Experimental kind podman support for hive development. #982
Conversation
openshift-ci-robot
added
the
do-not-merge/work-in-progress
openshift-ci-robot
added
the
approved
hack/create-kind-podman-cluster.sh
Outdated
|
|
||
| # create registry container unless it already exists | ||
| reg_name='kind-podman-registry' | ||
| reg_port='5001' |
There was a problem hiding this comment.
Should be 5000 I'm just testing along side docker at the moment.
|
|
||
| sudo cp /root/.kube/config ~/.kube/${cluster_name}.kubeconfig | ||
| sudo chown $USER ~/.kube/${cluster_name}.kubeconfig | ||
| echo "Kubeconfig written to $HOME/.kube/${cluster_name}.kubeconfig" |
There was a problem hiding this comment.
This could probably be better...
|
Current status, this gets hive running but we cannot launch an install, podman will not let us exec/fork to run openshift-install in our install pods, because the binary is copied into /output by the sidecar container and this is mounted with noexec. Could we perhaps copy to /bin in installmanager? cc @joelddiaz |
I'd like to spend some time with the kind/docker setup to compare with how things are being brought up there compared to the kind/podman setup. But certainly moving the binary to mountpoint that isn't noexec will work around the immedate issue. |
|
Commit added to copy the binaries to /bin. This is working for me locally, I have an install running now. |
|
Wonder if we should have a copy retry: |
|
I have added a commit which copies the binaries to /home/ where we have a homedir and permissions to write/run. This seems to be working fine. However it looks like kind and or podman will be fixing the noexec in a future release. I would still propose we just merge this change to run from /home as it works fine and gets us kind+podman in the meantime. |
dgoodwin
changed the title
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
|
|
||
| return destTarball, nil | ||
| } | ||
|
|
There was a problem hiding this comment.
This was dead code.
|
Reverted the 5001 port back to 5000. |
+1 |
|
Multiple testers, I think we're good to go with this one. |
pkg/installmanager/installmanager.go
Outdated
| fileList := []string{ | ||
| filepath.Join(m.WorkDir, "openshift-install"), | ||
| filepath.Join(m.WorkDir, "oc"), | ||
| } | ||
| m.waitForFiles(fileList) | ||
|
|
||
| // copy each binary to /bin to avoid situations where the workdir may be mounted with noexec. | ||
| // (i.e. kind + podman) |
There was a problem hiding this comment.
Are you trying to say that "kind + podman" is the situation or an example of a situation?
There was a problem hiding this comment.
Was originally meant to be an example. Clarifying a little bit.
pkg/installmanager/installmanager.go
Outdated
| @@ -466,12 +471,32 @@ func (m *InstallManager) waitForFiles(files []string) { | |||
| m.log.Infof("all files found, ready to proceed") | |||
| } | |||
|
|
|||
| func (m *InstallManager) waitForInstallerBinaries() { | |||
| func (m *InstallManager) waitForInstallerBinaries() error { | |||
There was a problem hiding this comment.
The name of this function should be changed. It is doing more than just waiting for binaries now. It would seem that its main purpose now is to copying the binaries to the needed location.
hack/create-kind-podman-cluster.sh
Outdated
| # This script creates a kind cluster and configures it to use an insecure registry | ||
| # running on the host OS. | ||
| # | ||
| # USAGE: sudo DEV_USER=myusername ./hack/create-kind-cluster-podman.sh [cluster_name] |
There was a problem hiding this comment.
Is the advice about using sudo and DEV_USER left over from a previous iteration?
There was a problem hiding this comment.
Yes good catch thanks. Switched to in-script sudo so it could more easily get you a kubeconfig you could use as a non-root user.
/output is getting mounted with noexec in this environment and thus we quickly fail all provisions as we can't run the openshift-install binary. Copy the binaries to /home/hive as soon as we see they've been written to /output where we know we can exec them. Uses cp vs any Go copy just for simplicity and to avoid memory problems.
|
Updated! |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dgoodwin, joelddiaz The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
1 similar comment
|
/retest Please review the full test history for this PR and help us cut down flakes. |
No description provided.