revert back to persisting all of /var

pkg/cluster/internal/providers/docker/provision.go

@@ -236,9 +236,7 @@ func runArgsForNode(node *config.Node, clusterIPFamily config.ClusterIPFamily, n
 		// filesystem, which is not only better for performance, but allows
 		// running kind in kind for "party tricks"
 		// (please don't depend on doing this though!)
-		"--volume", "/var/lib/containerd",
-		"--volume", "/var/lib/kubelet",
-		"--volume", "/var/log",
+		"--volume", "/var",
 		// some k8s things want to read /lib/modules
 		"--volume", "/lib/modules:/lib/modules:ro",
 	},

pkg/cluster/internal/providers/podman/provision.go

@@ -164,17 +164,7 @@ func commonArgs(cfg *config.Cluster) ([]string, error) {
 func runArgsForNode(node *config.Node, clusterIPFamily config.ClusterIPFamily, name string, args []string) ([]string, error) {
 	// Pre-create anonymous volumes to enable specifying mount options
 	// during container run time
-	containerdVolume, err := createAnonymousVolume(name)
-	if err != nil {
-		return nil, err
-	}
-
-	kubeletVolume, err := createAnonymousVolume(name)
-	if err != nil {
-		return nil, err
-	}
-
-	logVolume, err := createAnonymousVolume(name)
+	varVolume, err := createAnonymousVolume(name)
 	if err != nil {
 		return nil, err
 	}
@@ -203,9 +193,7 @@ func runArgsForNode(node *config.Node, clusterIPFamily config.ClusterIPFamily, n
 		// suid: SUID applications on the volume will be able to change their privilege
 		// exec: executables on the volume will be able to executed within the container
 		// dev: devices on the volume will be able to be used by processes within the container
-		"--volume", fmt.Sprintf("%s:/var/lib/containerd:suid,exec,dev", containerdVolume),
-		"--volume", fmt.Sprintf("%s:/var/lib/kubelet:suid,exec,dev", kubeletVolume),
-		"--volume", fmt.Sprintf("%s:/var/log:suid,exec,dev", logVolume),
+		"--volume", fmt.Sprintf("%s:/var:suid,exec,dev", varVolume),
 		// some k8s things want to read /lib/modules
 		"--volume", "/lib/modules:/lib/modules:ro",
 	},