actions/actions-runner-controller
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
835bc2aed873dcd258fe2db2ccea13e425b27708
actions-runner-controller/runner/entrypoint-dind-rootless.sh

57 lines
2.4 KiB
Bash
Raw Normal View History

Add rootless DinD runner (#1644) * add rootless dind images * add small blurb on rootless dind * Add ToC entry for README section
2022-08-02 20:45:02 -06:00
#!/bin/bash
Fix runners to do their best to gracefully stop on pod eviction (#1759) Ref #1535 Ref #1581 Signed-off-by: Yusuke Kuoka <ykuoka@gmail.com>
2022-11-01 20:30:10 +09:00
source logger.sh
source graceful-stop.sh
trap graceful_stop TERM
Add rootless DinD runner (#1644) * add rootless dind images * add small blurb on rootless dind * Add ToC entry for README section
2022-08-02 20:45:02 -06:00
log.notice "Writing out Docker config file"
/bin/bash <<SCRIPT
if [ ! -f /home/runner/.config/docker/daemon.json ]; then
echo "{}" > /home/runner/.config/docker/daemon.json
fi
if [ -n "${MTU}" ]; then
jq ".\"mtu\" = ${MTU}" /home/runner/.config/docker/daemon.json > /tmp/.daemon.json && mv /tmp/.daemon.json /home/runner/.config/docker/daemon.json
Fix inability to configure MTU for rootless dind runner (#1856) Follow-up for https://github.com/actions-runner-controller/actions-runner-controller/pull/1644
2022-10-13 09:04:56 +09:00
# See https://docs.docker.com/engine/security/rootless/ and https://github.com/docker/engine/blob/8955d8da8951695a98eb7e15bead19d402c6eb27/contrib/dockerd-rootless.sh#L13
runner: Fix rootless dind to respect specified MTU (#1976) While testing #1759, I found an issue in the rootless dind entrypoint that it was not respecting the configured MTU for dind docker due to a permission issue. This fixes that.
2022-11-04 06:29:03 +09:00
echo "DOCKERD_ROOTLESS_ROOTLESSKIT_MTU=${MTU}" | sudo tee -a /etc/environment
Add rootless DinD runner (#1644) * add rootless dind images * add small blurb on rootless dind * Add ToC entry for README section
2022-08-02 20:45:02 -06:00
fi
Allow to set docker default address pool (#1971) * Allow to set docker default address pool * fixup! Allow to set docker default address pool Signed-off-by: Yusuke Kuoka <ykuoka@gmail.com> * Revert unnecessary chart ver bump * Update docs for DOCKER_DEFAULT_ADDRESS_POOL_* * Fix the dockerd default address pool scripts to actually work as probably intended * Update the E2E testdata runnerdeployment to accomodate the new docker default addr pool options * Correct default dockerd addr pool doc Signed-off-by: Yusuke Kuoka <ykuoka@gmail.com> Co-authored-by: Claudio Vellage <claudio.vellage@pm.me> Co-authored-by: Yusuke Kuoka <ykuoka@gmail.com>
2022-11-05 06:46:32 +01:00
if [ -n "${DOCKER_DEFAULT_ADDRESS_POOL_BASE}" ] && [ -n "${DOCKER_DEFAULT_ADDRESS_POOL_SIZE}" ]; then
jq ".\"default-address-pools\" = [{\"base\": \"${DOCKER_DEFAULT_ADDRESS_POOL_BASE}\", \"size\": ${DOCKER_DEFAULT_ADDRESS_POOL_SIZE}}]" /home/runner/.config/docker/daemon.json > /tmp/.daemon.json && mv /tmp/.daemon.json /home/runner/.config/docker/daemon.json
fi
Add rootless DinD runner (#1644) * add rootless dind images * add small blurb on rootless dind * Add ToC entry for README section
2022-08-02 20:45:02 -06:00
if [ -n "${DOCKER_REGISTRY_MIRROR}" ]; then
jq ".\"registry-mirrors\"[0] = \"${DOCKER_REGISTRY_MIRROR}\"" /home/runner/.config/docker/daemon.json > /tmp/.daemon.json && mv /tmp/.daemon.json /home/runner/.config/docker/daemon.json
fi
SCRIPT
Fix permission issue when you use PV for rootless dind cache (#1977) * Fix permission issue when you use PV for rootless dind cache This fixes the said issue I have found while testing #1759. Signed-off-by: Yusuke Kuoka <ykuoka@gmail.com>
2022-11-04 06:46:21 +09:00
if [ -d /home/runner/.local ]; then
if [ ! -d /home/runner/.local/share ]; then
log.notice "Creating /home/runner/.local/share owned by runner:runner \
so that rootless dockerd will not fail with a permission error when creating /home/runner/.local/share/docker"
sudo mkdir /home/runner/.local/share
sudo chmod 755 /home/runner/.local/share
sudo chown runner:runner /home/runner/.local/share
fi
fi
Add rootless DinD runner (#1644) * add rootless dind images * add small blurb on rootless dind * Add ToC entry for README section
2022-08-02 20:45:02 -06:00
log.notice "Starting Docker (rootless)"
Fix runners to do their best to gracefully stop on pod eviction (#1759) Ref #1535 Ref #1581 Signed-off-by: Yusuke Kuoka <ykuoka@gmail.com>
2022-11-01 20:30:10 +09:00
dumb-init bash <<'SCRIPT' &
# Note that we don't want dockerd to be terminated before the runner agent,
# because it defeats the goal of the runner agent graceful stop logic implemenbed above.
# We can't rely on e.g. `dumb-init --single-child` for that, because with `--single-child` we can't even trap SIGTERM
# for not only dockerd but also the runner agent.
Fix rootless dind to do write logs (#1978) It turned out too hard to debug configuration issues on the rootless dind daemon as it was not writing any logs to stdout/stderr of the container. This fixes that, so that any rootless dind configuration or startup errors are visible in e.g. the kubectl-logs output.
2022-11-04 06:28:47 +09:00
/home/runner/bin/dockerd-rootless.sh --config-file /home/runner/.config/docker/daemon.json &
Add rootless DinD runner (#1644) * add rootless dind images * add small blurb on rootless dind * Add ToC entry for README section
2022-08-02 20:45:02 -06:00
Fix runners to do their best to gracefully stop on pod eviction (#1759) Ref #1535 Ref #1581 Signed-off-by: Yusuke Kuoka <ykuoka@gmail.com>
2022-11-01 20:30:10 +09:00
startup.sh
SCRIPT
RUNNER_INIT_PID=$!
log.notice "Runner init started with pid $RUNNER_INIT_PID"
wait $RUNNER_INIT_PID
log.notice "Runner init exited. Exiting this process with code 0 so that the container and the pod is GC'ed Kubernetes soon."
trap - TERM
Reference in New Issue Copy Permalink