search

kubernetes-sigs / cluster-api

Home for Cluster API, a subproject of sig-cluster-lifecycle
https://cluster-api.sigs.k8s.io
Apache License 2.0
3.53k stars 1.3k forks source link

[capd] Support for rootless docker #8494

Closed josecastillolema closed 1 year ago

josecastillolema commented 1 year ago

What would you like to be added (User Story)?

Is there a way to run capd using rootless docker? I am getting this error in the capd-system pod: failed to create containerd task: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error creating device nodes: mount /dev/bus/usb/002/003:/run/containerd/io.containerd.runtime.v2.task/k8s.io/7094ef726dcfe7972689f3071b13a7bbc1cbfe158b679f79167c85def8a111b4/rootfs/dev/bus/usb/002/003 (via /proc/self/fd/6), flags: 0x1000: no such file or directory: unknown

Have tried updating the dockersock volume path but got the same result:

  - hostPath:
      path: /run/user/1000/docker.sock
      type: ""
    name: dockersock

Detailed Description

Support for rootless docker on capd

Anything else you would like to add?

No response

Label(s) to be applied

/kind feature One or more /area label. See https://github.com/kubernetes-sigs/cluster-api/labels?q=area for the list of labels.

k8s-ci-robot commented 1 year ago

This issue is currently awaiting triage.

If CAPI contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
josecastillolema commented 1 year ago

Updating the management kind cluster setup as follows did the trick:

kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
name: mgmt
networking:
  apiServerAddress: "127.0.0.1"
nodes:
- role: control-plane
  image: docker.io/kindest/node:v1.23.6
  extraMounts:
    - hostPath: /run/user/1000/docker.sock
      containerPath: /var/run/docker.sock
containerdConfigPatches:
- |-
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:5000"]
    endpoint = ["http://kind-registry:5000"]
fabriziopandini commented 1 year ago

Thanks for reporting back the solution, really appreaciated