[Devel] [PATCH rh7 0/8] enable running Kubernetes inside a Container
Konstantin Khorenko
khorenko at virtuozzo.com
Fri Feb 21 19:07:23 MSK 2020
Here are various enhancements to make it possible to run unpatched Kubernetes
inside a Virtuozzo Container.
Note: kernel enhancements are not enough, some additional work on userspace
level is required as well.
Only one configuration is tested up to now: default k8s installation with Weave
net plugin. Other configurations - TBD.
https://jira.sw.ru/browse/PSBM-92107
Konstantin Khorenko (8):
ve/net/bridge: make net.bridge.* sysctl visible in Containers (r/o)
configs: provide kernel config via proc
ve/procfs: make /proc/config.gz visible inside Containers
openvswitch: allow to create ovs bridges inside Containers
net: export "net/*/neigh/*/*" sysctls for Container
proc/pid: Don't show kernel threads inside Containers
ve/bridge: handle netlink messages AF_BRIDGE / RTM_[GSD]ETLINK sent
from inside a Container
ve/proc/block: show /proc/diskstats inside a Container
block/genhd.c | 8 +-
configs/kernel-3.10.0-x86_64-debug-minimal.config | 2 +-
configs/kernel-3.10.0-x86_64-debug.config | 3 +
configs/kernel-3.10.0-x86_64-minimal.config | 2 +-
configs/kernel-3.10.0-x86_64.config | 3 +
fs/proc/base.c | 4 +
include/net/netns/conntrack.h | 1 +
kernel/configs.c | 2 +-
kernel/ve/ve.c | 3 +
net/bridge/br_netfilter_hooks.c | 107 +++++++++++++++++++---
net/core/neighbour.c | 4 +-
net/openvswitch/vport-internal_dev.c | 3 +-
12 files changed, 120 insertions(+), 22 deletions(-)
--
2.15.1
More information about the Devel
mailing list