Fu Wei
@Iceber is the issue you mentioned before? Let's say that init command is `sh -c "oom-process"`. The "oom-process" causes the oom event but the `sh -c` doesn't. So, the containerd...
just curiosity, how do we prevent process from connecting to abstract socket path? It is host networking
To be honest, I am not security expert. From my perspective, if we allow user to use host namespace, it's kind of opening hole to the pod - https://github.com/containerd/containerd/security/advisories/GHSA-36xw-fx78-c5r4. For...
> The moment you allow it, the container is privileged (requires a privileged PSS, etc.). I noticed this. Thanks for quick update. I just raised my questions and concern. Since...
Hi @serathius the discussion link is private?
Regarding memory usage, I believe there’s room for enhancement in the GetList logic within the cacher: https://github.com/kubernetes/kubernetes/blob/195803cde570ad1025a78e36cdbef76bddbc4c33/staging/src/k8s.io/apiserver/pkg/storage/cacher/cacher.go#L771-L774 ```go // Resize the slice appropriately, since we already know that size of...
cc @ivanvc @ahrtr @serathius
@morotti would you please provide more information about performance enhancement? I mean some data are about 3-5 times. thanks
ping @ahrtr @serathius @siyuanfoundation
Hi @serathius I switched to use `kubernetes` profile and can reproduce it in my local. I pick up 300 as batch limit and this value might be different from different...