[gpfsug-discuss] Spectrum Scale 5.1.4 release notes items!
Josh Catana
jcatana at gmail.com
Fri Jun 3 22:51:48 BST 2022
I force my users to runAsUser their user ID in order to access storage (
enforced by OPA policy) and maintain POSIX complaince. I put the
responsibility of being able to run as non-root and the container creator.
I feel like this is growing as standard to run as non-root for things that
aren't system level operators in k8s.
If they aren't accessing storage, I don't care what UID they run as.
On Fri, Jun 3, 2022, 5:46 PM Lukas Hejtmanek <xhejtman at ics.muni.cz> wrote:
> Hello,
>
> nice to see that only file set can be exported now.
>
> We are running Kubernetes platform together with Spectrum Scale. Beside
> K8s,
> we have also HPC clusters using GPFS/NFS exports.
>
> We would like to integrate storage from HPC to K8s and vice versa.
>
> Currently, this is a problem because in K8s almost all users are using UID
> 1000 for running pods while in HPC they have different UIDs.
>
> As far as I know, there is no possibility to remap UIDs between K8s and
> HPC on
> the same Spectrum Scale file system. Running pods with different UIDs is
> hard
> option as many containers assume, they run exactly as UID 1000.
>
> What do you think, is there anything that can be done here?
>
> On Fri, Jun 03, 2022 at 08:19:25PM +0000, Christopher Maestas wrote:
> > Hello everyone!
> >
> > I know I spoke to some of you at ISC 2022 this week about some of these
> features. They are officially out!
> >
> > Check out:
> https://www.ibm.com/docs/en/spectrum-scale/5.1.4?topic=summary-changes
> > Summary of changes<
> https://www.ibm.com/docs/en/spectrum-scale/5.1.4?topic=summary-changes>
> > This topic summarizes changes to the IBM Spectrum Scale licensed program
> and the IBM Spectrum Scale library. Within each topic, these markers ( )
> surrounding text or illustrations indicate technical changes or additions
> that are made to the previous edition of the information.
> > www.ibm.com
> >
> > Particularly:
> > ---
> >
> > Control fileset access for remote clusters
> > Administrators can now configure access to remote cluster nodes for only
> a subset of filesets instead of the entire file system. For more
> information, see Fileset access control for remote clusters<
> https://www.ibm.com/docs/en/STXKQY_5.1.4/com.ibm.spectrum.scale.v5r10.doc/bl1adv_fielsetaccesscontrol.html
> >.
> >
> > Increase in the number of independent filesets
> > In IBM Spectrum Scale the maximum number of independent filesets is
> increased from 1000 to 3000.
> > ---
> >
> > We'll talk further about this at the Scale user group in a few weeks in
> London!
> >
> > -Chris
>
> > _______________________________________________
> > gpfsug-discuss mailing list
> > gpfsug-discuss at gpfsug.org
> > http://gpfsug.org/mailman/listinfo/gpfsug-discuss_gpfsug.org
>
>
> --
> Lukáš Hejtmánek
>
> Linux Administrator only because
> Full Time Multitasking Ninja
> is not an official job title
>
> _______________________________________________
> gpfsug-discuss mailing list
> gpfsug-discuss at gpfsug.org
> http://gpfsug.org/mailman/listinfo/gpfsug-discuss_gpfsug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20220603/059dcf39/attachment-0001.htm>
More information about the gpfsug-discuss
mailing list