[3.7] UPSTREAM: 51634: Revert to using isolated PID namespaces in Docker #17722
Conversation
openshift-merge-robot
added
the
vendor-update
openshift-ci-robot
added
the
size/XS
|
This PR had 2 commits in it. I don't know if we need the 2nd one or not?? |
|
I've just realized that OCP 3.7 removed docker-1.13 from the versions that are excluded. Should we add it back in? Also, it's worth noting that once RHEL7 ships docker-1.13 and RHEL AH is updated there will be no way for RHEL AH users to downgrade to 1.12. |
All the rest of the changes where to |
IMO, no. Adding it back will just cause Fedora not to work with openshift-ansible right? Downgrading is not a viable option in my mind. 1.13 is coming to EL eventually. Might as well get some soak time to flush out issues like this one. |
Right, adding it to origin 3.7 would break openshift-ansible on Fedora. I think getting Origin 3.7 soak time with docker-1.13 on Fedora is great, however we can differentiate between Origin and supported versions under OCP. If we're not going to block docker-1.13 in OCP 3.7 then we're saying it will be fully supported, which would be my preference, but I don't know if that's our official stance. I can't tie all of openshift-ansible's problems back to enforcing maximum docker versions but it's certainly led to some of the most complicated code in the project. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: sjenning Assign the PR to them by writing The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
|
/retest |
sjenning
changed the title
|
/retest @derekwaynecarr PTA |
|
@sjenning: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
FWIW from the last release:
So that's not true. Slowly but surely going from "you can't do that" to "you can but it may not be documented well" heading towards "you can do it and it's awesome" 😉 |
|
LGTM |
kubernetes/kubernetes#51634
fixes openshift/openshift-ansible#6431
The upstream pick is a revert the shared PID namespacing being on by default. Unfortunately, it made the change for kube 1.8 and later but not 1.7 and therefore it is on by default in Origin 3.7 when using docker 1.13. This causes issues for glusterfs kubernetes/kubernetes#48937
@derekwaynecarr @dustymabe @sdodson