Hi
Sorry if this topic has been already discussed. As the topic header says, i am able to see my ceph mount points IP’s within my container when I bind a folder in a ceph mounted location to the container.
eg:
Filesystem Type Size Used Avail Use% Mounted on
/dev/mapper/docker-252:0-5505040-173ec3f85ad1b1f2aabb93addd1c3f3fc2f8d2b5fb0ea8b9242e306b47ddd671 xfs 50G 1.5G 49G 3% /
tmpfs tmpfs 3.9G 0 3.9G 0% /dev
tmpfs tmpfs 3.9G 0 3.9G 0% /sys/fs/cgroup
172.xx.xx.xxx:6789,172.yy.yy.yyy:6789,172.zz.zz.zzz:6789:/ ceph 750G 119G 631G 16% /home/workspace
/dev/mapper/vg000-mysqlvol ext4 247G 17G 228G 7% /etc/hosts
shm tmpfs 64M 4.0K 64M 1% /dev/shm
tmpfs tmpfs 3.9G 0 3.9G 0% /sys/firmware
Here df -hT exposes that I am using ceph at backend and their IP’s and also it is getting executed in docker.
I do understand, that it is normal for a docker container to see the mount information like /dev/sda… but this causes ip to be exposed and it may cause security issues while the IP is exposed.
I can set a rule to block the access except a known IP’s, but still, exposing the IP kind of bugs me. Is there a way to mask the mount IP with the container.
Regards
SaruKazen