[ceph-osd] Change var crash mount propagation to HostToContainer

- As it will be a security violation to mount anything under /var
partition to pods , changing the mount propagation to HostToContainer

Change-Id: If7a27304507a9d1bcb9efcef4fc1146f77080a4f

ceph-osd/Chart.yaml

@@ -15,6 +15,6 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Ceph OSD
 name: ceph-osd
-version: 0.1.27
+version: 0.1.28
 home: https://github.com/ceph/ceph
 ...

ceph-osd/templates/daemonset-osd.yaml

@@ -138,6 +138,7 @@ spec:
               readOnly: false
             - name: pod-var-crash
               mountPath: /var/crash
+              mountPropagation: HostToContainer
               readOnly: false
         - name: ceph-log-ownership
 {{ tuple $envAll "ceph_osd" | include "helm-toolkit.snippets.image" | indent 10 }}
@@ -283,6 +284,7 @@ spec:
               readOnly: false
             - name: pod-var-crash
               mountPath: /var/crash
+              mountPropagation: HostToContainer
               readOnly: false
       containers:
         - name: log-runner
@@ -449,6 +451,7 @@ spec:
               readOnly: false
             - name: pod-var-crash
               mountPath: /var/crash
+              mountPropagation: HostToContainer
               readOnly: false
       volumes:
         - name: pod-tmp

releasenotes/notes/ceph-osd.yaml

@@ -28,4 +28,5 @@ ceph-osd:
   - 0.1.25 Export crash dumps when Ceph daemons crash
   - 0.1.26 Mount /var/crash inside ceph-osd pods
   - 0.1.27 Limit Ceph OSD Container Security Contexts
+  - 0.1.28 Change var crash mount propagation to HostToContainer
 ...