Question / Opinion Docker deprecation DIND / K8s

Question

Question / Opinion Docker deprecation DIND / K8s

Closed this issue 2 years ago · 4 comments

fbuinosquy1985 commented 2 years ago

Due of the retirement on K8S of Dockershim , do you have any recommendation or something planned on how we can continue build containers inside of containers (DIND , DOOD ) , i was trying podman and kaliko without a lot of success with rootless access .

Answer 1 · 2022-06-27T13:47:10.000Z

Due of the retirement on K8S of Dockershim , do you have any recommendation or something planned on how we can continue build containers inside of containers (DIND , DOOD ) , i was trying podman and kaliko without a lot of success with rootless access .

dockershim isn't in play here, as the addon docker container runs as dind.
actually we run this on openshift, where the dind run inside a podman container.

Answer 2 · 2022-06-27T14:32:36.000Z

oh ok , so the docker in docker works locally (inside of the runner container) and not using the kubernetes docker socket ,i was worried about . Thanks for letting me know .

Answer 3 · 2022-06-27T18:05:11.000Z

Closing as resolved, re-open should you wonder about anything else.

Answer 4 · 2022-06-29T12:52:27.000Z

Thanks i was able to test it on Eks 1.22 and is working fine , note aside is that i have to add

    - name: aws-iam-token
      projected:
        sources:
        - serviceAccountToken:
            audience: "sts.amazonaws.com"
            expirationSeconds: 86400
            path: token

to mount the eks irsa Token from the Service Account.