Add userns_mode docker config option

Fixes #1904
This commit is contained in:
Michael Schurter 2016-11-04 16:53:56 -07:00
parent 06bc740371
commit b1a01a9a0f
3 changed files with 10 additions and 0 deletions

View file

@ -39,6 +39,7 @@ IMPROVEMENTS:
* driver/docker: Docker For Mac support [GH-1806]
* driver/docker: Support Docker volumes [GH-1767]
* driver/docker: Allow Docker logging to be configured [GH-1767]
* driver/docker: Add `userns_mode` (`--userns`) support [GH-]
* driver/lxc: Support for LXC containers [GH-1699]
* driver/rkt: Support network configurations [GH-1862]
* driver/rkt: Support rkt volumes (rkt >= 1.0.0 required) [GH-1812]

View file

@ -103,6 +103,7 @@ type DockerDriverConfig struct {
NetworkMode string `mapstructure:"network_mode"` // The network mode of the container - host, nat and none
PidMode string `mapstructure:"pid_mode"` // The PID mode of the container - host and none
UTSMode string `mapstructure:"uts_mode"` // The UTS mode of the container - host and none
UsernsMode string `mapstructure:"userns_mode"` // The User namespace mode of the container - host and none
PortMapRaw []map[string]int `mapstructure:"port_map"` //
PortMap map[string]int `mapstructure:"-"` // A map of host port labels and the ports exposed on the container
Privileged bool `mapstructure:"privileged"` // Flag to run the container in privileged mode
@ -215,6 +216,9 @@ func (d *DockerDriver) Validate(config map[string]interface{}) error {
"uts_mode": &fields.FieldSchema{
Type: fields.TypeString,
},
"userns_mode": &fields.FieldSchema{
Type: fields.TypeString,
},
"port_map": &fields.FieldSchema{
Type: fields.TypeArray,
},
@ -543,6 +547,7 @@ func (d *DockerDriver) createContainer(ctx *ExecContext, task *structs.Task,
hostConfig.IpcMode = driverConfig.IpcMode
hostConfig.PidMode = driverConfig.PidMode
hostConfig.UTSMode = driverConfig.UTSMode
hostConfig.UsernsMode = driverConfig.UsernsMode
hostConfig.NetworkMode = driverConfig.NetworkMode
if hostConfig.NetworkMode == "" {

View file

@ -114,6 +114,10 @@ The `docker` driver supports the following configuration in the job spec:
the UTS namespace with the host. Note that this also requires the Nomad agent
to be configured to allow privileged containers.
* `userns_mode` - (Optional) `host` or not set (default). Set to `host` to use
the host's user namespace when user namespace remapping is enabled on the
docker daemon.
* `network_mode` - (Optional) The network mode to be used for the container. In
order to support userspace networking plugins in Docker 1.9 this accepts any
value. The default is `bridge` for all operating systems but Windows, which