Re: [libvirt-users] RLIMIT_MEMLOCK in container environment

2019-08-24 Thread Laine Stump
On 8/24/19 3:08 AM, Dan Kenigsberg wrote: On Fri, 23 Aug 2019, 0:27 Laine Stump, > wrote: (Adding Alex Williamson to Cc so he can correct any mistakes) On 8/22/19 4:39 PM, Ihar Hrachyshka wrote: > On Thu, Aug 22, 2019 at 12:01 PM Laine Stump

Re: [libvirt-users] RLIMIT_MEMLOCK in container environment

2019-08-24 Thread Dan Kenigsberg
On Fri, 23 Aug 2019, 0:27 Laine Stump, wrote: > (Adding Alex Williamson to Cc so he can correct any mistakes) > > On 8/22/19 4:39 PM, Ihar Hrachyshka wrote: > > On Thu, Aug 22, 2019 at 12:01 PM Laine Stump wrote: > >> > >> On 8/22/19 10:56 AM, Ihar Hrachyshka wrote: > >>> On Thu, Aug 22, 2019

Re: [libvirt-users] RLIMIT_MEMLOCK in container environment

2019-08-22 Thread Laine Stump
(Adding Alex Williamson to Cc so he can correct any mistakes) On 8/22/19 4:39 PM, Ihar Hrachyshka wrote: On Thu, Aug 22, 2019 at 12:01 PM Laine Stump wrote: On 8/22/19 10:56 AM, Ihar Hrachyshka wrote: On Thu, Aug 22, 2019 at 2:24 AM Daniel P. Berrangé wrote: On Wed, Aug 21, 2019 at

Re: [libvirt-users] RLIMIT_MEMLOCK in container environment

2019-08-22 Thread Ihar Hrachyshka
On Thu, Aug 22, 2019 at 12:01 PM Laine Stump wrote: > > On 8/22/19 10:56 AM, Ihar Hrachyshka wrote: > > On Thu, Aug 22, 2019 at 2:24 AM Daniel P. Berrangé > > wrote: > >> > >> On Wed, Aug 21, 2019 at 01:37:21PM -0700, Ihar Hrachyshka wrote: > >>> Hi all, > >>> > >>> KubeVirt uses libvirtd to

Re: [libvirt-users] RLIMIT_MEMLOCK in container environment

2019-08-22 Thread Laine Stump
On 8/22/19 10:56 AM, Ihar Hrachyshka wrote: On Thu, Aug 22, 2019 at 2:24 AM Daniel P. Berrangé wrote: On Wed, Aug 21, 2019 at 01:37:21PM -0700, Ihar Hrachyshka wrote: Hi all, KubeVirt uses libvirtd to manage qemu VMs represented as Kubernetes API resources. In this case, libvirtd is running

Re: [libvirt-users] RLIMIT_MEMLOCK in container environment

2019-08-22 Thread Ihar Hrachyshka
On Thu, Aug 22, 2019 at 2:24 AM Daniel P. Berrangé wrote: > > On Wed, Aug 21, 2019 at 01:37:21PM -0700, Ihar Hrachyshka wrote: > > Hi all, > > > > KubeVirt uses libvirtd to manage qemu VMs represented as Kubernetes > > API resources. In this case, libvirtd is running inside an > > unprivileged

Re: [libvirt-users] RLIMIT_MEMLOCK in container environment

2019-08-22 Thread Daniel P . Berrangé
On Wed, Aug 21, 2019 at 01:37:21PM -0700, Ihar Hrachyshka wrote: > Hi all, > > KubeVirt uses libvirtd to manage qemu VMs represented as Kubernetes > API resources. In this case, libvirtd is running inside an > unprivileged pod, with some host mounts / capabilities added to the > pod, needed by

[libvirt-users] RLIMIT_MEMLOCK in container environment

2019-08-21 Thread Ihar Hrachyshka
Hi all, KubeVirt uses libvirtd to manage qemu VMs represented as Kubernetes API resources. In this case, libvirtd is running inside an unprivileged pod, with some host mounts / capabilities added to the pod, needed by libvirtd and other services. One of the capabilities libvirtd requires for