-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Document alternatives to mounting docker.sock #7
Comments
There are some alternative container build tools mentioned in the FAQ https://kubernetes.io/blog/2022/02/17/dockershim-faq/#what-should-i-look-out-for-when-changing-cri-implementations The buildkit cli for kubectl seems like the most generic and flexible option https://github.com/vmware-tanzu/buildkit-cli-for-kubectl |
I don't use docker-in-docker to build, just to run other CLI containers.
Like running different containerized image transformers on a shared folder.
All the alternatives mentioned are for build servers
…On Wed, Nov 9, 2022, 5:24 PM Justin Garrison ***@***.***> wrote:
There are some alternative container build tools mentioned in the FAQ
https://kubernetes.io/blog/2022/02/17/dockershim-faq/#what-should-i-look-out-for-when-changing-cri-implementations
The buildkit cli for kubectl seems like the most generic and flexible
option https://github.com/vmware-tanzu/buildkit-cli-for-kubectl
—
Reply to this email directly, view it on GitHub
<#7 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAMUMHKVVVUZO4W3NO2N5NLWHQQBXANCNFSM6AAAAAAR34E45U>
.
You are receiving this because you authored the thread.Message ID:
<aws-containers/kubectl-detector-for-docker-socket/issues/7/1309464832@
github.com>
|
Can you give an example of commands you run? If you’re not running `docker`
commands you should be fine.
|
Yes, I am using e.g. |
on your local machine |
Sorry I wasn't clear, I am executing |
I just remembered your manifest/volume comment. Yes, there is a pod that is running a container with a volume. The program on that pod also needs to execute other docker containers with access to folders on that volume. |
Do you have an example kubernetes manifest and dockerfile to build the containers you use? It would probably help me understand how it's used more. If you don't want to add them to this ticket you can email me [email protected] |
No, it's an inhouse spring application that runs as either a deployment or
a job. We use inhouse programs and gdal for the containers we run inside
the other container. And by inside I mean exec shell with docker run. Here
is a reddit post I created about it, with lots of helpful solutions, looks
like sidecar dind might be the best short term solution.
https://www.reddit.com/r/kubernetes/comments/yrf215/eks_ive_been_struggling_with_the_upcoming_removal/?utm_source=share&utm_medium=android_app&utm_name=androidcss&utm_term=1&utm_content=share_button
…On Thu, Nov 10, 2022, 5:17 PM Justin Garrison ***@***.***> wrote:
Reopened #7
<#7>
.
—
Reply to this email directly, view it on GitHub
<#7 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAMUMHP2OQMMXVZPNEEUXELWHVYA3ANCNFSM6AAAAAAR34E45U>
.
You are receiving this because you authored the thread.Message ID:
<aws-containers/kubectl-detector-for-docker-socket/issue/7/issue_event/7787477755
@github.com>
|
I don't think the manifest or dockerfile would show you anything, it just
shows that docker.sock is mounted and docker is installed. All of the
containers I'm talking about using are not represented because they are
called with docker run
…On Thu, Nov 10, 2022, 5:31 PM Charles Ritchea ***@***.***> wrote:
No, it's an inhouse spring application that runs as either a deployment or
a job. We use inhouse programs and gdal for the containers we run inside
the other container. And by inside I mean exec shell with docker run. Here
is a reddit post I created about it, with lots of helpful solutions, looks
like sidecar dind might be the best short term solution.
https://www.reddit.com/r/kubernetes/comments/yrf215/eks_ive_been_struggling_with_the_upcoming_removal/?utm_source=share&utm_medium=android_app&utm_name=androidcss&utm_term=1&utm_content=share_button
On Thu, Nov 10, 2022, 5:17 PM Justin Garrison ***@***.***>
wrote:
> Reopened #7
> <#7>
> .
>
> —
> Reply to this email directly, view it on GitHub
> <#7 (comment)>,
> or unsubscribe
> <https://github.com/notifications/unsubscribe-auth/AAMUMHP2OQMMXVZPNEEUXELWHVYA3ANCNFSM6AAAAAAR34E45U>
> .
> You are receiving this because you authored the thread.Message ID:
> <aws-containers/kubectl-detector-for-docker-socket/issue/7/issue_event/7787477755
> @github.com>
>
|
A couple of our Java/Kotlin based deployments and jobs execute containerized c++ or python tools (to avoid dependency hell). By using docker-in-docker, this has allowed our k8s versions to behave the same way as our bare metal (i.e. run from IntelliJ or docker-compose). In other words, it doesn't make sense for us to spin up yet another job with a shared volume when we can use dind.
I see that this will no longer be supported in 1.24 and dds identifies the expected deployment; however, I can't find anywhere what to do about this? Do I just do the same thing with containerd.sock and nerdctl? Any alternative documented would be appreciated
The text was updated successfully, but these errors were encountered: