Trond's proposal for discussion (his proposal below) at LSF/MM makes sense and could be useful, and similar questions come up often with CIFS/SMB3 (and probably other distributed file systems). On Wed, Jan 23, 2019 at 12:11 PM Trond Myklebust <trondmy@xxxxxxxxxxxxxxx> wrote: > I'd like to propose an LSF/MM discussion around the topic of containers > and distributed filesystems. > > The background is that we have a number of decisions to make around > dealing with namespaces when the filesystem is distributed. > > On the one hand, there is the issue of which user namespace we should > be using when putting uids/gids on the wire, or when translating into > alternative identities (user/group name, cifs SIDs,...). There are two > main competing proposals: the first proposal is to select the user > namespace of the process that mounted the distributed filesystem. The > second proposal is to (continue to) use the user namespace pointed to > by init_nsproxy. It seems that whichever choice we make, we probably > want to ensure that all the major distributed filesystems (AFS, CIFS, > NFS) have consistent handling of these situations. > Another issue arises around the question of identifying containers when > they are migrated. At least the NFSv4 client needs to be able to send a > unique identifier that is preserved across container migration. The > uts_namespace is typically insufficient for this purpose, since most > containers don't bother to set a unique hostname. Makes sense > Finally, there is an issue that may be unique to NFS (in which case I'd > be happy to see it as a hallway discussion or a BoF session) around > preserving file state across container migrations. Not unique to NFS -- Thanks, Steve
