Allow configuring additional host-wide mountpoints

[flokli]

Feature Request

I'd like to use virtio-fs to mount a filesystem tree (not a virtio-blk block device) into a Talos worker node.

The worker node itself is a VM, with all the necessary hypervisor plumbing done, so a mount -t virtiofs mytagname /where-to-mount theoretically would succeed.

After some quick digging in Slack, @smira already confirmed the kernel has the necessary features (CONFIG_VIRTIO_FS=y etc) enabled: https://github.com/siderolabs/pkgs/blob/master/kernel/build/config-amd64#L4827 - so the only thing missing would be a way to specify that mountpoint in the system config.

This could use a similar structure as KubeletConfig.extraMounts, but needs to apply not only for the kubelet mount namespace (maybe restricted to some "safe" destination paths?)

Reason for this: I intend to expose some big filesystem available on the hypervisor with hostPath, or slicing subdirectories with local-path-provisioner

[2b]

I would like to add that this future is crucial for running eBPF programs relying on Linux kernel tracepoints, like kubeshark, due to the need to mount tracefs on /sys/kernel/tracing or debugfs on /sys/kernel/debug.

[kenlasko]

Just adding my $0.02. I'm evaluating several eBPF apps for security monitoring. One of the things they require is access to either tracefs or debugfs. In Talos 1.7.0, I do see a /sys/kernel/tracing folder, but its not mounted.

[noamApps]

+1, This is highly requested feature from our users and in the eBPF community in general.

[gspiliotis]

+1 as the use of virtio-fs is gaining a lot of attention lately as it gives access to host paths without carving out block devices. Till this is supported in talos config is there a way to run a final script doing the mount in talos linux?