Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set per-user UID/GID to the work account in session containers #2592

Open
achimnol opened this issue Jul 30, 2024 · 0 comments
Open

Set per-user UID/GID to the work account in session containers #2592

achimnol opened this issue Jul 30, 2024 · 0 comments
Labels
type:feature Add new features urgency:2 With time limit, it should be finished within it; otherwise, resolve it when no other chores.
Milestone
24.09

Comments

@achimnol
Copy link
Member

achimnol commented Jul 30, 2024
edited
Loading

There is a customer site that wants to use their internal SSO system and set Linux UID/GID from it as their storage system is also bound to those UID/GIDs.

To keep those custom storage management scheme, we need to revive the "unmanaged" vfolder which provides the mount of arbitrary host path in the agents like a vfolder.

Note

Unmanaged vfolders do not comply with Backend.AI's own quota management (quota scopes), and all such administrative settings should be manually done by the customer.
Also, they cannot be created or deleted via our UI. They just exist and only can be configured by administrators.

This issue is about to add a plugin hook to customize the container settings so that an SSO plugin could modify the UID/GID passed to the session entrypoint which creates the work user in session containers.

Related issues
@achimnol achimnol added type:feature Add new features urgency:5 It is imperative that action be taken right away. labels Jul 30, 2024
@achimnol achimnol added this to the 24.09 milestone Jul 30, 2024
@achimnol achimnol added urgency:2 With time limit, it should be finished within it; otherwise, resolve it when no other chores. and removed urgency:5 It is imperative that action be taken right away. labels Aug 6, 2024
@kyujin-cho kyujin-cho mentioned this issue Sep 20, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type:feature Add new features urgency:2 With time limit, it should be finished within it; otherwise, resolve it when no other chores.
Projects
None yet
Milestone
24.09
Development

No branches or pull requests
1 participant
@achimnol