Add support for nerdctl on macos. #594
Conversation
resources/darwin/bin/nerdctl
Outdated
| if ! LIMA_HOME="$HOME/Library/State/rancher-desktop/lima" ${scriptdir}/../lima/bin/limactl ls --json | grep '"name":"rancher-desktop"' | grep -q '"status":"Running"'; then | ||
| echo "Rancher Desktop is not running. Please start Rancher Desktop to use nerdctl"; | ||
| else | ||
| LIMA_HOME="$HOME/Library/State/rancher-desktop/lima" ${scriptdir}/../lima/bin/limactl shell rancher-desktop nerdctl $@ |
There was a problem hiding this comment.
Needs quotes in case arguments contain spaces:
| LIMA_HOME="$HOME/Library/State/rancher-desktop/lima" ${scriptdir}/../lima/bin/limactl shell rancher-desktop nerdctl $@ | |
| LIMA_HOME="$HOME/Library/State/rancher-desktop/lima" ${scriptdir}/../lima/bin/limactl shell rancher-desktop nerdctl "$@" |
src/k8s-engine/lima.ts
Outdated
| arch: 'x86_64', | ||
| }], | ||
| cpus: this.cfg?.numberCPUs || 4, | ||
| memory: (this.cfg?.memoryInGB || 4) * 1024 * 1024 * 1024, | ||
| mounts: [{ location: path.join(paths.cache(), 'k3s'), writable: false }], | ||
| mounts: [{ location: path.join(paths.cache(), 'k3s'), writable: false },{location: "~", writable: false }], |
There was a problem hiding this comment.
Maybe also add a writable location, so that users can put data back on the host without having to use limactl copy? The sample configurations for lima share /tmp/lima between host and VM: https://github.com/lima-vm/lima/blob/master/pkg/limayaml/default.yaml#L45-L46
| @@ -0,0 +1 @@ | |||
| export CONTAINERD_ADDRESS=/run/k3s/containerd/containerd.sock | |||
There was a problem hiding this comment.
Users may expect export CONTAINERD_NAMESPACE=k8s.io too, if they expect nerdctl ps to show k3s containers.
There was a problem hiding this comment.
I believe this is supposed to be used for native container development à la docker-compose, in which case keeping images separate would be a feature.
I would keep it separate for now, and maybe later add a checkbox in the GUI to set the default namespace?
There was a problem hiding this comment.
@AkihiroSuda Thanks for checking in on this. I had thought about the namespace part. But, we want to expose full nerdctl to people who just want to work with containers. We will document using the Kubernetes namespace for those who want it for that.
There was a problem hiding this comment.
Should this be in src/assets/scripts/… instead?
Do we need this as a separate file, or is putting it inside of the nerdctl script enough (as in, /usr/bin/env CONTAINERD_ADDRESS=… nerdctl …)? Having a separate script makes more sense if we expect other things to need it, but I don't believe we expect users to manually run limactl shell (except as a troubleshooting step under our direction).
There was a problem hiding this comment.
I've set it up this way because I've been using nerdctl within the VM for troubleshooting. This just makes it easier.
There was a problem hiding this comment.
We will soon be able to put the thing into lima.yaml as
env:
CONTAINERD_ADDRESS=/run/k3s/containerd/containerd.sockand it will automatically be added to /etc/environment and be available everywhere in the guest.
This doesn't work right now because our Alpine image uses an sshd that has been compiled without pam support (and also there is no sshd.pamd file either that enables pam_env for ssh sessions). Will work on this soonish, but for now using .profile seems fine.
mattfarina
force-pushed
the
macos-nerdctl
branch
from
dc9a435
to
33ef47d
Compare
This includes: - nerdctl as a CLI that can be added to the path like the other tools. - An updated version of alpine-lima that includes nerdctl and the other binaries it needs. - ~ is mounted so that nerdctl build can access the files to build. nerdctl build will not work for locations outside of ~. - A .profile file exporting an environment variable to tell nerdctl where the containerd socket is as k3s puts it in a non-standard location. Note, in the future we should look at taring up the build directory and sending it to the VM. That would be a more substancial effort to accomplish. Related to rancher-sandbox#566 Thanks to Jan for all the pointers in creating this and the alpine-lima build. Signed-off-by: Matt Farina <[email protected]>
Based on feedback from Jan. Signed-off-by: Matt Farina <[email protected]>
Signed-off-by: Matt Farina <[email protected]>
Signed-off-by: Matt Farina <[email protected]>
Feedback from Jan Signed-off-by: Matt Farina <[email protected]>
Signed-off-by: Matt Farina <[email protected]>
Signed-off-by: Matt Farina <[email protected]>
mattfarina
force-pushed
the
macos-nerdctl
branch
from
ebfaf4c
to
7505928
Compare
This includes:
tools.
other binaries it needs.
nerdctl build will not work for locations outside of ~.
where the containerd socket is as k3s puts it in a non-standard
location.
Note, in the future we should look at taring up the build directory
and sending it to the VM. That would be a more substancial effort
to accomplish.
Related to #566
Thanks to Jan for all the pointers in creating this and the alpine-lima
build.