-
Notifications
You must be signed in to change notification settings - Fork 0
ZFS Roadmap
This page outlines the roadmap for implementing and stabilizing ZoL within Mistify. The items here are a subset of those listed in the overall roadmap.
#2015 (Q1 - Q3)
-
Add user namespace support into Docker (Complete)
-
Testing using zfs_allow as initial pathway for ZoL delegation (Complete)
-
Plan new ZFS namespaces (Complete)
-
Implement new ZFS namespaces (Complete)
-
Replace ZFS zone code with namespace checks (kernel) (Complete)
-
Replace ZFS zone code with namespace checks (ZoL) (Complete)
-
Move to new libzfs core API (In Progress, 11/20/2015)
-
Implement mounting of ZFS datasets to namespaces (12/04/2015)
-
Modify namespace implementation to eliminate Go patching (12/18/2015)
-
Address ZoL Container Integration Security Issues
- Check privileges/capabilities for non-root users (currently have full access)
- Implement support for delegation of ZFS datasets to users/groups
- Implement user namespace support to allow containers with remapped UID/GID ranges (including UID 0)
-
Upstreaming ZFS Container Integration
- Facilitate upstreaming - Generalize namespace implementation in lieu of patch sets
- ZFS upstream approach/execution
- ZoL upstream approach/execution
- Linux kernel upstream approach/execution
-
Automated integration testing for:
- ZFS changes
- ZoL changes
- Linux kernel changes
-
Enhance ZoL resiliency (starting with I/O Timeouts)
-
ZoL - Additional resiliency items
-
Stream ZFS snapshots for backups. Possibly to a “centralized backup service” (that probably runs in containers itself) or to another hypervisor