infra
/
kubernetes
1
0
Fork 0
Code Pull Requests 4 Activity
kubernetes/device-plugins
History
Dustin 80df160ceb device-plugins: Allow FUSE plugin on Jenkins nodes 
Jenkins jobs that build container images need access to `/dev/fuse`.
Thus, we have to allow Pods managed by the *fuse-device-plugin*
DaemonSet to be scheduled on nodes that are tainted for use exclusively
by Jenkins jobs.
 		2024-02-13 07:56:35 -06:00
..
README.md device-plugins: Add fuse-device-plugin DaemonSet 2023-10-10 22:31:44 -05:00
fuse-device-plugin.yaml device-plugins: Allow FUSE plugin on Jenkins nodes 2024-02-13 07:56:35 -06:00

README.md

Device Plugins

Kubernetes Device Plugins are processes that map device nodes into unprivileged containers. They provide an alternative to manually bind-mounting devices using pod volumes, which typically requires granting container processes more privileges than they would otherwise need.

fuse-device-plugin

The fuse-device-plugin is a simple plugin that maps the /dev/fuse device node into a container. This device node is required in order to use FUSE filesystems. Buildah, for example, used an FUSE implementation of OverlayFS when building container images in an unprivileged container.

As of October 2023, Upsteam development of the fuse-device-plugin appears to have stalled, and its "official" container image is several years old at this point. While the project itself is simple and probably does not need much maintenance, running a container based on an operating system that old is quite dangerous. As such, I've created created my own container image for it that gets rebuilt and updated automatically.