On Thu, Sep 29, 2022, at 10:10 AM, Vivek Goyal wrote: > What's your use case. How do you plan to use virtiofs. At the current time, the Kubernetes that we run does not support user namespaces. We want to do the production builds of our operating system (Fedora CoreOS and RHEL CoreOS) today inside an *unprivileged* Kubernetes pod (actually in OpenShift using anyuid, i.e. random unprivileged uid too), just with /dev/kvm exposed from the host (which is safe). Operating system builds *and* tests in qemu are just another workload that can be shared with other tenants. qemu works fine in this model, as does 9p. It's just the virtiofs isolation requires privileges to be used today.
- Re: virtiofsd: Any reason why there's not an "openat2... Vivek Goyal
- Re: virtiofsd: Any reason why there's not an "op... Vivek Goyal
- Re: virtiofsd: Any reason why there's not an &quo... German Maglione
- Re: virtiofsd: Any reason why there's not an ... Colin Walters
- Re: [Virtio-fs] virtiofsd: Any reason why... Stefan Hajnoczi
- Re: [Virtio-fs] virtiofsd: Any reaso... Sergio Lopez
- Re: [Virtio-fs] virtiofsd: Any r... Vivek Goyal
- Re: [Virtio-fs] virtiofsd: A... Colin Walters
- Re: [Virtio-fs] virtiofsd: A... Vivek Goyal
- Re: [Virtio-fs] virtiofsd: A... Colin Walters
- Re: [Virtio-fs] virtiofsd: A... Vivek Goyal
- Re: [Virtio-fs] virtiofsd: A... German Maglione
- Re: [Virtio-fs] virtiofsd: A... Colin Walters
- Re: [Virtio-fs] virtiofsd: A... Vivek Goyal
- Re: virtiofsd: Any reason why there's not an ... Vivek Goyal
