Unable to get dind rootless working on my system due to storage-driver=overlay2 issues?
mannp opened this issue · comments
Hi there
Thanks for the images :)
I am trying to get the dind rootless image to work and failing badly at the moment.
Any pointers would be very helpful :)
Thanks in advance
2023-09-29 18:09:54 INFO [/opt/run.sh:26] act_runner version v0.2.6
2023-09-29 18:09:54 INFO [/opt/run.sh:27] Timezone: BST +0100
2023-09-29 18:09:54 INFO [/opt/run.sh:28] Hostname: 8010574e4e83
2023-09-29 18:09:54 INFO [/opt/run.sh:29] IP Addresses:
- 192.168.10.16
2023-09-29 18:09:54 INFO [/opt/run.sh:31] Config environment variables:
- GITEA_INSTANCE_URL=https://fqdn/
- GITEA_RUNNER_ACTION_CACHE_DIR=/data/cache/actions
- GITEA_RUNNER_CONFIG_TEMPLATE_FILE=/opt/config.template.yaml
- GITEA_RUNNER_GID=100
- GITEA_RUNNER_LABELS=
- GITEA_RUNNER_LABELS_DEFAULT=ubuntu-latest:docker://catthehacker/ubuntu:runner-22.04,ubuntu-22.04:docker://catthehacker/ubuntu:runner-22.04,ubuntu-20.04:docker://catthehacker/ubuntu:runner-20.04
- GITEA_RUNNER_MAX_PARALLEL_JOBS=2
- GITEA_RUNNER_NAME=gitea-runner
- GITEA_RUNNER_REGISTRATION_RETRY_INTERVAL=5s
- GITEA_RUNNER_REGISTRATION_TIMEOUT=30
- GITEA_RUNNER_REGISTRATION_TOKEN=
- GITEA_RUNNER_UID=99
2023-09-29 18:09:54 INFO [/opt/run.sh:41] Starting Docker engine (rootless)...
42 export DOCKER_HOST=unix://$HOME/.docker/run/docker.sock
43 if [ ! -f $HOME/.config/docker/daemon.json ]; then
44 # workaround for "Not using native diff for overlay2, this may cause degraded performance for building images: running in a user namespace storage-driver=overlay2"
45 mkdir -p $HOME/.config/docker
46 echo '{"storage-driver":"fuse-overlayfs"}' > $HOME/.config/docker/daemon.json
47 fi
48
Docker run;
docker run
-d
--name='gitea-runner'
--privileged=true
-e TZ="Europe/London"
-e HOST_OS="Unraid"
-e HOST_HOSTNAME="gitea-runner"
-e HOST_CONTAINERNAME="gitea-runner"
-e 'GITEA_INSTANCE_URL'='https://fqdn/'
-e 'GITEA_RUNNER_REGISTRATION_TOKEN'='redacted'
-e 'GITEA_RUNNER_NAME'='gitea-runner'
-e 'GITEA_RUNNER_ACTION_CACHE_DIR'='/data/cache/actions'
-e 'GITEA_RUNNER_UID'='99'
-e 'GITEA_RUNNER_GID'='100'
-e 'GITEA_RUNNER_MAX_PARALLEL_JOBS'='2'
-e 'TZ'='Europe/London'
-v '/mnt/user/data/docker/gitea-runner/':'/data':'rw' 'vegardit/gitea-act-runner:dind-rootless-latest'
The error output you pasted looks incomplete. It misses the error message directly after the line Starting Docker engine (rootless), something like:
2023-10-02 12:07:29 INFO [/opt/run.sh:41] Starting Docker engine (rootless)...
mkdir: cannot create directory '/data/.config': Permission denied
12:07:29 Error - exited with status 1 in [/opt/run.sh] at line 45:
42 export DOCKER_HOST=unix://$HOME/.docker/run/docker.sock
43 if [ ! -f $HOME/.config/docker/daemon.json ]; then
44 # workaround for "Not using native diff for overlay2, this may cause degraded performance for building images: running in a user namespace storage-driver=overlay2"
45 mkdir -p $HOME/.config/docker
46 echo '{"storage-driver":"fuse-overlayfs"}' > $HOME/.config/docker/daemon.json
47 fi
48
There is no error message, but the docker fails to start.
I have included all that docker reports in docker logs
I note that nothing is created in the /data/ directory in persistent storage though.
Without the error message it is difficult to say what is happening.
From the incomplete log output you get I would guess this is the offending command:
docker-gitea-act-runner/image/run.sh
Line 45 in 816b21f
$HOME points to /data/ so the docker user does not seem to have write permission to that directory on the docker host.
Anyways, the issue does not seem to be related to storage-driver=overlay2 but to a write permission issue of the docker deamon or the GITEA_RUNNER_UID/GITEA_RUNNER_GID.
This fixed for me.
securityContext:
{{- toYaml .Values.podSecurityContext \| nindent 8 }}
fsGroup: 1000
runAsUser: 1000
runAsGroup: 1000