Florian Apolloner
Florian Apolloner
Just putting down some links here that might or might not help. Podman has similar problems with user namespaces: https://github.com/containers/podman/issues/12154 Newer kernels allow id-mapping mounts: https://lore.kernel.org/lkml/[email protected]/T/#u
@tgross not going to ask for an ETA ;) but mind laying out how you want to implement this? I thought about this a bit already and I came up...
Hi Tim, I am not really sold on the 2nd bullet point either. I'd really like to hear actual usecases for it. I doubt HA is a usecase for it...
Regarding > That's how we implemented CSI support, where it makes sense (folks have asked to be able to merge them in the job spec anyways https://github.com/hashicorp/nomad/issues/11195 but I'm not...
> Yeah I don't think I disagree with most of what you're saying here. The only way I'd want to be able to support NFS is if we could treat...
> These launches are initiated by a daemon based on the merge request status. We have a zfs volume cloning daemon on a few nodes to get our databases up...
Ha, yeah I doubt you will find a prewritten CSI plugin for that. What I mainly wanted to say is that something like this is imo out of scope for...
> There's a [host_volumes](https://developer.hashicorp.com/nomad/docs/other-specifications/acl-policy#host-volume-rules) ACL but we'd almost certainly need to expand the logic there. Or get rid of them and make dynamic host volumes namespace aware (though I am...
@bcoca I just tested this (applied it onto 2.15.4 and it looks Good. What can I do to help move this forward?
Ok, as I understand it the PR currently implements the "restricted" option? From my testing it more looked like the "full" option -- or does lookups mean something else in...