Directory
-      - name: host-podresources-socket
+      - name: host-podresources-dir
         hostPath:
-          path: "/var/lib/kubelet/pod-resources/kubelet.sock"
-          type: Socket
+          path: "/var/lib/kubelet/pod-resources"
+          type: Directory