[v0.13] allow network.host daemon entitlement by default in container drivers #2255

tonistiigi · 2024-02-12T21:16:35Z

Description

Based on comments in moby/buildkit#4524 (comment) , there shouldn't be a need to set --allowed-entitlemtns network.host as buildkitd flags when builder runs in a container as the container network is already isolated. At least when --driver-opt network does not equal host.

The text was updated successfully, but these errors were encountered:

crazy-max · 2024-02-13T10:38:19Z

I think it would also makes sense for kubernetes driver (cc @AkihiroSuda)

crazy-max · 2024-02-13T14:45:11Z

I was wondering one thing. Should we set this entitlement silently when creating the builder or set it in buildx store? I think silently makes sense.

tonistiigi added kind/enhancement New feature or request status/triage labels Feb 12, 2024

tonistiigi added this to the v0.13.0 milestone Feb 12, 2024

tonistiigi assigned crazy-max Feb 12, 2024

tonistiigi mentioned this issue Feb 12, 2024

network mode "custom_network" not supported by buildkit #175

Open

crazy-max mentioned this issue Feb 21, 2024

driver: set network.host entitlement by default for container drivers #2266

Merged

crazy-max closed this as completed in #2266 Feb 23, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[v0.13] allow network.host daemon entitlement by default in container drivers #2255

[v0.13] allow network.host daemon entitlement by default in container drivers #2255

tonistiigi commented Feb 12, 2024

crazy-max commented Feb 13, 2024

crazy-max commented Feb 13, 2024

[v0.13] allow network.host daemon entitlement by default in container drivers #2255

[v0.13] allow network.host daemon entitlement by default in container drivers #2255

Comments

tonistiigi commented Feb 12, 2024

Description

crazy-max commented Feb 13, 2024

crazy-max commented Feb 13, 2024