untrusted runtime should support privileged #855
Comments
I'll put together a PR accordingly. Want to follow similar logic as to what is introduced with cri-o/cri-o#1701 |
VM isolated runtimes can support privileged workloads. In this scenario, access to the guest VM is provided instead of the host. Based on this, allow untrusted runtimes to run privileged workloads. If the workload is specifically asking for node PID/IPC/network, etc., then continue to require the trusted runtime. This commit repurposes the hostPrivilegedSandbox utility function to only check for node namespace checking. Fixes: containerd#855 Signed-off-by: Eric Ernst <eric.ernst@intel.com>
VM isolated runtimes can support privileged workloads. In this scenario, access to the guest VM is provided instead of the host. Based on this, allow untrusted runtimes to run privileged workloads. If the workload is specifically asking for node PID/IPC/network, etc., then continue to require the trusted runtime. This commit repurposes the hostPrivilegedSandbox utility function to only check for node namespace checking. Fixes: containerd#855 Signed-off-by: Eric Ernst <eric.ernst@intel.com>
VM isolated runtimes can support privileged workloads. In this scenario, access to the guest VM is provided instead of the host. Based on this, allow untrusted runtimes to run privileged workloads. If the workload is specifically asking for node PID/IPC/network, etc., then continue to require the trusted runtime. This commit repurposes the hostPrivilegedSandbox utility function to only check for node namespace checking. Fixes: containerd#855 Signed-off-by: Eric Ernst <eric.ernst@intel.com>
@egernst Current integration is experimental. @tallclair is working on the RuntimeClass. kubernetes/enhancements#585 And that will define what features will be supported by a runtime, which includes @tallclair Do you think we should support privileged for sandbox container? |
Sounds good @Random-Liu. I expect this to become more clear once runtime class is supported. In the meantime there are many use cases where having privileged support in the sandboxed runtime (ie, kata in my scenario) makes sense (device node access, update the guest kernel, etc). I didn't want to wait until 1.12 to start using these patterns. |
I don't think we should block this on RuntimeClass. I don't see any reason to forbid Note that this does weaken the sandbox, as the guest OS is no longer an extra security layer, but I think the tradeoff is worthwhile for the enhanced useability, and can also be prevented through policy (PodSecruityPolicy). |
VM isolated runtimes can support privileged workloads. In this scenario, access to the guest VM is provided instead of the host. Based on this, allow untrusted runtimes to run privileged workloads. If the workload is specifically asking for node PID/IPC/network, etc., then continue to require the trusted runtime. This commit repurposes the hostPrivilegedSandbox utility function to only check for node namespace checking. Fixes: containerd#855 Signed-off-by: Eric Ernst <eric.ernst@intel.com>
VM isolated runtimes can support privileged workloads. In this scenario, access to the guest VM is provided instead of the host. Based on this, allow untrusted runtimes to run privileged workloads. If the workload is specifically asking for node PID/IPC/network, etc., then continue to require the trusted runtime. This commit repurposes the hostPrivilegedSandbox utility function to only check for node namespace checking. Fixes: containerd#855 Signed-off-by: Eric Ernst <eric.ernst@intel.com>
VM isolated runtimes can support privileged workloads. In this scenario, access to the guest VM is provided instead of the host. Based on this, allow untrusted runtimes to run privileged workloads. If the workload is specifically asking for node PID/IPC/network, etc., then continue to require the trusted runtime. This commit repurposes the hostPrivilegedSandbox utility function to only check for node namespace checking. Fixes: containerd#855 Signed-off-by: Eric Ernst <eric.ernst@intel.com>
VM isolated runtimes can support privileged workloads. In this scenario, access to the guest VM is provided instead of the host. Based on this, allow untrusted runtimes to run privileged workloads. If the workload is specifically asking for node PID/IPC/network, etc., then continue to require the trusted runtime. This commit repurposes the hostPrivilegedSandbox utility function to only check for node namespace checking. Fixes: containerd#855 Signed-off-by: Eric Ernst <eric.ernst@intel.com>
VM isolated runtimes can support privileged workloads. In this scenario, access to the guest VM is provided instead of the host. Based on this, allow untrusted runtimes to run privileged workloads. If the workload is specifically asking for node PID/IPC/network, etc., then continue to require the trusted runtime. This commit repurposes the hostPrivilegedSandbox utility function to only check for node namespace checking. Fixes: containerd#855 Signed-off-by: Eric Ernst <eric.ernst@intel.com>
VM isolated runtimes can support privileged workloads. In this scenario, access to the guest VM is provided instead of the host. Based on this, allow untrusted runtimes to run privileged workloads. If the workload is specifically asking for node PID/IPC/network, etc., then continue to require the trusted runtime. This commit repurposes the hostPrivilegedSandbox utility function to only check for node namespace checking. Fixes: containerd#855 Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Being able to run an untrusted runtime, such as kata-runtime, as privileged should be allowed. In this case, all device nodes, etc, would be made available to it. Note, none of the host available features would be available.
If a workload explicitly is marked as untrusted but has --privileged, allow the configuration.
I still think we should return an error if they are asking for namespaces of the host (the node).
This should address the TODO @ [1] in the short term while we wait for runtimeClass to be implemented.
[1] https://github.com/containerd/cri/blob/master/pkg/server/sandbox_run.go#L610
The text was updated successfully, but these errors were encountered: