Peter Hunt
Peter Hunt
### Enhancement Description - One-line enhancement description (can be used as a release note): - Kubernetes Enhancement Proposal: - Discussion Link: - Primary contact (assignee): - Responsible SIGs: - Enhancement...
should fix https://github.com/containers/conmon/issues/348
as well as generate the crio ignition files with privilege or else it fails with selinux enabled
Currently, CRI-O has some behavior specifically tuned for calico (though it could be argued that it's correct behavior for all) where we keep track of a pod across reboots so...
There are a handful of features conmon-rs still lacks that podman will require. This issue will serve as a tracking issue for those remaining pieces
eventually, we will need to have a version skew policy between client and server. Once we establish that, we should also have tests guaranteeing old servers work with new clients...
after https://github.com/containers/conmon-rs/pull/1064, conmon-rs always opens a namespace, even if the pod needs a container level namespace. This isn't a behavior problem, but does needlessly add extra mounts and will cause...
It's possible we do this now, but the pause process should only be created and tracked if the pod has a pod level pid namespace. Otherwise, we're needlessly creating the...
[pinns](https://github.com/cri-o/cri-o/tree/main/pinns) is a utility called by cri-o to create pod-level namespaces. It would be cool if conmon-rs could create those namespaces for the pod. Most notably, if it could manage...