Validate that Kubernetes runner works well with other container runtimes like containerd
Overview
As we can see in https://kubernetes.io/blog/2020/12/02/dockershim-faq/ Kubernetes is removing support for Docker container runtime in 1.20. Some providers for kubernetes already switched to containerd
as a container runtime (GKE 1.19 onwards). GitLab Runner already works with any container runtime that is set up on the Kubernetes cluster, because GitLab Runner is not aware of what container runtime Kubernetes is using. All the orchestration of the pods that are created by GitLab Runner is done over the Kubernetes API.
Validation
-
Inside of CI, we are using k3s, which already is using containerd
as a runtime. Our CI validate that the Kubernetes executor works withcontainerd
runtime.checking the k3s is using `containerd`
$ docker run --rm -it --privileged -p 6443:6443 registry.gitlab.com/gitlab-org/cluster-integration/test-utils/k3s-gitlab-ci/releases/v1.16.7-k3s1 # New terminal window $ docker exec -it 9291e7e0182e cat /etc/rancher/k3s/k3s.yaml > /tmp/k3s.yaml $ export KUBECONFIG=/tmp/k3s.yaml $ kubectl cluster-info dump | jq .items[0].status.nodeInfo.containerRuntimeVersion "containerd://1.3.0-k3s.5"
-
Full CI tests running using conatinerd: https://gitlab.com/gitlab-org/gitlab-runner/-/jobs/898953460 -
Docker in Docker workflow https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#kubernetes
What is going to change for GitLab Runner
- Not much for just administrators of GitLab Runner
- If you are mounting the Docker socket like https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#use-docker-socket-binding for the Kubernetes executor this will no longer work because the socker no longer exists.