+++ This bug was initially created as a clone of Bug #1558564 +++ Description of problem: Mounting sockets or special files from subpaths fails. Version-Release number of selected component (if applicable): 3.9.x How reproducible: Steps to Reproduce: 1. Create a pod definition that uses "/" as hostPath. 2. Try and mount something like "/run/docker.sock" as a subpath within a container. 3. The pod will fail to start The reason of this regression is - openat system call being used on https://github.com/kubernetes/kubernetes/blob/master/pkg/util/mount/mount_linux.go#L1138 does not work for special files like Unix sockets and it will throw - Errno::ENXIO: No such device or address /run/docker.sock Actual results: The pod fails to start Expected results: The pod should start --- Additional comment from Hemant Kumar on 2018-03-20 10:34:25 EDT --- For now, while we make the fix. One possible workaround is to directly mount "/run/docker.sock" via a new volume entry and a new VolumeMounts entry that does not uses subpath. Something like: VolumeMounts: [ { mountPath: "/run/docker.sock", name: docker_sock, readOnly: true} ], volumes: [ { name: docker_sock, hostPath: { path: "/run/docker.sock", type: "" }, ] --- Additional comment from Hemant Kumar on 2018-03-22 16:41:08 EDT --- PR upstream for the fix https://github.com/kubernetes/kubernetes/pull/61480 --- Additional comment from Hemant Kumar on 2018-03-26 11:30:50 EDT --- Opened PR for Openshift/origin - https://github.com/openshift/origin/pull/19100
I created this BZ for making sure that subpath socket fix is available in 3.10 - but there is no 3.10 target release available in Bugzilla. The bug in 3.9 has been fixed and merged already - https://bugzilla.redhat.com/show_bug.cgi?id=1558564
Also for the record. This fix is not available in origin/master currently - so I need a target release which accurately reflects the bug or we can close this bug but in that case we lose track of fixes we need to backport to 3.10...
PR for fixing in origin-3.10 , https://github.com/openshift/origin/pull/19329
Tested on below version: openshift v3.10.0-0.47.0 kubernetes v1.10.0+b81c8f8 This bug is fixed # cat pod.yaml kind: Pod apiVersion: v1 metadata: name: testpod spec: containers: - name: testpod image: aosqe/hello-openshift ports: - containerPort: 80 name: "http-server" volumeMounts: - mountPath: "/mnt/run/docker.sock" subPath: "run/docker.sock" name: file volumes: - name: file hostPath: path: "/" # oc exec testpod -- ls /mnt/run/docker.sock -l srw-rw---- 1 root root 0 May 17 02:09 /mnt/run/docker.sock
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:1816