mirror of
https://github.com/kubernetes/kubernetes.git
synced 2026-04-27 09:10:12 -04:00
5f7e611f73
Now if a pod tries to use user namespaces (hostUsers: false) and a volume device, it will see this error: $ kubectl apply -f pod.yaml ... * spec.ephemeralContainers[0].volumeDevices: Forbidden: when `pod.Spec.HostUsers` is false * spec.initContainers[0].volumeDevices: Forbidden: when `pod.Spec.HostUsers` is false * spec.containers[0].volumeDevices: Forbidden: when `pod.Spec.HostUsers` is false Note that if a pod is already created with volumeDevices and userns, then we allow modifications to that object. Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com> |
||
|---|---|---|
| .. | ||
| testing | ||
| OWNERS | ||
| util.go | ||
| util_test.go | ||
| warnings.go | ||
| warnings_test.go | ||