Skip to content

Add CVM limitation on file systems #327

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
May 6, 2021
Merged

Add CVM limitation on file systems #327

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
def0388
Add CVM limitation on file systems
IAmHughes May 5, 2021
9422d8f
Add .spelling file
kylecarbs May 5, 2021
2634c12
Remove .spelling file
kylecarbs May 5, 2021
2726581
Fix formatting
May 6, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 17 additions & 17 deletions admin/workspace-management/cvms.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,31 +3,31 @@ title: Docker in workspaces
description: Learn how to enable support for secure Docker inside workspaces.
---

If you're a site admin or a site manager, you can enable
[container-based virtual machines (CVMs)](../../workspaces/cvms.md) as a
workspace deployment option. CVMs allow users to run system-level programs, such
as Docker and systemd, in their workspaces.
If you're a site admin or a site manager, you can enable [container-based
virtual machines (CVMs)](../../workspaces/cvms.md) as a workspace deployment
option. CVMs allow users to run system-level programs, such as Docker and
systemd, in their workspaces.

## Infrastructure requirements

- CVMs leverage the
[Sysbox container runtime](https://github.com/nestybox/sysbox), so the
Kubernetes Node must run a supported Linux distro with the minimum kernel
version (see
[Sysbox distro compatibility](https://github.com/nestybox/sysbox/blob/master/docs/distro-compat.md)
- CVMs leverage the [Sysbox container
runtime](https://github.com/nestybox/sysbox), so the Kubernetes Node must run
a supported Linux distro with the minimum kernel version (see [Sysbox distro
compatibility](https://github.com/nestybox/sysbox/blob/master/docs/distro-compat.md)
for more information)
- The cluster must allow privileged containers and `hostPath` mounts. Read more
about why this is still secure [here](#security).

**Note:** Coder doesn't support legacy versions of cluster-wide proxy services
such as Istio.
> Coder doesn't support legacy versions of cluster-wide proxy services such as
Istio, and CVMs do not currently support NFS as a file system.

> NVIDIA GPUs can be added to CVMs on bare metal clusters only. This feature is
> not supported on Google Kubernetes Engine or other cloud providers at this
> time.
>
> Support for NVIDIA [GPUs](gpu-acceleration.md) is in **beta**. We do not
> support AMD GPUs at this time.
### GPUs

NVIDIA GPUs can be added to CVMs on bare metal clusters only. This feature is
not supported on Google Kubernetes Engine or other cloud providers at this time.

Support for NVIDIA [GPUs](gpu-acceleration.md) is in **beta**. We do not support
AMD GPUs at this time.

## Enabling CVMs in Coder

Expand Down