Peter Hunt
Peter Hunt
I should have thought of this! So yes, you do need to enable the config field to get the events. I don't think this should be enabled by default yet...
/ok-to-test /retest /approve
sounds good to me :) one note: > a single set of TLS certificates that would be used for every listener While having signing in general on these endpoints would...
@adrianreber @kolyshkin PTAL
@nuwang it may be helpful to put together a OCI runtime spec that doesn't use nvidia but does hit this issue, is that possible?
good find @LufffyZoro . error 1 would be the cause, and error 2 is the symptom. If crio doesn't start (error 1) then crictl can't connect to it (error 2)....
` #io.kubernetes.cri-o.userns-mode: "auto"` this looks to me like the annotation is not enabled @rata
>Is it expected that hostUsers: false does not work and io.kubernetes.cri-o.userns-mode: "auto" is needed on this 1.27 Kubernetes distribution? yes this is expected, as the feature is still in alpha...
> @haircommander but that isn't needed with hostUsers: false. When you do that, you enable userns at k8s. See the pod I shared, that is commented out and works as...
when you use privilege it's actually getting the cgroup mount of the host, rather than of the container. for instance, the first container that just has SYS_ADMIN, that's actually a...