Pires
Pires
A suggestion is for this to be implemented as an opt-in vs opt-out feature.
I think it's a safe bet because it's systemd 219, a really old version. We can also not actually probe and basically do it by hand in code based on...
For instance, `TemporaryFileSystem` is introduced in 238. Both `BindPaths` and `BindReadOnlyPaths` are introduced in 233.
Maybe the idea of alternative unit attributes needs to mature. For instance, mapping a string to an alternative string may be too limited. Say we are on RHEL7 and systemd...
For reference, the code as is in main has been validated by me in RHEL7, RHEL8 and Ubuntu 20.04.
This discussion happened over slack but I'm sharing here for historic purposes. I think we're in a bit of a mexican stand-off as I object to this. Wrapping the CLI...
I am now thinking that maybe we could do with Go build tags, where the default builds with the code in main and a new tag that would be opt-in...
In Kubernetes the only way to define UID/GID is in a Pod spec. Kubernetes is not opinionated when it comes to validate that: some security firms sell container runtime integrations...
TL;DR is that's interesting but then why not just run a kubelet + CRI-compatible container runtime, eg containerd? Philosophical question aside, I do think the feature requested above is pretty...
Just [record an Event](https://github.com/kubernetes/sample-controller/blob/master/controller.go#L291) for the Pod. That's the Kubernetes way! [VK also does it](https://github.com/virtual-kubelet/virtual-kubelet/blob/master/node/pod.go#L89).Running `kubectl describe pod ` will show the events.