Does the sandbox cluster support running in a podman rootles Flyte #ask-the-community

Join Slack

Does the sandbox cluster support running in a podm...

# ask-the-community

Endre Karlson

12/21/2021, 4:53 PM

Does the sandbox cluster support running in a podman rootless cluster?

Ketan (kumare3)

12/21/2021, 4:54 PM

Hi Endre we have not tried that

Ketan (kumare3)

12/21/2021, 4:54 PM

Please let us know, you can use the helm chart direct

Ketan (kumare3)

12/21/2021, 4:55 PM

We want to have a simplified startin experience hence we package Flyte into K3d like environment- using flytectl, but we are just deploying a helm chart

Endre Karlson

12/21/2021, 4:56 PM

@Ketan (kumare3) I tried but stumped upon a problem about it complaining about no root access, let me get you logs

Ketan (kumare3)

12/21/2021, 4:56 PM

Hmm, you should use The newer version of all components. These should not need root access

Ketan (kumare3)

12/21/2021, 4:56 PM

Is this the user container

Endre Karlson

12/21/2021, 5:06 PM

podman logs flyte-sandbox 5m 36s task 4 180526 Starting Docker daemon... Done. Starting k3s cluster... Done. Deploying Flyte... Error: open /root/.config/helm/repositories.lock: permission denied

Ketan (kumare3)

12/21/2021, 9:49 PM

cc @Yuvraj?

Yuvraj

12/22/2021, 4:27 AM

@Endre Karlson Can you send me what command you are running for sandbox ? Are you using `--source`I flag in

flytectl sandbox start

command ? If yes then i found some workaround for podman. Please let us know if you are facing issue with simple

flytectl sandbox start

Yuvraj

12/22/2021, 4:30 AM

It's docker command for running sandbox

docker run -it  --name flyte-sandbox --privileged -p 30081:30081 <http://ghcr.io/flyteorg/flyte-sandbox|ghcr.io/flyteorg/flyte-sandbox>

Endre Karlson

12/22/2021, 2:08 PM

flytectl sandbox start --source .

Yuvraj

12/23/2021, 6:24 AM

does

flytectl sandbox start

is working without

--source

flag

Endre Karlson

12/23/2021, 7:27 AM

Nope 😢

Endre Karlson

12/23/2021, 7:27 AM

Copy code

/ # k3s kubectl get pod 
No resources found in default namespace.
/ # k3s kubectl get pod  -A
NAMESPACE     NAME                                  READY   STATUS    RESTARTS   AGE
flyte         flyte-contour-contour-certgen-k8f8n   0/1     Pending   0          3m26s
kube-system   coredns-7448499f4d-z897j              0/1     Pending   0          3m26s
/ # k3s kubectl describe pod -n kube-system 
Name:                 coredns-7448499f4d-z897j
Namespace:            kube-system
Priority:             2000000000
Priority Class Name:  system-cluster-critical
Node:                 <none>
Labels:               k8s-app=kube-dns
                      pod-template-hash=7448499f4d
Annotations:          <none>
Status:               Pending
IP:                   
IPs:                  <none>
Controlled By:        ReplicaSet/coredns-7448499f4d
Containers:
  coredns:
    Image:       rancher/coredns-coredns:1.8.3
    Ports:       53/UDP, 53/TCP, 9153/TCP
    Host Ports:  0/UDP, 0/TCP, 0/TCP
    Args:
      -conf
      /etc/coredns/Corefile
    Limits:
      memory:  170Mi
    Requests:
      cpu:        100m
      memory:     70Mi
    Liveness:     http-get http://:8080/health delay=60s timeout=1s period=10s #success=1 #failure=3
    Readiness:    http-get http://:8181/ready delay=0s timeout=1s period=2s #success=1 #failure=3
    Environment:  <none>
    Mounts:
      /etc/coredns from config-volume (ro)
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-jgl97 (ro)
Conditions:
  Type           Status
  PodScheduled   False 
Volumes:
  config-volume:
    Type:      ConfigMap (a volume populated by a ConfigMap)
    Name:      coredns
    Optional:  false
  kube-api-access-jgl97:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   Burstable
Node-Selectors:              <http://beta.kubernetes.io/os=linux|beta.kubernetes.io/os=linux>
Tolerations:                 CriticalAddonsOnly op=Exists
                             <http://node-role.kubernetes.io/control-plane:NoSchedule|node-role.kubernetes.io/control-plane:NoSchedule> op=Exists
                             <http://node-role.kubernetes.io/master:NoSchedule|node-role.kubernetes.io/master:NoSchedule> op=Exists
                             <http://node.kubernetes.io/not-ready:NoExecute|node.kubernetes.io/not-ready:NoExecute> op=Exists for 300s
                             <http://node.kubernetes.io/unreachable:NoExecute|node.kubernetes.io/unreachable:NoExecute> op=Exists for 300s
Events:
  Type     Reason            Age    From               Message
  ----     ------            ----   ----               -------
  Warning  FailedScheduling  3m42s  default-scheduler  no nodes available to schedule pods
  Warning  FailedScheduling  3m41s  default-scheduler  no nodes available to schedule pods

Endre Karlson

12/27/2021, 9:45 AM

@Yuvraj any idea ? ^

Yuvraj

12/27/2021, 1:35 PM

@Endre Karlson sorry i didn't get time to debug the issue, I think it's a bug. We never tested the setup with podman. Please create a issue with as much as information possible and tag me. Having conversation on issue will help others,

Ketan (kumare3)

12/27/2021, 4:54 PM

.. (edited)

Ketan (kumare3)

12/27/2021, 11:45 PM

cc @Haytham Abuelfutuh we could probably use podman to run all flyte backend components as a pod?

258 Views

Open in Slack

Previous Next