-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Rootless Docker / Kubernetes #1797
Comments
I would also assign @AkihiroSuda but they're not an org member so github won't let me (kubernetes does not do repo level collaboration by policy, only org membership 🤷) Consider them assigned anyhow 🙃 (and thank you!) |
(FWIW I think GitHub has changed permissions such that if they comment on this issue then they can be assigned) |
👍 |
/assign @AkihiroSuda |
/remove-lifecycle stale |
/remove-lifecycle stale |
The KEP is still blocked, but I expect to ship @AkihiroSuda's kind workaround PR O(soon) / in this next release. |
#1935 is shipped. this will be in v0.11.0 |
Yes, I'd sort of been holding off for kubernetes/kubernetes#99336 (fix a large regression in startup time for tiny efficient clusters in kubernetes v1.20.4+), but we can just push a new node image for 1.20.2 |
that is done, and the default at HEAD #2119 |
Thanks @BenTheElder ! |
I'll open a PR to add rootless CI after getting #2127 merged. |
experiencing rootless Docker issues as well on selfhosted Github runner. essentially I followed the setup as described here. https://kind.sigs.k8s.io/docs/user/rootless/#host-requirements # https://kind.sigs.k8s.io/docs/user/rootless/#host-requirements
echo GRUB_CMDLINE_LINUX="systemd.unified_cgroup_hierarchy=1" >> /etc/default/grub
update-grub
cat >/etc/systemd/system/[email protected]/delegate.conf <<-EOF
[Service]
Delegate=yes
EOF
systemctl daemon-reload That still fails. Run helm/[email protected]
with:
node_image: kindest/node:v1.19.7
env:
pythonLocation: /home/runners/actions-runner/_work/_tool/Python/3.7.10/x64
LD_LIBRARY_PATH: /home/runners/actions-runner/_work/_tool/Python/3.7.10/x64/lib
CT_CONFIG_DIR: /home/runners/actions-runner/_work/_tool/ct/v3.3.1/x86_64/etc
VIRTUAL_ENV: /home/runners/actions-runner/_work/_tool/ct/v3.3.1/x86_64/venv
Adding kind directory to PATH...
Adding kubectl directory to PATH...
kind v0.9.0 go1.15.2 linux/amd64
Client Version: version.Info{Major:"1", Minor:"19", GitVersion:"v1.19.1", GitCommit:"206bcadf021e76c27513500ca24182692aabd17e", GitTreeState:"clean", BuildDate:"2020-09-09T11:26:42Z", GoVersion:"go1.15", Compiler:"gc", Platform:"linux/amd64"}
Creating kind cluster...
Creating cluster "chart-testing" ...
• Ensuring node image (kindest/node:v1.19.7) 🖼 ...
✓ Ensuring node image (kindest/node:v1.19.7) 🖼
• Preparing nodes 📦 ...
✓ Preparing nodes 📦
• Writing configuration 📜 ...
✗ Writing configuration 📜
ERROR: failed to create cluster: failed to generate kubeadm config content: failed to get kubernetes version from node: failed to get file: command "docker exec --privileged chart-testing-control-plane cat /kind/version" failed with error: exit status 1
Command Output: Error response from daemon: Container 2cfd8f32bd974c3dc7ea5ae24a7e9fe959648eebacb0428d46383ff84f490540 is not running
|
You need kind v0.11. Unreleased yet, but feature is available on main branch. (You need to build the node image in addition to kind binary by yourself) |
(First sentence on the page, note that install guide and release pages list v0.10.0) It will be released soon. In the meantime you can try it early from installing at HEAD. Clone, |
|
I've built it from master to try it and it looks like it's using |
Please set |
@AkihiroSuda I did that, but it still seems to use
|
I don't think it's reading cgroup version from Docker (you can verify with Does /sys/fs/cgroup/cgroup.controllers exist with non-empty content? If not, podman is returning wrong cgroup version. (Please report to Podman repo) |
@AkihiroSuda I have podman configured to point to a Linux VM (from my Mac). So it should use |
Remote podman is unsupported Reason: kind/pkg/cluster/internal/providers/podman/provider.go Lines 374 to 375 in b6bc112
|
Thanks @AkihiroSuda |
FYI: I added rootless (and kind) to Apr 20 SIG-node agenda https://docs.google.com/document/d/1Ne57gvidMEWXR70OxxnRkYquAoMpt56o75oZtg-OeBg/edit# |
Support for remote podman is being added in #2256 |
from the original checklist we are now just waiting on kubernetes/kubernetes#92863 which is almost to the finish line 🤞 |
I'll open a PR to use The current |
can we say that this is done @BenTheElder ? |
What would you like to be added:
Support for "rootless" docker hosts, docker 20.X should support this.
Why is this needed:
To continue working with the ecosystem as it moves forward.
Related issues / PRS:
/sys/fs/cgroup/sys/fs/cgroup
is created kubernetes/kubernetes#94104/sys/fs/cgroup/sys/fs/cgroup
is created kubernetes/kubernetes#94104The text was updated successfully, but these errors were encountered: