When moving from using CSI Agent to mount extracted cache to using PVCs, GKM under went a major rewrite. One of the motivations for the move to PVCs was to remove the need for GKM to access the host node's filesystem and thus remove the higher privileges needed to do so. Revisit what permissions are required for GKM to run.
Note: There is work in MCV to move to https://github.com/jaypipes/ghw, which will allow MCV to detect GPU devices without root privileges. This will be needed to reduce GKMs permissions.
When moving from using CSI Agent to mount extracted cache to using PVCs, GKM under went a major rewrite. One of the motivations for the move to PVCs was to remove the need for GKM to access the host node's filesystem and thus remove the higher privileges needed to do so. Revisit what permissions are required for GKM to run.
Note: There is work in MCV to move to https://github.com/jaypipes/ghw, which will allow MCV to detect GPU devices without root privileges. This will be needed to reduce GKMs permissions.