From 9a410ee704b298a668985e11dd2dfede9beb6006 Mon Sep 17 00:00:00 2001 From: Daniel Chadwick Date: Thu, 8 Feb 2024 16:24:27 -0500 Subject: [PATCH] OSDOCS9297: Using /dev/fuse to access faster builds --- _topic_maps/_topic_map.yml | 2 + ...nodes-containers-dev-fuse-configuring.adoc | 66 +++++++++++++++++++ .../containers/nodes-containers-dev-fuse.adoc | 11 ++++ 3 files changed, 79 insertions(+) create mode 100644 modules/nodes-containers-dev-fuse-configuring.adoc create mode 100644 nodes/containers/nodes-containers-dev-fuse.adoc diff --git a/_topic_maps/_topic_map.yml b/_topic_maps/_topic_map.yml index e5fbd5c27f..83ccf5af0b 100644 --- a/_topic_maps/_topic_map.yml +++ b/_topic_maps/_topic_map.yml @@ -2507,6 +2507,8 @@ Topics: File: nodes-containers-port-forwarding - Name: Using sysctls in containers File: nodes-containers-sysctls + - Name: Accessing faster builds with /dev/fuse + File: nodes-containers-dev-fuse - Name: Working with clusters Dir: clusters Topics: diff --git a/modules/nodes-containers-dev-fuse-configuring.adoc b/modules/nodes-containers-dev-fuse-configuring.adoc new file mode 100644 index 0000000000..f112573e1c --- /dev/null +++ b/modules/nodes-containers-dev-fuse-configuring.adoc @@ -0,0 +1,66 @@ +// Module included in the following assemblies: +// +// * nodes/nodes-containers-dev-fuse.adoc + +:_mod-docs-content-type: PROCEDURE +[id="nodes-containers-dev-fuse-configuring_{context}"] += Configuring /dev/fuse on unprivileged pods + +As an alternative to the virtual filesystem, you can configure the `/dev/fuse` device to the `io.kubernetes.cri-o.Devices` annotation to access faster builds within unprivileged pods. Using `/dev/fuse` is secure, efficient, and scalable, and allows unprivileged users to mount an overlay filesystem as if the unprivileged pod was privileged. + +.Procedure + +. Create the pod. ++ +[source,terminal] +---- +$ oc exec -ti no-priv -- /bin/bash +---- ++ +[source,terminal] +---- +$ cat >> Dockerfile <