| *** libregeekingkid[ has quit IRC | 00:13 | |
| *** tpepper has quit IRC | 00:27 | |
| *** libregeekingkid[ has joined #kata-general | 00:47 | |
| *** liujiong has joined #kata-general | 01:33 | |
| *** sjas has joined #kata-general | 01:37 | |
| *** sjas_ has quit IRC | 01:40 | |
| *** liujiong has quit IRC | 01:45 | |
| *** liujiong has joined #kata-general | 01:46 | |
| *** libregeekingkid[ has quit IRC | 02:55 | |
| *** libregeekingkid[ has joined #kata-general | 06:08 | |
| *** jodh has joined #kata-general | 07:30 | |
| *** jodh has joined #kata-general | 07:30 | |
| kata-dev-irc-bot | <mayank.kumar> are there examples of configuring kubernetes kubelet to use kata-containers ? | 08:36 |
|---|---|---|
| kata-dev-irc-bot | <mayank.kumar> i was able to get the kata-containers (clear containers) running in GCE using nested virtualization and i now want to configure kubelet to use cc-runtime | 08:37 |
| *** liujiong has quit IRC | 08:39 | |
| kata-dev-irc-bot | <ydjainopensource> I don't know for sure but I believe containerd cri used by k8ns is not ready yet | 08:40 |
| kata-dev-irc-bot | <ydjainopensource> In short we don't support k8ns yet | 08:41 |
| kata-dev-irc-bot | <ydjainopensource> Can somebody confirm please? | 08:41 |
| kata-dev-irc-bot | <mayank.kumar> ouch | 08:44 |
| kata-dev-irc-bot | <mayank.kumar> i was thinking it was ready for kubernetes | 08:44 |
| kata-dev-irc-bot | <xu> I think the CRI-O support is a bit better than cri-containerd for now, but still early for production. And based on the discuss on the meeting of Monday, we will have an additional dev meeting next Monday to push forward the runtime job. | 08:47 |
| kata-dev-irc-bot | <mayank.kumar> i mean if i can do `docker ps` and `docker exec` and `docker run`, i believe theoretically it should be possible to run it no ? i am happy to try something if someone can give pointers. i am ok if exec or logs or other things not work, if at least i can get a pod with clear containers running | 08:47 |
| kata-dev-irc-bot | <mayank.kumar> i am not asking for production for sure, anything you can point me to would be awesome for a demo @xu @ydjainopensource | 08:48 |
| kata-dev-irc-bot | <samuel.ortiz> @mayank.kumar We're still fixing a few things, notably in the agent. But if you want to run a demo, you can already start with: https://github.com/clearcontainers/runtime/wiki/Clear-Containers-and-Kubernetes . The setup is going to be **exactly** the same with Kata. | 08:50 |
| kata-dev-irc-bot | <mayank.kumar> awesome its a start thanks @samuel.ortiz | 08:50 |
| kata-dev-irc-bot | <samuel.ortiz> @mayank.kumar See for example https://github.com/kata-containers/agent/issues/138 for the kind of issues we're trying to fix. | 08:51 |
| kata-dev-irc-bot | <samuel.ortiz> @mayank.kumar The new kata agent is more secure and more OCI compliant than the CC or the runv one, so it's taking a little time until we can get things fixed. | 08:52 |
| kata-dev-irc-bot | <xu> oh, yes, another source, runV/frakti based solution could be deployed as well https://stackube.readthedocs.io/en/latest/ though frakti has not been moved to kata-runtime yet. | 08:52 |
| kata-dev-irc-bot | <mayank.kumar> @samuel.ortiz no worries, i just wanted to setup a demo where i can get a vm running inside a pod. | 08:53 |
| kata-dev-irc-bot | <xu> it is a full multi-tenant solution for kubernetes based on runV (mearging with cc to kata) | 08:53 |
| kata-dev-irc-bot | <samuel.ortiz> @mayank.kumar We verified that this can be demo'ed on GCE or Azure. | 08:54 |
| kata-dev-irc-bot | <mayank.kumar> is cc-runtime(since it was developed by intel) tied it to the intel architecture ? could it run on other process architectures ? | 08:54 |
| kata-dev-irc-bot | <samuel.ortiz> @mayank.kumar There is nothing Intel specific there. And it will be the same for Kata. | 08:55 |
| kata-dev-irc-bot | <xu> runV supports arm64, power, and s390x, and these architecture support will be merged into kata | 08:56 |
| kata-dev-irc-bot | <ydjainopensource> thanks :slightly_smiling_face: | 09:02 |
| *** gwhaley has joined #kata-general | 09:06 | |
| kata-dev-irc-bot | <eric.ernst> @mayank.kumar it should be close, at least using cri-o. | 16:32 |
| kata-dev-irc-bot | <eric.ernst> you may have more luck/get more info over @ kata-dev | 16:32 |
| *** mylinux has joined #kata-general | 17:48 | |
| *** mylinux has left #kata-general | 17:49 | |
| *** jodh has quit IRC | 17:55 | |
| *** gwhaley has quit IRC | 18:18 | |
| kata-dev-irc-bot | <mayank.kumar> weird i ran the scripts in this wiki and lost my ssh connection to the vm in GCe which never came back. gonna try again to see what i find | 18:30 |
| kata-dev-irc-bot | <mayank.kumar> do you mean there is nothing intel specific in clear containers ? I thought they mentioned something about taking advtange of intel Vt technology | 18:32 |
| kata-dev-irc-bot | <mayank.kumar> the setup.sh fails here , trying to debug ``` package github.com/kubernetes-incubator/cri-o: no buildable Go source files in /root/go/src/github.com/kubernetes-incubator/cri-o ~/go/src/github.com/kubernetes-incubator/cri-o ~/go/src/github.com/clearcontainers/tests/.ci Note: checking out 'v1.0.4'. You are in 'detached HEAD' state. You can look around, make experimental changes and commit them, and you can discard any | 19:20 |
| kata-dev-irc-bot | commits you make in this state without impacting any branches by performing another checkout. If you want to create a new branch to retain commits you create, you may do so (now or later) by using -b with the checkout command again. Example: git checkout -b <new-branch-name> HEAD is now at 4aceede... version: bump to v1.0.4 ln: target '/root/go/bin/' is not a directory: No such file or directory ``` | 19:20 |
| *** mylinux has joined #kata-general | 19:28 | |
| kata-dev-irc-bot | <eric.ernst> @mayank.kumar - I'd say that is unexpected. | 19:43 |
| kata-dev-irc-bot | <eric.ernst> This was observed earlier this morning as well @ https://github.com/clearcontainers/shim/pull/125#issuecomment-363878912 | 19:45 |
| kata-dev-irc-bot | <eric.ernst> You make any progress building crio on your system, @mayank.kumar? | 19:46 |
| kata-dev-irc-bot | <mayank.kumar> i was able to follow the setup to build clear containers and run a vm using docker run on centos. Now i want to do a demo with kubernetes and i tried running setup.sh on a ubuntu vm in GCE and that failed with the above error | 19:48 |
| kata-dev-irc-bot | <mayank.kumar> i need to now read through the scripts to understand why its failing | 19:48 |
| kata-dev-irc-bot | <mayank.kumar> i think there is some kind of script error i need to debug related to cri-o building ``` Get CRI-O sources can't load package: package github.com/kubernetes-incubator/cri-o: no buildable Go source files in /root/go/src/github.com/kubernetes-incubator/cri-o ~/go/src/github.com/kubernetes-incubator/cri-o ~/go/src/github.com/clearcontainers/tests/.ci ``` | 19:49 |
| kata-dev-irc-bot | <mayank.kumar> question for all, if i have docker working with cc-runtime(on centos already), shouldnt a kubelet just work if its configured to use docker rahter than containerd or is there more work involved ? | 19:51 |
| kata-dev-irc-bot | <eric.ernst> @mayank.kumar: https://github.com/clearcontainers/tests/pull/903/files | 20:06 |
| kata-dev-irc-bot | <eric.ernst> @mayank.kumar -- its more involved than that. You'll want to use a CRI like CRI-O or cri-containerd | 20:07 |
| kata-dev-irc-bot | <eric.ernst> dockershim has some assumptions in it regarding network namespace. | 20:08 |
| kata-dev-irc-bot | <eric.ernst> If you cherry-pick PR 903 above, I think your install should behave much nicer. | 20:08 |
| kata-dev-irc-bot | <mayank.kumar> ah nice @eric.ernst thanks a lot for your prompt help. let me check if that helps | 20:09 |
| kata-dev-irc-bot | <mayank.kumar> setup.sh completed with that fix , now on to init.sh to setting up kubernetes | 20:28 |
| kata-dev-irc-bot | <mayank.kumar> init.sh completed and i see worker node, i think the doc could be cleaned up a little more | 20:38 |
| kata-dev-irc-bot | <mayank.kumar> i see ```bats nginx.bats ``` | 20:38 |
| kata-dev-irc-bot | <mayank.kumar> what does that do ? | 20:39 |
| kata-dev-irc-bot | <mayank.kumar> ah its some kind of scripting and testing tool it seems | 20:39 |
| *** mylinux has quit IRC | 20:44 | |
| *** mylinux has joined #kata-general | 20:45 | |
| kata-dev-irc-bot | <samuel.ortiz> @mayank.kumar Yes, Intel VT is leveraged but this is abstracted through QEMU/KVM or xen. Kata Containers leverages the QEMU interface, but does not include anything that's Intel specific. | 21:09 |
| *** mylinux has quit IRC | 22:03 | |
| *** tpepper has joined #kata-general | 22:27 | |
| *** mylinux has joined #kata-general | 22:36 | |
| *** mylinux has quit IRC | 23:08 | |
| *** mylinux has joined #kata-general | 23:08 | |
| kata-dev-irc-bot | <mayank.kumar> one doubt i have is it are all kubernetes components running as vms in this demo ? i see criotctl showing me arounf 15 containers, although i see qemu-lite-system-x86_64 only 6 of them | 23:22 |
| *** mylinux has quit IRC | 23:35 | |
| *** tpepper1 has joined #kata-general | 23:43 | |
| *** tpepper has quit IRC | 23:45 | |
| kata-dev-irc-bot | <sebastien.boeuf> @mayank.kumar if you have 6 qemu instances (aka 6 VMs), this means you should have 6 pods. And if you have several containers per pod, this explains you can have 15 containers for 6 VMs only. | 23:56 |
| kata-dev-irc-bot | <mayank.kumar> i see 5 qemu-lite but 11 pods currently in all namespaces brought up using that script | 23:57 |
| kata-dev-irc-bot | <mayank.kumar> is there a way to tell which pod was deployed using which runtime ? | 23:59 |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!