Hello,
I would like to share the shared memory (/dev/shm) between pods. Everything is running in privileged mode. Does privileged mode make a difference ? What is the isolation between pods in terms of process and network namespaces ?
Cluster information:
Kubernetes version: 1.16
Cloud being used: bare-metal (kubeadm)
Installation method: apt-get
Host OS: Debian 16.04
CNI and version: Flannel 0.3.1
Thanks!
You can both share the hostIPC
namespace and use shm that way, but there isn’t a way to link 2 isolated pod IPC spaces together.
Sorry for my dum question…
Am I correct that the PODS will not be able to write/read the same shared memory (ie they are isolated) ?
If you DO NOT use hostIPC
, then the pods can not use shared memory
to each other.
If you DO use hostIPC
then any hostIPC
pod can use shared memory
with any other hostIPC
pod.
Thanks! But meaning that if PODs are not forced to be collocated on the same node things will break.
That’s right. In general, what you are asking for is the opposite of what we recommend (it has high coupling). But there are (rare) cases where it makes sense.
Thanks!! It’s clear now to me.