How can I add the `--privileged` flag of Docker to a Kubernetes pod spec container YAML definition

11/7/2019

In this question: Teamcity Build won't run until Build Agents is configured with Docker?

I had a problem with the teamcity-agent (Teamcity is a build server) deployment. These agents are the build runners and they come as their own pods. So back the days when I was just using Docker without K8s I used this command to run the container:

docker run -it -e SERVER_URL="<url to TeamCity server>"  \
    --privileged -e DOCKER_IN_DOCKER=start \    
    jetbrains/teamcity-agent 

So adding those environement vars to the K8s container definition wasn't that hard. I just had to define this spec part:

spec:
  containers:
    - name: teamcity-agent
      image: jetbrains/teamcity-agent:latest
      ports:
        - containerPort: 8111
      env:
        - name: SERVER_URL
          value: 10.0.2.205:8111
        - name: DOCKER_IN_DOCKER
          value: start

So now I want to have the --privileged flag as well. I found and article here link to guide which I did not really understood. I added

securityContext:
  allowPrivilegeEscalation: false // also tried 'true'

but it did not worked with that.

Can someone point out where to look at?

-- xetra11
docker
kubernetes

1 Answer

11/7/2019

I think you may use it like this

securityContext:
  privileged: true

see this

-- LinPy
Source: StackOverflow