diff --git a/pkg/apis/pingcap.com/v1alpha1/types.go b/pkg/apis/pingcap.com/v1alpha1/types.go index 419d1cd973..a539b4c123 100644 --- a/pkg/apis/pingcap.com/v1alpha1/types.go +++ b/pkg/apis/pingcap.com/v1alpha1/types.go @@ -137,6 +137,7 @@ type TiDBSlowLogTailerSpec struct { // TiKVSpec contains details of PD member type TiKVSpec struct { ContainerSpec + Privileged bool `json:"privileged,omitempty"` Replicas int32 `json:"replicas"` Affinity *corev1.Affinity `json:"affinity,omitempty"` NodeSelector map[string]string `json:"nodeSelector,omitempty"` diff --git a/pkg/manager/member/tikv_member_manager.go b/pkg/manager/member/tikv_member_manager.go index 3546b9bf82..e1281944d1 100644 --- a/pkg/manager/member/tikv_member_manager.go +++ b/pkg/manager/member/tikv_member_manager.go @@ -344,6 +344,9 @@ func (tkmm *tikvMemberManager) getNewSetForTidbCluster(tc *v1alpha1.TidbCluster) Image: tc.Spec.TiKV.Image, Command: []string{"/bin/sh", "/usr/local/bin/tikv_start_script.sh"}, ImagePullPolicy: tc.Spec.TiKV.ImagePullPolicy, + SecurityContext: &corev1.SecurityContext{ + Privileged: &tc.Spec.TiKV.Privileged, + }, Ports: []corev1.ContainerPort{ { Name: "server",