Merge pull request kubernetes-sigs#2619 from aojea/fuse

only mount /dev/fuse for rootless
tnqn · Feb 4, 2022 · c117f59 · c117f59
2 parents 666b336 + 069242b
commit c117f59
Showing 3 changed files with 21 additions and 8 deletions.
diff --git a/pkg/cluster/internal/providers/docker/provision.go b/pkg/cluster/internal/providers/docker/provision.go
@@ -194,6 +194,14 @@ func commonArgs(cluster string, cfg *config.Cluster, networkName string, nodeNam
 		args = append(args, "--volume", "/dev/mapper:/dev/mapper")
 	}
 
+	// rootless: use fuse-overlayfs by default
+	// https://github.com/kubernetes-sigs/kind/issues/2275
+	i, _ := info()
+	if i != nil && i.Rootless {
+		// enable /dev/fuse explicitly for fuse-overlayfs
+		// (Rootless Docker does not automatically mount /dev/fuse with --privileged)
+		args = append(args, "--device", "/dev/fuse")
+	}
 	return args, nil
 }
 
@@ -223,9 +231,6 @@ func runArgsForNode(node *config.Node, clusterIPFamily config.ClusterIPFamily, n
 		"--volume", "/lib/modules:/lib/modules:ro",
 		// propagate KIND_EXPERIMENTAL_CONTAINERD_SNAPSHOTTER to the entrypoint script
 		"-e", "KIND_EXPERIMENTAL_CONTAINERD_SNAPSHOTTER",
-		// enable /dev/fuse explicitly for fuse-overlayfs
-		// (Rootless Docker does not automatically mount /dev/fuse with --privileged)
-		"--device", "/dev/fuse",
 	},
 		args...,
 	)

diff --git a/pkg/cluster/internal/providers/podman/provider.go b/pkg/cluster/internal/providers/podman/provider.go
@@ -430,8 +430,10 @@ func info(logger log.Logger) (*providers.ProviderInfo, error) {
 		SupportsCPUShares:   cgroupSupportsCPUShares,
 	}
 	if info.Rootless && !v.AtLeast(version.MustParseSemantic("4.0.0")) {
-		logger.Warn("Cgroup controller detection is not implemented for Podman. " +
-			"If you see cgroup-related errors, you might need to set systemd property \"Delegate=yes\", see https://kind.sigs.k8s.io/docs/user/rootless/")
+		if logger != nil {
+			logger.Warn("Cgroup controller detection is not implemented for Podman. " +
+				"If you see cgroup-related errors, you might need to set systemd property \"Delegate=yes\", see https://kind.sigs.k8s.io/docs/user/rootless/")
+		}
 	}
 	return info, nil
 }
diff --git a/pkg/cluster/internal/providers/podman/provision.go b/pkg/cluster/internal/providers/podman/provision.go
@@ -148,6 +148,15 @@ func commonArgs(cfg *config.Cluster, networkName string) ([]string, error) {
 		args = append(args, "--volume", "/dev/mapper:/dev/mapper")
 	}
 
+	// rootless: use fuse-overlayfs by default
+	// https://github.com/kubernetes-sigs/kind/issues/2275
+	i, _ := info(nil)
+	if i != nil && i.Rootless {
+		// enable /dev/fuse explicitly for fuse-overlayfs
+		// (Rootless Podman does not automatically mount /dev/fuse with --privileged)
+		args = append(args, "--device", "/dev/fuse")
+	}
+
 	return args, nil
 }
 
@@ -186,9 +195,6 @@ func runArgsForNode(node *config.Node, clusterIPFamily config.ClusterIPFamily, n
 		"--volume", "/lib/modules:/lib/modules:ro",
 		// propagate KIND_EXPERIMENTAL_CONTAINERD_SNAPSHOTTER to the entrypoint script
 		"-e", "KIND_EXPERIMENTAL_CONTAINERD_SNAPSHOTTER",
-		// enable /dev/fuse explicitly for fuse-overlayfs
-		// (Rootless Podman does not automatically mount /dev/fuse with --privileged)
-		"--device", "/dev/fuse",
 	},
 		args...,
 	)