github/docker-labs
1
0
Fork 0
mirror of https://github.com/bingohuang/docker-labs.git synced 2025-07-15 18:57:28 +08:00
Code Issues Releases Wiki Activity

Apply apparmor profile if env variable is present

Browse Source
This commit is contained in:
Marcos Lilljedahl 2016-12-28 14:40:19 -03:00
parent dea778440e
commit b48812b085
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
services/docker.go
View File

@ -4,6 +4,7 @@ import (
"fmt" "fmt"
"io" "io"
"log" "log"
"os"
"strings" "strings"
"github.com/docker/docker/api/types" "github.com/docker/docker/api/types"
@ -181,6 +182,10 @@ func ResizeConnection(name string, cols, rows uint) error {
func CreateInstance(session *Session, dindImage string) (*Instance, error) { func CreateInstance(session *Session, dindImage string) (*Instance, error) {
h := &container.HostConfig{NetworkMode: container.NetworkMode(session.Id), Privileged: true} h := &container.HostConfig{NetworkMode: container.NetworkMode(session.Id), Privileged: true}
if os.Getenv("APPARMOR_PROFILE") != "" {
h.SecurityOpt = []string{fmt.Sprintf("apparmor=%s", os.Getenv("APPARMOR_PROFILE"))}
}
h.Resources.PidsLimit = int64(500) h.Resources.PidsLimit = int64(500)
h.Resources.Memory = 4092 * Megabyte h.Resources.Memory = 4092 * Megabyte
t := true t := true