We are trying to mount lustre filesystem inside running container, and have successfully done this via containers which are running in priviledged mode.
However for those containers which are running in non-privilidged mode, mounting lustre failed, even if all capabilites linux provides — tens of capabilities — were included!
- what is difference between "priviledged: True" and "cap_add: all capabilites"?
- Why mounting lustre still fails when all capabilities were added to the container?
Source: Docker Questions