Hi, I'd like to propose an LSF/MM discussion around the topic of containers and distributed filesystems. The background is that we have a number of decisions to make around dealing with namespaces when the filesystem is distributed. On the one hand, there is the issue of which user namespace we should be using when putting uids/gids on the wire, or when translating into alternative identities (user/group name, cifs SIDs,...). There are two main competing proposals: the first proposal is to select the user namespace of the process that mounted the distributed filesystem. The second proposal is to (continue to) use the user namespace pointed to by init_nsproxy. It seems that whichever choice we make, we probably want to ensure that all the major distributed filesystems (AFS, CIFS, NFS) have consistent handling of these situations. Another issue arises around the question of identifying containers when they are migrated. At least the NFSv4 client needs to be able to send a unique identifier that is preserved across container migration. The uts_namespace is typically insufficient for this purpose, since most containers don't bother to set a unique hostname. Finally, there is an issue that may be unique to NFS (in which case I'd be happy to see it as a hallway discussion or a BoF session) around preserving file state across container migrations. Cheers Trond -- Trond Myklebust Linux NFS client maintainer, Hammerspace trond.myklebust@xxxxxxxxxxxxxxx
