Have you tried kubevirt, Colin? https://kubevirt.gitbooks.io/user-guide/installation/ It does require origin 3.9 or kube 1.9, but it's pretty nice for running vms under kube/openshift. On Wed, Jan 31, 2018 at 12:51 PM, Colin Walters <walters at verbum.org> wrote: > Hi, we'd like to migrate some of our workloads into > Kubernetes jobs; see for example: > https://github.com/projectatomic/papr/pull/70/commits/bdaabc975b6770e2c6826aa259cfd2c7fddd0b9e > > What are the available resources in apps.ci versus Duffy? > > A lot of our jobs want basically a "classic Docker" > environment with e.g. uid 0, but not CAP_SYS_ADMIN. And with seccomp disabled, etc. > I was trying to create the test pod below, but it fails. It looks like our accounts > use the default SCC. Can we lift these restrictions? > > BTW, I'd also like oci-kvm-hook installed, with this patch: https://github.com/stefwalter/oci-kvm-hook/pull/4 > > apiVersion: v1 > kind: DeploymentConfig > metadata: > labels: > run: cgwalters-shell > name: cgwalters-shell > spec: > replicas: 1 > selector: > run: cgwalters-shell > strategy: > resources: {} > template: > metadata: > labels: > run: cgwalters-shell > spec: > containers: > - args: > - sleep > - 24h > image: registry.fedoraproject.org/fedora:27 > name: cgwalters-shell > # Run as uid 0 > securityContext: > runAsUser: 0 > _______________________________________________ > Ci-users mailing list > Ci-users at centos.org > https://lists.centos.org/mailman/listinfo/ci-users