github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
d2d434b7d6
containerd/sys
History
Ilya Hanov 1555a31bf6 mount: support idmapped mount points 
This patch introduces idmapped mounts support for
container rootfs.

The idmapped mounts support was merged in Linux kernel 5.12
torvalds/linux@7d6beb7.
This functionality allows to address chown overhead for containers that
use user namespace.

The changes are based on experimental patchset published by
Mauricio Vásquez #4734.
Current version reiplements support of idmapped mounts using Golang.

Performance measurement results:
Image           idmapped mount  recursive chown
BusyBox         00.135          04.964
Ubuntu          00.171          15.713
Fedora          00.143          38.799

Signed-off-by: Mauricio Vásquez <mauricio@kinvolk.io>
Signed-off-by: Artem Kuzin <artem.kuzin@huawei.com>
Signed-off-by: Alexey Perevalov <alexey.perevalov@huawei.com>
Signed-off-by: Ilya Hanov <ilya.hanov@huawei-partners.com>
2023-09-05 01:23:30 +03:00
..
reaper go.mod: github.com/containerd/go-runc v1.1.0 2023-05-17 13:45:37 +09:00
filesys_deprecated_windows.go replace sys Sequential funcs with moby/sys/sequential 2022-08-29 18:36:34 +02:00
filesys_unix.go Cleanup build constraints 2022-12-08 09:36:20 -08:00
filesys_windows.go sys: synchronize mkdirall() with latest os.MkDirAll() 2022-10-17 00:55:37 +02:00
oom_linux_test.go Use testify 2022-04-01 18:17:58 -07:00
oom_linux.go refactor: move from io/ioutil to io and os package 2021-09-21 09:50:38 +08:00
oom_unsupported.go Cleanup build constraints 2022-12-08 09:36:20 -08:00
socket_unix.go Cleanup build constraints 2022-12-08 09:36:20 -08:00
socket_windows.go Remove redundant build tags 2021-08-05 22:27:46 -07:00
subprocess_unsafe_linux.go mount: support idmapped mount points 2023-09-05 01:23:30 +03:00
userns_unsafe_linux.go mount: support idmapped mount points 2023-09-05 01:23:30 +03:00