RFC: Runner host mounts

[tcmal]

Rendered

Discussed briefly in concourse/concourse#4241

[taylorsilva]

Thanks for the RFC! I'll get around to reviewing it soon.

[taylorsilva]

Thanks so much for this RFC. No major blockers here, just some nit-pick stuff. Interested in your thoughts. I'll start trying to share the RFC as well to see if other community members have thoughts about it.

[analytically]

I'm happy to help implement this @tcmal

[taylorsilva]

@tcmal Sorry for the long silence from my end. I want to put momentum behind this RFC again.

I've read it again and noticed nothing mentioned about read/write permissions of the mounts. Who has control over that? Do operators get to decide if the mounts are rw/ro or is that up to the task writer to decide?

My instinct tells me we should probably let the operators decide between between rw/ro permissions for each mount. Maybe we could allow task writers to downgrade to ro for their mounts even if the operator allows rw for the given mount. What are your thoughts on this?

[taylorsilva]

Could we add an example of using host_mounts as well please? Similar to what you showed in this comment: concourse/concourse#4241 (comment)

[taylorsilva]

Suggested change

	# Answered Questions
	# Answered Questions
	* > Which container runtimes (guardian and containerd) will support this feature? Can we support it in both runtimes?
	Looks like we can have this feature added to both runtimes. The garden client is the interface we have between both the guardian and containerd runtimes. We'll need to do the plumbing work ourselves for the containerd runtime, but we'll get this for free with the guardian runtime.
	https://github.com/cloudfoundry/garden/blob/f0775181931df979cbeee43604327bb207ae0c9d/client.go#L190-L208

Adding and answering my own question.

[taylorsilva]

Would be the same situation for users running Concourse on k8s, which there are a lot of.

Either way, the answer here is to document it. Can move this to the Answered section.

[taylorsilva]

Let's move this to the Answered section as well, with the answer being that we document that the onus is on operators to ensure their host mounts have the correct permissions and suggesting some useful defaults.

[kcbimonte]

@tcmal Sorry for the long silence from my end. I want to put momentum behind this RFC again.

I've read it again and noticed nothing mentioned about read/write permissions of the mounts. Who has control over that? Do operators get to decide if the mounts are rw/ro or is that up to the task writer to decide?

My instinct tells me we should probably let the operators decide between between rw/ro permissions for each mount. Maybe we could allow task writers to downgrade to ro for their mounts even if the operator allows rw for the given mount. What are your thoughts on this?

If thinking rw permissions, may want to reframe this RFC a bit. At first I thought of this as ro like mounting self signed certificates but to introduce write could get weird.

What if instead we "extend" the get and put prototypes to make it clear we are getting files from the host and, if allowed, putting files onto the host. That opens up Concourse, for better or for worse, to use worker local storage as job gates if we use file checksums as the version.

Obviously this is an entirely different direction than just mounting a folder, but just an initial thought when reading the proposal to allow rw permissions.