I’m looking to better understand the implications of running unprivileged containers inside a privileged LXD container. My understanding is that setting
security.privileged=true on an LXD container has severe security implications - software within the LXD container can potentially affect the host.
Would an unprivileged container running within such an LXD container be considered safe?
My specific use-case is running multiple Kubernetes clusters on a single set of LXD hosts, whilst giving each Kubernetes host (LXD container) elevated privileges such as the ability to create/modify ZFS datasets of the host (by passing /dev/zfs to the LXD container), for use by OpenEBS ZFS LocalPV.
I consider the Kubernetes LXD containers to be trusted - but not the containers being spun up by Kubernetes.
I want to do this because I want ZFS to be beneath my entire infrastructure to be as flexible as possible with storage. In the future I’ve love to see “virtualized ZFS” - the ability to dedicate a dataset to a unprivileged container and for that container to be able to create/delete/change properties of anything beneath that dataset.