NFSv4 with Kerberos support
viktoriaas opened this issue · 3 comments
Is this a bug report or feature request?
- Feature Request
What should the feature do:
The feature should be able to mount NFSv4 storage with Kerberos authentication to Kubernetes -- the directory of the person logging in (home directory) should be visible in the pod and mounted on some path.
What is use case behind this feature:
I would be interested in developing this feature for mounting home folders of members of my university research groups that do use Kubernetes for their scientific computations. The home folders contain data needed for computations (and final data are saved here too). As the access to storages is behind Kerberos, the question of authenticating and providing username and password for successful mounting is open.
I am eager to somehow start working on this but I haven't developed in Kuberentes anything yet and I am not sure how to proceed. Any discussion, ideas are sincerely appreciated. Also, I'd like to contribute to directly to Rook project.
Environment:
I would be interested in developing this feature in University environment as an experimental feature. If successful, the feature might be later helpful to other people. We do have servers with C8/Deb9 where authorization via kinit is needed (authorization to certain realm). After that, the home folder of the person (together with other folders that are enabled via ACL) are accessible to the person.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in a week if no further activity occurs. Thank you for your contributions.
This issue has been automatically closed due to inactivity. Please re-open if this still requires investigation.
Not only the home directory, but the choosen one in th manifets:-).
This story would be really useful for those who are manging their infrastructure through an IDM (e.g. Redhat IDM or FreeIPA).
It would be really powerful to have security (authn and autz brought by krb5p) and scalability with rook!