|
@@ -8,10 +8,12 @@ services:
|
|
|
volumes:
|
|
volumes:
|
|
|
- '/var/run/docker.sock:/var/run/docker.sock'
|
|
- '/var/run/docker.sock:/var/run/docker.sock'
|
|
|
userns_mode: host
|
|
userns_mode: host
|
|
|
- #cap_add:
|
|
+ # > mount("/var/lib/kubelet", "/var/lib/kubelet", 0xc00097656c, MS_BIND, NULL) = -1 EPERM (Operation not permitted)
|
|
|
|
|
+ # > F0401 15:36:24.291067 8 kubelet.go:1413] error configuring root directory: failed to bind-mount /var/lib/kubelet: operation not permitted
|
|
|
|
|
+ cap_add:
|
|
|
|
|
+ - SYS_ADMIN
|
|
|
#- SYS_PTRACE
|
|
#- SYS_PTRACE
|
|
|
-
|
|
+ security_opt:
|
|
|
-# > mount("/var/lib/kubelet", "/var/lib/kubelet", 0xc00097656c, MS_BIND, NULL) = -1 EPERM (Operation not permitted)
|
|
+ - 'apparmor:unconfined'
|
|
|
-# > F0401 15:36:24.291067 8 kubelet.go:1413] error configuring root directory: failed to bind-mount /var/lib/kubelet: operation not permitted
|
|
|
|
|
|
|
|
|
|
# https://docs.docker.com/compose/compose-file/compose-file-v2/
|
|
# https://docs.docker.com/compose/compose-file/compose-file-v2/
|
