diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2019-07-09 11:19:45 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-07-09 11:19:45 +0200 |
| commit | cea0e93a658f10cc46b56cb9b00ac8b824bc8b02 (patch) | |
| tree | 842427d52c8a40caa7f7195785e5ab060762f5f7 | |
| parent | 7633bd3b1be940050ab80bfbffe3b7d1f5b1169c (diff) | |
| parent | 2f29c565423c69444685007d2e27e28c20f4dede (diff) | |
| download | podman-cea0e93a658f10cc46b56cb9b00ac8b824bc8b02.tar.gz podman-cea0e93a658f10cc46b56cb9b00ac8b824bc8b02.tar.bz2 podman-cea0e93a658f10cc46b56cb9b00ac8b824bc8b02.zip | |
Merge pull request #3518 from jwflory/change/rootless-gpfs
rootless.md: Include GPFS as a parallel filesystem
| -rw-r--r-- | rootless.md | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/rootless.md b/rootless.md index d397ae857..bdbc1becc 100644 --- a/rootless.md +++ b/rootless.md @@ -16,9 +16,9 @@ can easily fail * Cgroups V2 development for container support is ongoing. * Can not share container images with CRI-O or other users * Difficult to use additional stores for sharing content -* Does not work on NFS homedirs - * NFS enforces file creation on different UIDs on the server side and does not understand User Namespace. - * When a container root process like YUM attempts to create a file owned by a different UID, NFS Server denies the creation. +* Does not work on NFS or parallel filesystem homedirs (e.g. [GPFS](https://www.ibm.com/support/knowledgecenter/en/SSFKCN/gpfs_welcome.html)) + * NFS and parallel filesystems enforce file creation on different UIDs on the server side and does not understand User Namespace. + * When a container root process like YUM attempts to create a file owned by a different UID, NFS Server/GPFS denies the creation. * Does not work with homedirs mounted with noexec/nodev * User can setup storage to point to other directories they can write to that are not mounted noexec/nodev * Can not use overlayfs driver, but does support fuse-overlayfs @@ -26,7 +26,7 @@ can easily fail * Only other supported driver is VFS. * No KATA Container support * No CNI Support - * CNI wants to modify IPTables, plus other network manipulation that I requires CAP_SYS_ADMIN. + * CNI wants to modify IPTables, plus other network manipulation that requires CAP_SYS_ADMIN. * There is potential we could probably do some sort of blacklisting of the relevant plugins, and add a new plugin for rootless networking - slirp4netns as one example and there may be others * Cannot use ping * [(Can be fixed by setting sysctl on host)](https://github.com/containers/libpod/blob/master/troubleshooting.md#5-rootless-containers-cannot-ping-hosts) |