Skip to content

Commit 17fcb2e

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request #39385 from AkihiroSuda/rprivate
`mountPropagation: None` equates to `rprivate`, not `private`
2 parents c160ad7 + 8355f38 commit 17fcb2e

File tree

1 file changed

+9
-4
lines changed

1 file changed

+9
-4
lines changed

content/en/docs/concepts/storage/volumes.md

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1282,8 +1282,13 @@ in `Container.volumeMounts`. Its values are:
12821282
In similar fashion, no mounts created by the container will be visible on
12831283
the host. This is the default mode.
12841284

1285-
This mode is equal to `private` mount propagation as described in the
1286-
[Linux kernel documentation](https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt)
1285+
This mode is equal to `rprivate` mount propagation as described in
1286+
[`mount(8)`](https://man7.org/linux/man-pages/man8/mount.8.html)
1287+
1288+
However, the CRI runtime may choose `rslave` mount propagation (i.e.,
1289+
`HostToContainer`) instead, when `rprivate` propagation is not applicable.
1290+
cri-dockerd (Docker) is known to choose `rslave` mount propagation when the
1291+
mount source contains the Docker daemon's root directory (`/var/lib/docker`).
12871292

12881293
* `HostToContainer` - This volume mount will receive all subsequent mounts
12891294
that are mounted to this volume or any of its subdirectories.
@@ -1296,7 +1301,7 @@ in `Container.volumeMounts`. Its values are:
12961301
propagation will see it.
12971302

12981303
This mode is equal to `rslave` mount propagation as described in the
1299-
[Linux kernel documentation](https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt)
1304+
[`mount(8)`](https://man7.org/linux/man-pages/man8/mount.8.html)
13001305

13011306
* `Bidirectional` - This volume mount behaves the same the `HostToContainer` mount.
13021307
In addition, all volume mounts created by the container will be propagated
@@ -1306,7 +1311,7 @@ in `Container.volumeMounts`. Its values are:
13061311
a Pod that needs to mount something on the host using a `hostPath` volume.
13071312

13081313
This mode is equal to `rshared` mount propagation as described in the
1309-
[Linux kernel documentation](https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt)
1314+
[`mount(8)`](https://man7.org/linux/man-pages/man8/mount.8.html)
13101315

13111316
{{< warning >}}
13121317
`Bidirectional` mount propagation can be dangerous. It can damage

0 commit comments

Comments
 (0)