kata-irc-bot | <sidorov.ml99> Hi everyone, is there any convenient way to inspect firecracker vms that have been started using kata? | 12:02 |
---|---|---|
kata-irc-bot | <fidencio> I have zero experience with firecracker, but have you taken a look at https://github.com/kata-containers/kata-containers/blob/main/docs/Developer-Guide.md? | 12:08 |
mlejva | Hi everyone, I was trying to join the official community Slack workspace but the link in the `community` repo is broken. Could anyone give am an invite? | 12:15 |
kata-irc-bot | <fidencio> Hmm. That's weird. Let me check what may be happening | 12:17 |
kata-irc-bot | <fidencio> You cannot sign in to https://katacontainers.slack.com/ ? | 12:18 |
mlejva | Nope. It says that I don't have an account in the workspace | 12:21 |
kata-irc-bot | <fidencio> And you cannot create one without an invitation? | 12:23 |
kata-irc-bot | <fidencio> Is it? | 12:23 |
mlejva | No, I tried to log in with Google and it didn't let me in | 12:24 |
mlejva | I guess I could also ask here. I was wondering whether it is possible to run Kata on the GKE? I found only a tutorial for the manually deployed K8 on the official Kata repo - https://github.com/kata-containers/documentation/blob/master/how-to/run-kata-with-k8s.md | 12:24 |
kata-irc-bot | <fidencio> What's GKE? | 12:25 |
kata-irc-bot | <fidencio> Ah, google kubernetes engine | 12:26 |
mlejva | Yes, sorry. | 12:26 |
kata-irc-bot | <fidencio> I'm not sure how different it is ... neither how updated is the guide, but I'd start giving it a try on https://github.com/kata-containers/kata-containers/blob/main/docs/install/gce-installation-guide.md | 12:27 |
fidencio | mlejva: also, please, I sent you a private message in order to send you an invite | 12:29 |
fidencio | mlejva: take a look that :-) | 12:29 |
mlejva | Thank you for the invite, fidencio. I followed the guide and it explains how to set up a Compute Engine VM with nested virtualization. Then it directs the reader to the actual installations of Kata. I think it might not really give me answer unless I'm missing anything. | 12:32 |
fidencio | mlejva: so, let's take a step back | 12:34 |
fidencio | mlejva: you understand why you'll need a node with support to tested virtualization, right? | 12:34 |
fidencio | mlejva: once you have a node that fulfills that, I *think* you'd only need to do a normal kata-containers installation | 12:35 |
fidencio | mlejva: something like: https://github.com/kata-containers/kata-containers/blob/main/tools/packaging/kata-deploy/README.md | 12:36 |
kata-irc-bot | <fidencio> by the way, I'm off for the rest of the afternoon, back-to-back meetings | 12:38 |
mlejva | Ah, that makes sense. I think I understand it now. Thank you! | 12:39 |
kata-irc-bot | <fidencio> @sidorov.ml99, hey! | 15:13 |
kata-irc-bot | <sidorov.ml99> Hi! | 15:14 |
kata-irc-bot | <santhosh.parampottupa> @ *mlejva (IRC)* Not sure if I understood your problem correctly or not, but if you are looking for a microk8s cluster with Kata enabled pods in google cloud Instances, then I can help you. I struggled with that couple of week then 2-3 people from this channel helped me for that | 15:25 |
kata-irc-bot | <sidorov.ml99> Ok, @anastassios.nanos hi! So I am trying to run kata-fc with CRI-O as was mentioned, and I am facing a few problems currently. First one is that it seems to require devicemapper as storage backend, is it the only option? And also, when I’m trying to run pod with multiple containers in it, it only creates the first one and the second one fails | 15:26 |
kata-irc-bot | <santhosh.parampottupa> These commands will help you to spin up nested V enabled gcloud instance, create any normal instance in gcloud and at the end of that instance there is a 3 dot icon, click there and start a gcloud shelll then paste the below commands…you will get a NestedV instance spin up `gcloud auth login` `export` `SOURCE_IMAGE_PROJECT=ubuntu-os-cloud` `export` `SOURCE_IMAGE_FAMILY=ubuntu-1804-lts` `export` | 15:49 |
kata-irc-bot | `IMAGE_NAME=${SOURCE_IMAGE_FAMILY}-nested` `gcloud compute images create --source-image-project $SOURCE_IMAGE_PROJECT --source-image-family $SOURCE_IMAGE_FAMILY --licenses=https://www.googleapis.com/compute/v1/projects/vm-options/global/licenses/enable-vmx` `$IMAGE_NAME` `verify presence of the enable-vmx license:-` `gcloud compute images describe $IMAGE_NAME` `gcloud compute instances create --image $IMAGE_NAME --mac | 15:49 |
kata-irc-bot | `n1-standard-2 --min-cpu-platform "Intel Broadwell"` `<instancename>` | 15:49 |
kata-irc-bot | <vasek.mlejnsky> This doesn't seem to work on the GKE images | 15:49 |
kata-irc-bot | <eric.ernst> This is likely old …. | 15:50 |
kata-irc-bot | <eric.ernst> but from a GCP perspective, where you likely have more control: https://github.com/kata-containers/documentation/blob/master/install/gce-installation-guide.md | 15:50 |
kata-irc-bot | <vasek.mlejnsky> Wouldn't that require setting and managing up the whole K8 cluster by myself? I hoped I could go with something where things like DNS is managed | 15:51 |
kata-irc-bot | <eric.ernst> right; i mean that’s a pattern for GCP. | 15:51 |
kata-irc-bot | <eric.ernst> I’m not sure if you can do the same when describing the nodes in the GKE case. | 15:51 |
kata-irc-bot | <santhosh.parampottupa> @vasek.mlejnsky okay then I am sorry, but it worked for me when I created a normal NestedV instance in google cloud, not in GKE :( | 15:51 |
kata-irc-bot | <eric.ernst> Totally get that you want something managed. | 15:51 |
kata-irc-bot | <vasek.mlejnsky> Yeah. I guess I don't really have a choice unless some other option comes to your mind? I also briefly checked out AWS and Azure and it looks like they also don't allow nested virtualization in their managed K8 clusters. | 15:54 |
kata-irc-bot | <vasek.mlejnsky> I managed to enable virtualization on my GKE nodes. Now I'm trying to install Kata there but `katacontainers.io/kata-runtime` isn't getting installed on a node even though the cluster is using the `containerd://1.4.3` runtime which should be supported, I think. Any idea what might be the problem? | 17:55 |
kata-irc-bot | <eric.ernst> I haven’t really played with it, tbh. @james.o.hunt is probably our best bet for feedback! | 21:36 |
kata-irc-bot | <eric.ernst> Curious how you were able to enable virt? | 21:36 |
kata-irc-bot | <eric.ernst> kubectl get nodes --show-labels? | 21:37 |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!