SYS_TIME功能现在可在kubernetes中使用 [英] SYS_TIME capability now working in kubernetes
本文介绍了SYS_TIME功能现在可在kubernetes中使用的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
当我在下面的安全上下文中创建了具有更改系统时间权限的Pod时,就会出错
When I created a pod with below security context having permission to change system time am getting error
apiVersion: v1
kind: Pod
metadata:
name: ubuntu-sleeper
namespace: default
spec:
containers:
- command:
- sleep
- "4800"
image: ubuntu
securityContext:
runAsUser: 1010
capabilities:
add: ["SYS_TIME"]
name: ubuntu
我遇到了无法设置日期操作的错误.
I am getting error that cant set date operation not permitted.
master $ kubectl create -f ubu.yml
pod/ubuntu-sleeper created
master $ kubectl exec -it ubuntu-sleeper -- date -s '19 APR 2012 11:14:00'
date: cannot set date: Operation not permitted
Thu Apr 19 11:14:00 UTC 2012
command terminated with exit code 1
master $
推荐答案
要更改系统时间,您将必须以root用户身份运行容器:
To change system time, you will have to run the container as root:
apiVersion: v1
kind: Pod
metadata:
name: ubuntu-sleeper
namespace: default
spec:
containers:
- command:
- sleep
- "4800"
image: ubuntu
securityContext:
capabilities:
add: ["SYS_TIME"]
name: ubuntu
这篇关于SYS_TIME功能现在可在kubernetes中使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
