| kata-irc-bot | <vasek.mlejnsky> > Curious how you were able to enable virt? GKE doesn't allow to set a custom boot image for nodes but you can do a little workaround and edit the existing image. The solution is very GCP specific: You have to edit a template that GCP is using to deploy it's nodes (= compute engine VMs). You enable the virt, in the new template and replace the old template with the new one. The cluster then restarts itself and deploy nodes | 06:36 |
|---|---|---|
| kata-irc-bot | based on the new template. It's based on this solution - https://issuetracker.google.com/issues/110507927#comment22 > Did you apply rbac? Yes. Once I had virt enabled, I ran these to install Kata: ```# Kata kubectl apply -f https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/kata-rbac/base/kata-rbac.yaml kubectl apply -f | 06:36 |
| kata-irc-bot | https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/kata-deploy/base/kata-deploy.yaml # Runtime classes kubectl apply -f https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/runtimeclasses/kata-runtimeClasses.yaml # Example FC workload kubectl apply -f | 06:36 |
| kata-irc-bot | https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/examples/test-deploy-kata-fc.yaml``` > What do you see in the logs of the kata-deploy daemonset? The daemonset doesn't output any logs because its pod never gets fully ready. Here's what I see when I run `kubectl logs -f daemonset/kata-deploy -n="kube-system"` : ```Error from server (BadRequest): container "kube-kata" in pod "kata-deploy-5cxwv" | 06:36 |
| kata-irc-bot | is waiting to start: ContainerCreating``` I attached the output of `kubectl describe daemonset kata-deploy -n="kube-system"` in the `kata-deploy-daemonset.txt` file. I also attached the output of `kubectl describe pod kata-deploy-5cxwv -n=kube-system` for the daemonset's pod in the `kata-deploy-daemonset-pod.txt` file. > Also, can you share `kubectl get nodes --show-labels`? I attached the command's outputs before Kata is installed and | 06:36 |
| kata-irc-bot | after I run the `kubectl apply` commands mentioned above in the `get-node-labels-before-kata-install.txt` file and the `get-node-labels-after-kata-install.txt` file | 06:36 |
| kata-irc-bot | <sidorov.ml99> Hi everyone! I’m trying to use kata with k3s, have deployed kata with kata-deploy and created a test deployment with kata-fc runtime. The pod is stuck in ContainerCreating status and posts this events: ```Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 30s default-scheduler Successfully assigned | 11:57 |
| kata-irc-bot | default/php-apache-kata-fc-5ccb8df89-bxdr2 to k3s-master-1 Warning FailedCreatePodSandBox 28s kubelet Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create containerd task: failed to mount "/run/kata-containers/shared/containers/e395498e3b0ac41dcda036c05eb13001f4ccba99037161c865964d0e2b3f6657/rootfs" to "/run/kata-containers/e395498e3b0ac41dcda036c05eb13001f4ccba99037161c865964d0e2b3f6657/rootfs", | 11:57 |
| kata-irc-bot | with error: No such file or directory (os error 2): unknown Warning FailedCreatePodSandBox 13s kubelet Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create containerd task: failed to mount "/run/kata-containers/shared/containers/a6193715cd634172aeb4016771e28d39461ead562846e94fdf22285bc67718e1/rootfs" to "/run/kata-containers/a6193715cd634172aeb4016771e28d39461ead562846e94fdf22285bc67718e1/rootfs", | 11:57 |
| kata-irc-bot | with error: No such file or directory (os error 2): unknown``` Any ideas what could cause this issue? I used to have similar problem when running kata with cri-o with overlayfs storage, maybe this is devicemapper related | 11:57 |
| kata-irc-bot | <sidorov.ml99> Actually firecracker is the only runtime that doesn’t seem to work: `NAME READY STATUS RESTARTS AGE` `php-apache-kata-clh-796cd8db47-d6bzg 1/1 Running 0 4m11s` `php-apache-kata-fc-5ccb8df89-bxdr2 0/1 ContainerCreating 0 19m` `php-apache-kata-qemu-6bbd4d8c75-frtnp 1/1 Running 0 3m58s` | 12:05 |
| kata-irc-bot | `php-apache-runc-5cd4cc5f96-lf7kw 1/1 Running 0 3m48s` | 12:05 |
| kata-irc-bot | <salvador.fuentes> Hi, yes, FC requires to have devicemapper. Is this with containerd? could you paste your containerd config file? and could you confirm that you are using devicemapper? | 12:55 |
| kata-irc-bot | <anastassios.nanos> hi there! regarding storage, we haven't tried anything else than devicemapper. I think its the only choice for now. regarding >1 container per pod, we haven't tried that either -- I remember looking at an issue a couple of months back about that but can't find it right now. Have you tried to qemu equivalent? | 14:57 |
| kata-irc-bot | <anastassios.nanos> yeap, again, we have only tried with devicemapper. I think it's the only solution at the moment. | 14:58 |
| kata-irc-bot | <sidorov.ml99> Ok, it seems like containerd for k3s wasn’t compiled with devicemapper plugin support, so it’s not possible to run kata-fc | 16:03 |
| kata-irc-bot | <sidorov.ml99> I have created thin pool and changed the config but it doesn’t change anything | 16:04 |
| kata-irc-bot | <lagkasorestis> Hello, I have tried running k3s with fc with @anastassios.nanos.. we are actually running it now on a rasperi pi4.. k3s has a lightweight version of containerd which does not include the devicemapper plugin if you run `k3s ctr plugin ls` you will see that there is no devmapper | 16:06 |
| kata-irc-bot | <lagkasorestis> so there are 2 solutions: • either recompile k3s containerd and include the devmapper plugin • or run k3s with external containerd... | 16:07 |
| kata-irc-bot | <sidorov.ml99> yep, seems like that, thanks! | 16:08 |
| kata-irc-bot | <lagkasorestis> btw if you already have configured the host's containerd with devmapper the the following should install k3s to run with your systems containerd `curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--container-runtime-endpoint unix:///run/containerd/containerd.sock" sh -` | 16:10 |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!