I've only added one new config, build_capabilities, and overloaded it to set privileged=True. Alternatives include:
separate config for capabilities and privileged
allowing the full security_context to be specified- this would be the most flexible, but looking at https://github.com/kubernetes-client/python/issues/977 it doesn't sound like it's possible to construct the a Kubernetes object form JSON... unless someone knows a way to do so?
I thought it'd be interesting to get BinderHub running on K8S without Docker. This is the first step:
build_docker_host
is optionalI've only added one new config,
build_capabilities
, and overloaded it to setprivileged=True
. Alternatives include:capabilities
andprivileged