search

eclipse-che / che

Kubernetes based Cloud Development Environments for Enterprise Teams
http://eclipse.org/che
Eclipse Public License 2.0
6.99k stars 1.19k forks source link

Update UDI to allow using fuse-overlay rather than VFS with podman/buildah #21693

Open l0rd opened 2 years ago

l0rd commented 2 years ago

Is your enhancement related to a problem? Please describe

VFS is slow and building an image using Eclispe Che may take minutes when the same build takes seconds on a local machine.

Describe the solution you'd like

Configure docker/podman in the Universal Developer Image to use Fuse instead of VFS and test to build and image on OpenShift.

Additional context

It's recommended to use fuse-overlayfs rather than VFS when using podman/buildah/docker There was an initiative to use Fuse overlay by default

nickboldt commented 2 years ago

fuse-overlayfs-1.9-1.module+el8.6.0+15917+093ca6f8 exists in RHEL 8.6.

So we can install that, and then follow steps to configure podman:

https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md#ensure-fuse-overlayfs-is-installed

l0rd commented 2 years ago

Downstream issue

che-bot commented 1 year ago

Issues go stale after 180 days of inactivity. lifecycle/stale issues rot after an additional 7 days of inactivity and eventually close.

Mark the issue as fresh with /remove-lifecycle stale in a new comment.

If this issue is safe to close now please do so.

Moderators: Add lifecycle/frozen label to avoid stale mode.

l0rd commented 1 year ago

/remove-lifecycle stale

cgruver commented 1 year ago

@l0rd Try this, it works.

Create a MachineConfig to enable containers to use /dev/fuse

cat << EOF | butane | oc apply -f -
variant: openshift
version: 4.13.0
metadata:
  labels:
    machineconfiguration.openshift.io/role: worker
  name: nested-podman
storage:
  files:
  - path: /etc/crio/crio.conf.d/99-nested-podman
    mode: 0644
    overwrite: true
    contents:
      inline: |
        [crio.runtime.workloads.nested-podman]
        activation_annotation = "io.openshift.nested-podman"
        allowed_annotations = [
          "io.kubernetes.cri-o.Devices"
        ]
        [crio.runtime]
        allowed_devices=["/dev/fuse"]
EOF

Note: Use machineconfiguration.openshift.io/role: master on SNO

Next, create a Dev Spaces workspace with a Podman enabled image.

Edit the devfile and add this to the container that runs vscode:

attributes:
  pod-overrides: {"metadata": {"annotations": {"io.kubernetes.cri-o.Devices":"/dev/fuse","io.openshift.nested-podman":""}}}

Restart the workspace from the local devfile.

Remove the vfs configuration if it has been set in ~/.config/containers/storage.conf

Then run a podman build

che-bot commented 9 months ago

Issues go stale after 180 days of inactivity. lifecycle/stale issues rot after an additional 7 days of inactivity and eventually close.

Mark the issue as fresh with /remove-lifecycle stale in a new comment.

If this issue is safe to close now please do so.

Moderators: Add lifecycle/frozen label to avoid stale mode.

l0rd commented 8 months ago

/remove-lifecycle stale