Closed
Description
User-namespaced workspaces need a means to shift the UID of the underlying root file system. At the moment we support shiftfs only. Shiftfs works well for gitpod.io, but is unlikely to suffice in other installations because of its hard Ubuntu dependency.
Other means for implementing the UID shift are:
- overlayfs metacopy + chown: overlayfs supports a mode where metadata changes do not copy up the entire file. This metacopy mode together with a
chownoperation could shift the UIDs. Thechownmakes this expensive at startup time though. - fuse-overlayfs: is a userland implementation of overlayfs which supports UID shifting OOTB. This is what podman and others use. It's cheap at startup time, but incurs a runtime CPU penalty because it runs in userland.
- idmapped mounts: bring this kind of feature natively to the kernel. It's not yet upstream though, and if it were, we cannot mandate require such a new Kernel version for self-hosted.
From this list, fuse-overlayfs seems the best choice. It has widespread support and is easy to integrate.
Solution outline
In supervisor ring1 we make the PrepareForUserNS call to ws-daemon. ws-daemon would know if we want to use shiftfs (and if so, should validate that shiftfs is available during startup) and return an indicator if supervisor should use shiftfs or fuse-overlayfs. In pseudo-code:
func ring1() {
resp := client.PrepareForUserNS()
var args []string
switch resp.FSShift {
case api.FSShift_Shiftfs:
args = append(args, "--fsshift", "shiftfs")
case api.FSShift_FuseOverlayfs:
args = append(args, "--fsshift", "fuse-overlayfs")
default:
panic("unknown fs shift method")
}
execRing2(args)
}
func ring2() {
switch fsshift {
case "fuse-overlayfs":
mountFuseOverlayfs()
case ...
}
}