You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I understand they use seccomp notify for mknod and other things docker uses.
@alban suggested we do a similar demo: a docker daemon running a Kubernetes pod without too many privileges, so that the user can just run docker run from inside the pod without giving CAP_SYS_ADMIN.
Once Flatcar adds supports for this, we should be able to create such demo. Upstream flatcar issue tracking support for this: flatcar/Flatcar#499
The text was updated successfully, but these errors were encountered:
LXD has a very nice demo running docker inside a LXD container: https://www.youtube.com/watch?v=_fCSSEyiGro
I understand they use seccomp notify for mknod and other things docker uses.
@alban suggested we do a similar demo: a docker daemon running a Kubernetes pod without too many privileges, so that the user can just run docker run from inside the pod without giving
CAP_SYS_ADMIN.Once Flatcar adds supports for this, we should be able to create such demo. Upstream flatcar issue tracking support for this: flatcar/Flatcar#499
The text was updated successfully, but these errors were encountered: