Skip to content

Commit

Permalink
Merge pull request kubernetes-sigs#1183 from BenTheElder/unarmored
Browse files Browse the repository at this point in the history 
disable apparmor confinement for kind nodes
  • Loading branch information
@k8s-ci-robot
k8s-ci-robot authored Dec 18, 2019
2 parents 68779ae + f2d05cd commit fb4f3ba
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions pkg/cluster/internal/providers/docker/provision.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -164,6 +164,7 @@ func runArgsForNode(node *config.Node, name string, args []string) []string {
// for now this is what we want. in the future we may revisit this.
"--privileged",
"--security-opt", "seccomp=unconfined", // also ignore seccomp
"--security-opt", "apparmor=unconfined", // also ignore apparmor
// runtime temporary storage
"--tmpfs", "/tmp", // various things depend on working /tmp
"--tmpfs", "/run", // systemd wants a writable /run
Expand Down

0 comments on commit fb4f3ba

Please sign in to comment.