X-Git-Url: https://gerrit.akraino.org/r/gitweb?p=ta%2Fcaas-danm.git;a=blobdiff_plain;f=ansible%2Froles%2Fflannel%2Ftemplates%2Fflannel-ds.yaml;fp=ansible%2Froles%2Fflannel%2Ftemplates%2Fflannel-ds.yaml;h=eb0c57131840f8df4975d3ce61934b5d1c07cfb6;hp=117f9cfdf7fa9b326180d7f140e2e85274779f86;hb=d45b4117f30f9ad842c24f0c7c9fd8524a7f358f;hpb=d24b652b4823c54bba217a60264185e6102c2552

diff --git a/ansible/roles/flannel/templates/flannel-ds.yaml b/ansible/roles/flannel/templates/flannel-ds.yaml
index 117f9cf..eb0c571 100644
--- a/ansible/roles/flannel/templates/flannel-ds.yaml
+++ b/ansible/roles/flannel/templates/flannel-ds.yaml
@@ -35,8 +35,7 @@ spec:
       priorityClassName: "system-node-critical"
       hostNetwork: true
       dnsPolicy: ClusterFirstWithHostNet
-     # TODO: figure out why flannel needs to run with root to modify network settings on the host
-     # Some setcap calls might be missing on its binary?
+     # TODO: figure out why privileged mode is also not enough for flannel to modify network settings on the host (same problem as watcher)
      #securityContext:
      #     runAsUser: {{ caas.uid.flannel }}
       tolerations: