Mike Brown comments

Results 192 comments of


                                            Mike Brown

Reference Types Working Group remaining tasks

FYI my preference is 1 subject, referrers; 2 refers, referrers

mount: add ExtraOptions field for Mount struct

/ok-to-test

registry mirroring using auth on incorrect registry

@dmcgowan fyi...

registry mirroring using auth on incorrect registry

For the normal path the auth is passed in by kubernetes (kubelet) from secrets. When auth is not present in the pullimage request we fall back to the matching config...

registry mirroring using auth on incorrect registry

> ``` > [plugins."io.containerd.grpc.v1.cri".registry] > [plugins."io.containerd.grpc.v1.cri".registry.mirrors] > [plugins."io.containerd.grpc.v1.cri".registry.mirrors."www.hsops.com"] > endpoint = ["https://www.hsops.com"] > [plugins."io.containerd.grpc.v1.cri".registry.configs] > [plugins."io.containerd.grpc.v1.cri".registry.configs."www.hsops.com".tls] > ca_file = "/etc/containerd/ca.pem" > cert_file = "/etc/containerd/www.hsops.com.pem" > key_file = "/etc/containerd/www.hsops.com-key.pem" > [plugins."io.containerd.grpc.v1.cri".registry.configs."www.hsops.com".auth]...

registry mirroring using auth on incorrect registry

@IBMRob @azuwis fyi: https://github.com/containerd/containerd/pull/5351

WIP: CRI: Sandbox support user namespace. part I

already a WIP .. https://github.com/containerd/containerd/pull/5904

WIP: CRI: Sandbox support user namespace. part I

> > already a WIP .. #5904 > > Thanks, @mikebrow Seems these two PRs are related but solves different issues. After reading comments of #5904 , seems that the...

[Feature request] [PoC] set default container sysctl via config

Interesting. Thanks for the discussion. One approach / thought would be to use the k8s PodPreset pattern for injecting securityContext: sysctls: that match appropriate filters. Pretty sure you can't do...

Add capability for snapshotters to declare support for UID remapping

/ok-to-test