Ask Your Question
0

Zun container privileged mode with heat stack

asked 2020-03-05 10:25:25 -0600

akarki gravatar image

Hi, I am trying to spawn zun containers via heat stack. I don't see any support for privileged parameter in the documentation. Is there any way out to enable it.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2020-03-05 11:23:02 -0600

zaneb gravatar image

There isn't, you would have to patch Heat.

Normally I'd suggest submitting a patch upstream, but in this case it's unlikely to be widely useful. The default policy in Zun for creating privileged containers is rule:deny_everybody.

edit flag offensive delete link more

Comments

About the patch I already created policy file as well as added privilege in heat zun container.py but it says zun client privilege mode was added in 1.21 but version using is 1.12. However python-zunclient version is 3.5 .. confused now

akarki gravatar imageakarki ( 2020-03-05 11:40:48 -0600 )edit

The 1.21 looks like an API version, and 3.5 appears to be your python-zunclient version. Therefore, they are totally different things. See: https://blueprints.launchpad.net/zun/...

hongbin034 gravatar imagehongbin034 ( 2020-03-05 12:11:19 -0600 )edit
1

By default, Heat is using API version 1.12: https://github.com/openstack/heat/blo... , but you can use a newer API version like: "self.client(version=self.V1_36).containers.xxx"

hongbin034 gravatar imagehongbin034 ( 2020-03-05 12:13:47 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2020-03-05 10:25:25 -0600

Seen: 84 times

Last updated: Mar 05 '20