From 03aaf056a5790784ccd82a4f9c366d72e228c29e Mon Sep 17 00:00:00 2001 From: Andrew Jeddeloh Date: Tue, 5 Jul 2016 13:17:01 -0700 Subject: [PATCH 1/3] flannel: fix resolv.conf issue Fix issue where flannel container did not have access to /etc/resolve.conf. --- .../coreos-overlay/app-admin/flannel/files/flanneld-rkt.service | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sdk_container/src/third_party/coreos-overlay/app-admin/flannel/files/flanneld-rkt.service b/sdk_container/src/third_party/coreos-overlay/app-admin/flannel/files/flanneld-rkt.service index 63a6a57139..4fef9682b2 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-admin/flannel/files/flanneld-rkt.service +++ b/sdk_container/src/third_party/coreos-overlay/app-admin/flannel/files/flanneld-rkt.service @@ -27,9 +27,11 @@ ExecStart=/usr/bin/rkt run --net=host \ --volume runsystemd,kind=host,source=/run/systemd,readOnly=false \ --volume runflannel,kind=host,source=/run/flannel,readOnly=false \ --volume ssl,kind=host,source=${ETCD_SSL_DIR},readOnly=true \ + --volume resolv,kind=host,source=/etc/resolv.conf,readOnly=true \ --mount volume=runsystemd,target=/run/systemd \ --mount volume=runflannel,target=/run/flannel \ --mount volume=ssl,target=${ETCD_SSL_DIR} \ + --mount volume=resolv,target=/etc/resolv.conf \ ${FLANNEL_IMG}:${FLANNEL_VER} \ -- --ip-masq=true From aa5dc9d80f46305289c917dec8adcdc115aa98eb Mon Sep 17 00:00:00 2001 From: Andrew Jeddeloh Date: Tue, 5 Jul 2016 13:18:53 -0700 Subject: [PATCH 2/3] flannel: fix ssl issue --- .../coreos-overlay/app-admin/flannel/files/flanneld-rkt.service | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sdk_container/src/third_party/coreos-overlay/app-admin/flannel/files/flanneld-rkt.service b/sdk_container/src/third_party/coreos-overlay/app-admin/flannel/files/flanneld-rkt.service index 4fef9682b2..3424453674 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-admin/flannel/files/flanneld-rkt.service +++ b/sdk_container/src/third_party/coreos-overlay/app-admin/flannel/files/flanneld-rkt.service @@ -27,10 +27,12 @@ ExecStart=/usr/bin/rkt run --net=host \ --volume runsystemd,kind=host,source=/run/systemd,readOnly=false \ --volume runflannel,kind=host,source=/run/flannel,readOnly=false \ --volume ssl,kind=host,source=${ETCD_SSL_DIR},readOnly=true \ + --volume certs,kind=host,source=/usr/share/ca-certificates,readOnly=true \ --volume resolv,kind=host,source=/etc/resolv.conf,readOnly=true \ --mount volume=runsystemd,target=/run/systemd \ --mount volume=runflannel,target=/run/flannel \ --mount volume=ssl,target=${ETCD_SSL_DIR} \ + --mount volume=certs,target=/etc/ssl/certs \ --mount volume=resolv,target=/etc/resolv.conf \ ${FLANNEL_IMG}:${FLANNEL_VER} \ -- --ip-masq=true From 6c15c817e31fbe431a27a1eecfa6f16ebb4c8bb8 Mon Sep 17 00:00:00 2001 From: Andrew Jeddeloh Date: Tue, 5 Jul 2016 13:19:30 -0700 Subject: [PATCH 3/3] flannel: fix ipmasq issue Fix issue where --ip-masq=true is passed to sh instead of flanneld. --- .../coreos-overlay/app-admin/flannel/files/flanneld-rkt.service | 1 + 1 file changed, 1 insertion(+) diff --git a/sdk_container/src/third_party/coreos-overlay/app-admin/flannel/files/flanneld-rkt.service b/sdk_container/src/third_party/coreos-overlay/app-admin/flannel/files/flanneld-rkt.service index 3424453674..c47a87aed6 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-admin/flannel/files/flanneld-rkt.service +++ b/sdk_container/src/third_party/coreos-overlay/app-admin/flannel/files/flanneld-rkt.service @@ -35,6 +35,7 @@ ExecStart=/usr/bin/rkt run --net=host \ --mount volume=certs,target=/etc/ssl/certs \ --mount volume=resolv,target=/etc/resolv.conf \ ${FLANNEL_IMG}:${FLANNEL_VER} \ + --exec /opt/bin/flanneld \ -- --ip-masq=true # Update docker options