search

ScottG489 / conjob

Simple web interface to run containers as jobs or serverless functions
MIT License
12 stars 0 forks source link

Install `shiftfs` on AMI #16

Open ScottG489 opened 3 years ago

ScottG489 commented 3 years ago

Follow up issue from #11.

Job isolation is now working. The AMI didn't have shiftfs support but we were able to get around that with userns-remap and --userns=host. See related issue #11 and linked discussions for more info.

The --userns=host may not be ideal. Ideally we want shiftfs installed on the server. From #11:

Now everything seems to be working as expected. A slightly cleaner solution is outlined in this comment in the sysbox discussion: nestybox/sysbox/discussions/121#discussioncomment-130136. This should install shiftfs on the AMI which would mean the --userns=host wouldn't be necessary.

We can follow the directions in that discussion to try to install shiftfs on the AMI. This seems like a cleaner solution.

However, for now everything seems to be working fine with acceptable job isolation so I'd say this is lower priority.

ScottG489 commented 2 years ago

See if we can remove --userns=host before closing this.