ebcarty
commented
4 years ago Could this lead to eventually building a Kubernetes (or Container) Kernel Interface(s) similar to how we've decoupled other components (e.g. CNI, CRI, CSI)?
Open fntlnz opened 4 years ago
ebcarty
commented
4 years ago Could this lead to eventually building a Kubernetes (or Container) Kernel Interface(s) similar to how we've decoupled other components (e.g. CNI, CRI, CSI)?
fntlnz
commented
4 years ago I think that part of this effort would also need an exploration around what kind of kernel features can be exposed via native kubernetes objects - e.g: eBPF, insmod/rmmod, LSMs etc...
In my opinion, one of the goals of this project, behind shipping a secure, kubernetes first OS should also be to ship vanilla kernels straight from kernel.org
Give that we don’t have an upgrade/update plan yet, we probably want to use kernel and kubernetes components as a driver for update decisions here. In particular, regarding to the kernel we should ship for all the longterm (compatible with what we want to do, so likely no 3.16 and 4.4)