> > I'll leave the discussion to guys with more knowledge than me, but using a > sidecar container to provide network storage client seems overkill or more > complicated than required to me. Network storage should be managed by the > node, and containers should get the mount points without caring about the > filesystem type. Only the nodes (or the privileged container that manages > cifs on the node, for all containers/pods in that node) should need the > keytab. I'd try providing that file to the privileged pod as a configmap. > > Today we distribute the keytabs to the nodes via ansible. My concern with v4 (including Hemant's comments) are that this method will break with RHCOS since everything is supposed to run in a container. I'm also not a huge fan of distributing keytabs to nodes that might run a pod instead of it only being available to the pod when it runs. Can you run a flexvolume as its own container? Instead of telling ocp4 to run a script can I tell it to run a container that does the mount?
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
