Open
Description
This will affect how the networking work.
Thought dump on this:
Currently everything is run as root (😱)
We have one network that all pods are attached to. If we have some pods as root, and some not, we'd have to
- have a dedicated user maybe for that? a 'skate' user or something like that
- check how pasta or slirp networking works, I haven't dug into that.
- bridge the rootful and non-rootful networks in some way? (maybe podman can do this out of the box
- thinking more about this: maybe it doesn't matter?
- still need to allow sudo access for running certain workloads, right?
Metadata
Assignees
Labels
No labels