From 75555b40e52ef7983fc5922aa90c3d4ca44bbd20 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Dulko?= <mdulko@redhat.com>
Date: Tue, 31 Mar 2020 11:29:33 +0200
Subject: [PATCH] Kuryr: Mount /run/netns to ensure netns access

openshift/machine-config-operator#1689 moves pod namespaces from
/proc into /run/netns. As Kuryr needs access to them in order to
manipulate interfaces, we need to mount the new directory and this
commit does that.

Note that CNI will pass /var/run/netns in netns paths, but /var/run is a
symlink to /run, so it should be just fine.
---
 bindata/network/kuryr/005-daemon.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/bindata/network/kuryr/005-daemon.yaml b/bindata/network/kuryr/005-daemon.yaml
index 190cb04f23..26eb3fb5e2 100644
--- a/bindata/network/kuryr/005-daemon.yaml
+++ b/bindata/network/kuryr/005-daemon.yaml
@@ -56,6 +56,9 @@ spec:
           mountPath: /host_proc
         - name: openvswitch
           mountPath: /var/run/openvswitch
+        - name: netns
+          mountPath: /run/netns
+          mountPropagation: HostToContainer
 {{ if (default true .DaemonEnableProbes) eq "true" }}
         readinessProbe:
           failureThreshold: 10
@@ -85,6 +88,9 @@ spec:
       - name: proc
         hostPath:
           path: /proc
+      - name: netns
+        hostPath:
+          path: /run/netns
       - name: openvswitch
         hostPath:
           path: /var/run/openvswitch