Comment #3 on issue 1074 by [email protected]: LXC: support more then one
disk
https://code.google.com/p/ganeti/issues/detail?id=1074
Hi,
From ganeti's point of view you already provide block devices to the
hypervisor. It's the hypervisor itself (lxc-start), which turns the block
device into a mount (visible only inside the container). However, the
hypervisor needs additional information (mount point, fstype, options).
Here is what my config looks like:
# DISK 1
lxc.mount.entry = /dev/disk/by-id/my-data data xfs noatime,create=dir 0 0
# DISK 2
lxc.mount.entry = /dev/disk/by-id/my-log log xfs noatime,create=dir 0 0
Generating the lxc-config is just like generating the KVM command line. As
you can see, Ganeti just provides block devices. It has nothing to do with
un-/mounting.
AFAIK there are just 2 possibilities, that LXC.CONTAINER.CONF(5) supplies
to get mote then one disk:
1) hand over the block device into the container via
lxc.cgroup.devices.allow (just maj/min number encoding, no device names)
2) utilizing "lxc.mount.entry" directives
With 1) you are forced to not drop sys_admin to allow mounts inside the
container. This is probably a bad thing. So 2) seems the only "secure"
solution?
Thanks, Sascha.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
