K
Q

Docker and kubernetes capabilities

10/15/2019

i have a question and a problem about capabilities.

Why my program work when i run docker run --cap-add=NET_ADMIN... ? ( i don't have RTNETLINK problems and TC Network problems with ETH0)

And it's doesn't work if i run my program with file .yml which is:

  containers:
  - name: snake
    image: docker.io/kelysa/snake:lastest
    imagePullPolicy: Always
    securityContext:
      privileged: true
      capabilities:
        add: ["NET_ADMIN","NET_RAW"]

i have problems like RTNETLINK answers: No such file or directory

tc isn't available for interface eth0"
"NETWORK_BANDWIDTH requires traffic control (tc). 
CAP_NET_RAW,CAP_NET_ADMIN+ capability is also required, with modinfo sch_netem.

What is the difference between run docker with --cap-add and run a pod with the same capabilities ?

-- Julie
capability
docker
kubernetes
netlink
networking

Similar Questions

UnknownHostException when firewall is enabled in kubeadm
Difference between "cpu" and "requests.cpu"
cannot run kubectl, due to port conflicts but also cannot fix them with solutions online
Kubernetes check readinessProbe at Service/Deployment level
How to skip job run in a cron jobsetup if it fails twice

0 Answers