You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
If we want to use perf, for instance, we need to expose more information from the host. SYS_ADMIN capability is required at the launch of the container. However, it's a risky operation to add these capabilities for everyone without control.
Describe the solution you'd like
A good compromise is to allow the INGInious administrator to run a Docker agent with additional capabilities for the containers it runs. This ensures only selected hosts are more exposed than others, and that this choice is made by the platform administrator.
This could be an inginious-agent-docker command line argument or stored in a config file (in this case it could be worth moving all the agent arguments, such as problem plugins, in that file).
The remaining question is to know whether this feature should be announced back to the queue so that the jobs are correctly routed to the right agent or if this should remain an obscure feature used with specificly designed environments for that host.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
If we want to use
perf, for instance, we need to expose more information from the host.SYS_ADMINcapability is required at the launch of the container. However, it's a risky operation to add these capabilities for everyone without control.Describe the solution you'd like
A good compromise is to allow the INGInious administrator to run a Docker agent with additional capabilities for the containers it runs. This ensures only selected hosts are more exposed than others, and that this choice is made by the platform administrator.
This could be an
inginious-agent-dockercommand line argument or stored in a config file (in this case it could be worth moving all the agent arguments, such as problem plugins, in that file).The remaining question is to know whether this feature should be announced back to the queue so that the jobs are correctly routed to the right agent or if this should remain an obscure feature used with specificly designed environments for that host.
The text was updated successfully, but these errors were encountered: