WIP: Add docker building and running to the kubernetes deployment (!1) · Merge requests · Mike Terhar / code-server-buildtools

Mike Terhar requested to merge kube-add-docker into kubernetes Jul 05, 2020

The easy way to do this is to enable privileged mode and mount the docker socket into the container.

I am not going to do this so that we can keep the container unprivileged.

The VS Code extension that enables the docker workflow: https://github.com/microsoft/vscode-docker

Maybe running a dind container as a side car?

spec:
  template:
    metadata:
      labels:
        identifier: ''
    spec:
      restartPolicy: Never
      containers:
        - name: code-server
          [...]
            env:
            - name: DOCKER_HOST
              value: tcp://localhost:2375
        - name: dind-daemon
          image: docker:stable-dind
          env:
            - name: DOCKER_TLS_CERTDIR
              value: ""
          resources:
            requests:
              cpu: 20m
              memory: 512Mi
          securityContext:
            privileged: true
          volumeMounts:
            - name: docker-graph-store
              mountPath: /var/lib/docker
      volumes:
        - name: docker-graph-store
          emptyDir: {}

The big complication here is that if the docker sidecar spins up a new container, Kubelet will see it and try to murder it.... and if the pod gets re-scheduled, it could forget about the running container and we will end up with lots of other crap clogging up the node.

Edited Jul 05, 2020 by Mike Terhar

Admin message

WIP: Add docker building and running to the kubernetes deployment

Merge request reports