Allowing K8S daemonset to exist in the global pid namespace
Question
I'm trying to configure a daemonset to run on the global pid namespace resulting the ability to see other processes in the host, including the containers' processes.
I couldn't find an option to achieve this. In general, what I'm looking for is close to the sidecar container shareProcessNamespace attribute only on the host level.
1 answers
solution1
2 ACCPTED 2021-05-06 10:39:04
There is an attribute that allows this - hostPID: true
So the yaml file should looks something like that:
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: busybox
spec:
selector:
matchLabels:
name: busybox
template:
metadata:
labels:
name: busybox
spec:
hostPID: true
containers:
- name: busybox
image: busybox
command: [ "sh", "-c", "sleep 1h" ]
More info in:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
K8s Service as DaemonSet
K8s DaemonSet stills restart
K8s Daemonset Pod Placement
2 different services for same DaemonSet K8s
Telepresence fails, saying my namespace doesn't exist, pointing to problems with my k8s context
subdomain per branch/namespace on K8S
Livy on K8S, namespace restriction
Delete k8s namespace - possibility to recover
k8s / namespaces - Create “child” namespace
Unable to delete a k8s namespace
Related Tags