Drop unused capabilities from containers
Bug #1636424 reported by
Christian Berendt
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| kolla |
Invalid
|
Wishlist
|
Steven Dake | ||
Bug Description
With Docker it is possible to drop unused capabilities from containers. It should be checked if it is possible there are unused capabilities that can be dropped by default (e.g. mknod).
http://
| Changed in kolla: | |
| milestone: | none → ocata-1 |
Revision history for this message
| Steven Dake (sdake) wrote | #1 |
| Changed in kolla: | |
| status: | New → Incomplete |
| importance: | Undecided → High |
| importance: | High → Wishlist |
| assignee: | nobody → Steven Dake (sdake) |
| Changed in kolla: | |
| milestone: | ocata-1 → ocata-2 |
| Changed in kolla: | |
| milestone: | ocata-2 → ocata-3 |
Revision history for this message
| Christian Berendt (berendt) wrote | #2 |
| Changed in kolla: | |
| status: | Incomplete → Invalid |
To post a comment you must log in.
This is a feature, and should be tracked in a blueprint. We have known for some time that capabilities tuning would be beneficial to Kolla - just no time to do the implementation.
FWIW if I was prioritizing this blueprint, I'd say its essential for ocata.
Please file a blueprint.
Thanks
-steve