Cesar Talledo

> Running this fully privileged puts a massive risk on any K8 Cluster that runs Kink. I agree. But note: there is now a solution to run KinD in secure...

Hi @SoloGao, thanks for sharing that info, much appreciated. We've not had the cycles to add Nvidia GPU support to Sysbox yet, but your findings will certainly help when we...

FYI: Another user for Sysbox is looking to use hardware accelerators with Sysbox towards the end of 2021.

FYI: some GPU functionality does work inside a Sysbox container currently, as described in [this comment](https://github.com/nestybox/sysbox/issues/452#issuecomment-1059960655) in issue #452.

Hi Roshan (@r614), unfortunately no updates yet. As Docker recently acquired Nestybox, we are currently busy integrating Sysbox into Docker Desktop but should get some more cycles to work on...

I modified this issue's title to reflect a bit more accurately the problem: mounting host sockets into a Sysbox container doesn't always work. Specifically, it does not work when the...

Hi @joanbm, @mviereck, thanks for updating the issue. ID-mapped mounts don't work on tmpfs (yet), so Sysbox won't ID-map-mount if it detects the underlying filesystem is tmpfs. The code is...

Thanks @joanbm for the update. I think in summary (for Sysbox v0.5.0): * If the host supports ID-mapped mounts (e.g., kernel >= 5.12), then mounting sockets into the Sysbox container...

Thanks @matthewparkinsondes for filing this issue, we will take a look. We typically use hosts with ext4 filesystems, so we had not bumped into this. Per our side conversation, looks...

See issue #250 for another problem related to lack of support for IPVS inside sysbox containers.