On Thu, Jun 3, 2021 at 2:18 AM Marc <m...@f1-outsourcing.eu> wrote: > Not using cephadm, I would also question other things like: > > - If it uses docker and docker daemon fails what happens to you containers?
This is an obnoxious feature of docker; podman does not have this problem. > - I assume the ceph-osd containers need linux capability sysadmin. So if you > have to allow this via your OC, all your tasks have potentially access to > this permission. (That is why I chose not to allow the OC access to it) The --privileged flag and other caps are only passed on an as-needed basis, based on the daemon (each daemon runs in its own container). (There is only one container image, though.) sage _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
