Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Currently the `network/cni` isolator sets up the `pre_exec_command` for executors when a container needs to be launched on a non-host network. The `pre_exec_command` is `ifconfig lo up`. This is done to primarily bring loopback up in the new network namespace.
Setting up the `pre_exec_command` to bring loopback up is problematic since the executors PATH variable is generally very limited (doesn't contain all path that the agents PATH variable has due to security concerns).
Therefore instead of running `ifconfig lo up` in the `pre_exec_command` we should run it in `NetworkCniIsolatorSetup` subcommand, which runs with the same PATH variable as the agent.