diff options
author | Rodolfo Alonso Hernandez <rodolfo.alonso.hernandez@intel.com> | 2018-05-04 08:44:56 +0100 |
---|---|---|
committer | Rodolfo Alonso Hernandez <rodolfo.alonso.hernandez@intel.com> | 2018-05-09 17:47:18 +0100 |
commit | 88ae51b812da8547a6be0a67b31f72c230f5b9fe (patch) | |
tree | d83fe7486f63bcd1da481c092070e303ad50475c /samples/ping-one-exising-network.yaml | |
parent | 6458b5ec9ea5bdac5b60f2edde8decefae16422f (diff) |
Avoid "volumeMounts" with "configMap" fixed permissions
To access to the container without using a password, the jumphost
RSA public key is copied to each container, using "volumeMounts"
defined as "configMap", to /root/.ssh/authorized_keys.
To work properly, the following permissions must be set:
- /root/.ssh: 700
- /root/.ssh/authorized_keys: 600
Because of [1][2], the mounted folders have fixed permissions and
cannot be modified.
[1]https://groups.google.com/forum/#!topic/kubernetes-dev/eTnfMJSqmaM
[2]https://github.com/kubernetes/kubernetes/issues/28317
JIRA: YARDSTICK-1149
Change-Id: I821064da56699c5b4f509d233c33e55af119fd56
Signed-off-by: Rodolfo Alonso Hernandez <rodolfo.alonso.hernandez@intel.com>
Diffstat (limited to 'samples/ping-one-exising-network.yaml')
0 files changed, 0 insertions, 0 deletions