| *** igordc has quit IRC | 00:03 | |
| *** pvdp has quit IRC | 00:11 | |
| *** lcastell has joined #kata-general | 00:39 | |
| *** lcastell has quit IRC | 00:43 | |
| *** lcastell has joined #kata-general | 00:44 | |
| *** lcastell has quit IRC | 00:48 | |
| *** tmhoang has joined #kata-general | 09:00 | |
| *** altlogbot_2 has quit IRC | 10:38 | |
| *** altlogbot_2 has joined #kata-general | 10:40 | |
| *** psyton has quit IRC | 17:25 | |
| kata-irc-bot2 | <kevin.fox> trying to load kata into minikube (for testing) | 20:11 |
|---|---|---|
| kata-irc-bot2 | <kevin.fox> I grabbed the release tarball for 1.7. | 20:11 |
| kata-irc-bot2 | <kevin.fox> extracted. updated path in /etc/sysconfig/containerd | 20:11 |
| kata-irc-bot2 | <kevin.fox> copied the defaults into /etc/kata-containers | 20:12 |
| kata-irc-bot2 | <kevin.fox> added the info in /etc/containerd/config.toml | 20:12 |
| kata-irc-bot2 | <kevin.fox> restarted everthing. | 20:12 |
| kata-irc-bot2 | <kevin.fox> the ctr manual run of a conttainer works. | 20:12 |
| kata-irc-bot2 | <kevin.fox> i added the runtimeclass in k8s then launched a pod. | 20:13 |
| kata-irc-bot2 | <kevin.fox> it fails. | 20:13 |
| kata-irc-bot2 | <kevin.fox> | 20:13 |
| kata-irc-bot2 | <kevin.fox> k8s 1.14.1 and kata 1.7.0 and containerd 1.2.0. | 20:13 |
| kata-irc-bot2 | <kevin.fox> any ideas? | 20:13 |
| kata-irc-bot2 | <greg.bock> nested virtualization requirements if you are doing minikube? | 20:14 |
| kata-irc-bot2 | <greg.bock> what is the host os? | 20:14 |
| kata-irc-bot2 | <kevin.fox> ctr based test worked. | 20:15 |
| kata-irc-bot2 | <kevin.fox> minikube | 20:15 |
| kata-irc-bot2 | <kevin.fox> so its some mapping between kubernetes and kata. | 20:15 |
| kata-irc-bot2 | <kevin.fox> I added this section to the config: | 20:15 |
| kata-irc-bot2 | <kevin.fox> [plugins.cri.containerd.runtimes.kata] runtime_type = "io.containerd.kata.v2" | 20:15 |
| kata-irc-bot2 | <kevin.fox> and this runtimeConfig | 20:16 |
| kata-irc-bot2 | <kevin.fox> | 20:16 |
| kata-irc-bot2 | <kevin.fox> this works from within minikube: ctr run --runtime io.containerd.run.kata.v2 -t --rm docker.io/library/busybox:latest hello sh | 20:16 |
| kata-irc-bot2 | <greg.bock> what is uname inside that container? | 20:23 |
| kata-irc-bot2 | <greg.bock> sure it is actually a kata container? | 20:23 |
| kata-irc-bot2 | <kevin.fox> yeah. qemu shows up in the process list when running. disapears when done. | 20:35 |
| kata-irc-bot2 | <kevin.fox> so kata is working well. | 20:35 |
| kata-irc-bot2 | <kevin.fox> its some problem between k8s, containerd, and kata. | 20:36 |
| kata-irc-bot2 | <kevin.fox> doesnt show when its just containerd and kata. | 20:36 |
| kata-irc-bot2 | <greg.bock> what cri are you using in k8s? | 20:42 |
| kata-irc-bot2 | <kevin.fox> containerd's. | 20:43 |
| kata-irc-bot2 | <kevin.fox> containerd forked the process like: [pid 14541] execve("/opt/kata/bin/containerd-shim-kata-v2", ["/opt/kata/bin/containerd-shim-kata-v2", "-namespace", "k8s.io", "-address", "/run/containerd/containerd.sock", "-publish-binary", "/usr/bin/containerd", "-id", "8b6c478a8267ed034ff7dd51e18562920262606aca4fce438bee7f7ea33dcda9", "start"], 0xc4208b8e00 /* 7 vars */) = 0 | 20:43 |
| kata-irc-bot2 | <greg.bock> https://github.com/kata-containers/documentation/pull/445 | 20:46 |
| kata-irc-bot2 | <greg.bock> perhaps | 20:46 |
| kata-irc-bot2 | <kevin.fox> looking | 20:47 |
| kata-irc-bot2 | <kevin.fox> hmm.. wont work with containerd.... would let me test with cri-o tough. | 20:55 |
| kata-irc-bot2 | <kevin.fox> but ultimately, I'm testing this to reenable kata on our prod containerd/k8s cluster. | 20:55 |
| kata-irc-bot2 | <kevin.fox> I'm hoping the emptydir support that landed in 1.7 will finally enable the docker in docker container to run if backed with an emptyDir volume. | 20:56 |
| kata-irc-bot2 | <kevin.fox> for its built in containerd config, I don't see really anything I'm not doing too... so probably not a misconfiguration.... | 20:57 |
| kata-irc-bot2 | <kevin.fox> conflating to different issues I guess. emptydir support, and container engine..... I'll try the minikube doc from scratch with the crio engine to validate emptyDir with dnd works. if it doesn't, its probably not worth continuing to debug the containerd side for now... | 20:59 |
| *** tmhoang_ has joined #kata-general | 20:59 | |
| *** tmhoang has quit IRC | 21:00 | |
| kata-irc-bot2 | <kevin.fox> same error.... | 21:10 |
| kata-irc-bot2 | <kevin.fox> Warning FailedCreatePodSandBox 3s kubelet, minikube Failed create pod sandbox: rpc error: code = Unknown desc = container create failed: Failed to add filter for index 4 : no such file or directory | 21:10 |
| kata-irc-bot2 | <kevin.fox> so, seems like 1.7.0 may be broken? | 21:13 |
| kata-irc-bot2 | <kevin.fox> ok. doing a really basic thing: | 22:01 |
| kata-irc-bot2 | <kevin.fox> | 22:02 |
| kata-irc-bot2 | <kevin.fox> found the answer in the minikube doc issue. | 22:04 |
| kata-irc-bot2 | <kevin.fox> /opt/kata/share/defaults/kata-containers and edit the configuration-qemu.toml. Flip the default networking from tcfilter to macvtap, and then you can launch the kata deployment/container! :slightly_smiling_face: | 22:05 |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!