nydus icon indicating copy to clipboard operation
nydus copied to clipboard
verified publisher icon dragonflyoss

snapshotter & nydusd config hot reload

Open imeoer opened this issue 1 year ago • 0 comments

The nydus image is started by nydus snapshotter, and the nydusd config is currently delivered by snapshotter and is persisted to local disks, the problem is:

  • the sensitive info such as registry authentication may leak on local disk.
  • it is difficult to timely hot update the config if some options change dynamically.

Possible implementation steps:

  • understand snapshotter's nydusd config delivery process and change it from persistent to API delivery.
  • consider nydusd hot upgrade and failover process to ensure config recovery.

imeoer avatar Jun 18 '24 08:06 imeoer