Compatibility notes - Container Service for Kubernetes - Alibaba Cloud Documentation Center

This topic describes the pod fields that are supported by Sandboxed-Container. This allows you to fully use the Sandboxed-Container runtime.

Background information

Sandboxed-Container is a new runV container runtime that provides compatibility with runC in terms of pod networking, service networking (ClusterIP and NodePort), and image management. However, Sandboxed-Container does not support all pod fields. To use Sandboxed-Container, you do not need to change your development mode or image packaging method.

Supported pod fields

The following table describes the pod fields that are supported and the pod fields that are not supported by Sandboxed-Container.

Field	Compatible
activeDeadlineSecons	Yes
affinity	Yes
automountServiceAccountToken	Yes
containers	Supported fields: args, command, env, envFrom, image, imagePullPolicy, lifecycle, livenessProbe, name, ports, readinessProbe, resources, startupProbe, stdin, stdinOnce, terminationMessagePath, terminationMessagePolicy, tty, volumeDevices, volumeMounts, and workingDir, and the allowPrivilegeEscalation, capabilities, procMount, readOnlyRootFilesystem, runAsGroup, runAsNonRoot, runAsUser, and seLinuxOptions fields in the securityContext field. Unsupported fields: privileged and windowsOptions.
dnsConfig	Yes
dnsPolicy	Yes
enableServiceLinks	Yes
hostAliases	Yes
hostIPC	No
hostNetwork	No
hostPID	No
hostname	Yes
imagePullSecrets	Yes
initContainers	Yes
nodeName	Yes
nodeSelector	Yes
priority	Yes
priorityClassName	Yes
readinessGates	Yes
restartPolicy	Yes
runtimeClassName	Yes
schedulerName	Yes
securityContext	Yes The fsGroup, runAsGroup, runAsNonRoot, runAsUser, seLinuxOptions, supplementalGroups, and sysctls fields in this field are also supported.
serviceAccount	Yes
serviceAccountName	Yes
shareProcessNamespace	No
subdomain	Yes
terminationGracePeriodSeconds	Yes
tolerations	Yes
volumes	Yes