From 19dfa0c2b025a6aa9d260df13b16b7754110d01c Mon Sep 17 00:00:00 2001
From: Oleksii Kliukin <oleksii.kliukin@zalando.de>
Date: Tue, 4 Apr 2017 16:52:52 +0200
Subject: [PATCH] Run pod in a privileged securityContext.

This is necessary in order to access devices from the pod.
The target is to be able to run resize2fs on a pod itself.
---
 pkg/cluster/k8sres.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/pkg/cluster/k8sres.go b/pkg/cluster/k8sres.go
index 65db3ab49..968495f0b 100644
--- a/pkg/cluster/k8sres.go
+++ b/pkg/cluster/k8sres.go
@@ -105,7 +105,7 @@ bootstrap:
   - hostssl   all all all md5`, pgVersion, c.OpConfig.PamRoleName, c.OpConfig.PamRoleName),
 		},
 	}
-
+	privilegedMode := bool(true)
 	container := v1.Container{
 		Name:            c.Metadata.Name,
 		Image:           c.OpConfig.DockerImage,
@@ -134,6 +134,9 @@ bootstrap:
 			},
 		},
 		Env: envVars,
+		SecurityContext: &v1.SecurityContext{
+			Privileged: &privilegedMode,
+		},
 	}
 	terminateGracePeriodSeconds := int64(30)