Skip to content

cgroup namespace support #38332

New issue
New issue
Closed
#38377
Closed
cgroup namespace support#38332
#38377
Labels
area/runtimeRuntimekind/featureFunctionality or other elements that the project doesn't currently have. Features are new and shiny
@rgulewich

Description

@rgulewich
rgulewich
opened on Dec 7, 2018

Description

Now that cgroup namespace support has been added to runc, I'd like to add support to docker. I'm happy to do the work, but I'd like some input as to which of these approaches would work the best:

  1. Always enable cgroup namespaces for all containers, provided that the currently running kernel supports it.
  2. Enable for all containers, but only when the docker daemon was started with a flag to enable it (similar behaviour to --userns-remap).
  3. Enable cgroup namespaces per-container (not for all containers), by passing a flag at container start time.

Thoughts?

CC: @cpuguy83, @stevvooe, @sargun

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/runtimeRuntimekind/featureFunctionality or other elements that the project doesn't currently have. Features are new and shiny

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions