[wip] Add support for snapshot mount type#1017
Closed
dmcgowan wants to merge 1 commit intocontainerd:masterfrom
Closed
[wip] Add support for snapshot mount type#1017dmcgowan wants to merge 1 commit intocontainerd:masterfrom
dmcgowan wants to merge 1 commit intocontainerd:masterfrom
Conversation
Codecov Report
@@ Coverage Diff @@
## master #1017 +/- ##
=======================================
Coverage 59.28% 59.28%
=======================================
Files 5 5
Lines 781 781
=======================================
Hits 463 463
Misses 204 204
Partials 114 114Continue to review full report at Codecov.
|
Snapshot mount type allows clients which do not have mount permission to use mounts with the snapshot type. Additionally the api server can enforce mount namespace doing a mount lookup on the snapshot type without relying on the client to pass in correct mounts. Signed-off-by: Derek McGowan <[email protected]>
dmcgowan
force-pushed
the
with-server-mounts
branch
from
c807ace to
199c9d0
Compare
Contributor
|
@dmcgowan still working on this? |
Member
Author
|
Going to close this for now until we come up with a better way to handle this mount type for non-root mounts |
ianlewis
pushed a commit
to ianlewis/containerd
that referenced
this pull request
Dec 8, 2020
Add unit test for DisableCgroup, RestrictOOMScoreAdj.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Snapshot mount type allows clients which do not have mount permission to use mounts with the snapshot
type. Additionally the api server can enforce mount namespace doing a mount lookup on the snapshot type without relying on the client to pass in correct mounts. This could be useful to API proxies enforcing namespace boundaries from clients.
This method can be used to simplify clients which never intend to mount snapshots locally. The clients can keep the same interface as passing around
[]Mountbut also able to determine if the mounts are snapshots and which id is associated with that snapshot.Marked as WIP to review for feedback on this approach.