Recent content by harvie

Incus (LXD) 6.0 is using the vfs idmapping now. so it should be possible to implement in proxmox as well...

I am not really sure if LXC 5.0.2 (or even latest 5.0.3) can already make use of this new feature that is available in ZFS 2.2.0. I guess that would be a pre-requisite for proxmox to be able to use it. But i cannot really find any info regarding this. But LXC can use some additional layer called...

One thing is to include new version of ZFS to deb repository. Other thing is to actualy actively leverage new features in Proxmox UI. Proxmox developers have been bringing the cool ZFS stuff to us in the past, so probably this will come as well. But obviously, the task is not as trivial as...

Also alternatively there is something called shiftfs, which does similar thing on non-ZFS filesystems and seems to be slowly preparing it's way to the upstream... https://discuss.linuxcontainers.org/t/trying-out-shiftfs/5155 https://github.com/toby63/shiftfs-dkms

https://github.com/openzfs/zfs/releases/tag/zfs-2.2.0 OpenZFS 2.2.0 - Lists following new features: Linux container support (#12209, #14070, #14097, #12263) - Added support for Linux-specific container interfaces such as renameat(2), support for overlayfs, idmapped mounts in a user namespace...

Well. Debian has ZFS 2.0.3, while Proxmox has ZFS 2.1.9. Where There Is a Will, There Is a Way :-)

util-linux v2.39 release has support for id-mapping https://lwn.net/ml/linux-kernel/20230517112242.3rubpxvxhzsc4kt2@ws.net.home/ This might help to switch between privileged/unprivileged CT mode without having to rewrite all UIDs/GIDs in the root filesystem. I hope proxmox will make use of this...

Hello, there is already user-friendly system for downloading and deployment of CT templates. Why don't we have such thing for VMs as well? I can imagine two levels of this. 1.) Some list of commonly used ISOs that proxmox would allow me to dowload without having to lookup the URL. (eg. Debian...

i've just found this: https://pwning.systems/posts/escaping-containers-for-fun/ They simply set /proc/sys/kernel/core_pattern to execute user provided binary in host context by triggering coredump inside of privileged docker container. Can this be done with privileged CTs on proxmox? Or is...

I never had any issue with it.

https://discuss.linuxcontainers.org/t/lxd-4-20-has-been-released/12540 LXD now has live migration. Perhaps recently the CRIUgenic technology has advanced a bit and Proxmox can start looking into this as well?

Syncthing is really cool, but i don't think this usecase would be currently supported by syncthing. These are my concerns: 1.) File permissions, extended attributes and other advanced metadata might not fully sync 2.) Syncthing can only write files under single user/owner. 3.) Syncing database...

Anyway, i went ahead and suggested this in pve bugzilla: https://bugzilla.proxmox.com/show_bug.cgi?id=3637

There is still some discussion about mainlining this: https://github.com/dolohow/uksm/issues/41#issuecomment-926282376 I think this might need fulltime developer for one or two months to get into upstream. But still might be well worth it for all the large scale PVE/LXC deployments out there...

Recursive bind mount would make lot of sense IMO. Please raise a feature request at https://bugzilla.proxmox.com/