Skip to content

Commit

Permalink
[WIP] Selinux Mounts
Browse files Browse the repository at this point in the history 
Signed-off-by: Connor Catlett <[email protected]>
  • Loading branch information
@ConnorJC3
ConnorJC3 committed Dec 4, 2024
1 parent 39822b5 commit 2acf2f6
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 0 deletions.
14 changes: 14 additions & 0 deletions charts/aws-ebs-csi-driver/templates/_node.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,10 @@ spec:
mountPath: /csi
- name: device-dir
mountPath: /dev
- name: selinux-sysfs
mountPath: /sys/fs/selinux
- name: selinux-config
mountPath: /etc/selinux/config
{{- with .Values.node.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
Expand Down Expand Up @@ -244,6 +248,16 @@ spec:
hostPath:
path: /dev
type: Directory
- name: selinux-sysfs
hostPath:
path: /sys/fs/selinux
type: Directory
readOnly: true
- name: selinux-config
hostPath:
path: /etc/selinux/config
type: File
readOnly: true
- name: probe-dir
{{- if .Values.node.probeDirVolume }}
{{- toYaml .Values.node.probeDirVolume | nindent 10 }}
Expand Down
14 changes: 14 additions & 0 deletions deploy/kubernetes/base/node.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,10 @@ spec:
mountPath: /csi
- name: device-dir
mountPath: /dev
- name: selinux-sysfs
mountPath: /sys/fs/selinux
- name: selinux-config
mountPath: /etc/selinux/config
ports:
- name: healthz
containerPort: 9808
Expand Down Expand Up @@ -175,5 +179,15 @@ spec:
hostPath:
path: /dev
type: Directory
- name: selinux-sysfs
hostPath:
path: /sys/fs/selinux
type: Directory
readOnly: true
- name: selinux-config
hostPath:
path: /etc/selinux/config
type: File
readOnly: true
- name: probe-dir
emptyDir: {}

0 comments on commit 2acf2f6

Please sign in to comment.