1

Minikube now supports rootless podman driver for running Kubernetes

 1 year ago
source link: https://github.com/kubernetes/minikube/pull/13829
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Conversation

Member

@AkihiroSuda AkihiroSuda commented on Mar 22

edited

Usage:

minikube config set rootless true
minikube start --driver=podman --container-runtime=cri-o

The container runtime can be set to containerd too.

Tested on Podman 4.0.2, Ubuntu 21.10.

Needs cgroup v2 (as in Rootless Docker): https://rootlesscontaine.rs/getting-started/common/cgroup2/
See also site/content/en/docs/drivers/includes/podman_usage.inc

Fixes #8719
Fixes #12460
Replaces PR #12901

Changes from PR #12901 (take 1): rootless is now a config property.
In the previous PR, --rootless was implemented as a flag for minikube start

criztovyl and koalalorenzo reacted with hooray emoji All reactions

Collaborator

minikube-bot commented on Mar 22

Can one of the admins verify this patch?

Member

medyagh commented on Mar 22

thank you @AkihiroSuda for this PR, I see there is another PR #13828

do you mind clarifying their relations ? does one of them depend on the other one ?

Member

Author

AkihiroSuda commented on Mar 23

edited

thank you @AkihiroSuda for this PR, I see there is another PR #13828

do you mind clarifying their relations ? does one of them depend on the other one ?

Orthogonal.
#13828 is a bug fix for --container-runtime=containerd that has been broken since minikube 1.25.
#13829 is for adding a support for --driver=podman --rootless --container-runtime=(crio|containerd).
#13829 does not depend on #13828 (unless used in conjunction with --container-runtime=containerd)

Member

medyagh commented on Mar 23

thank you @AkihiroSuda for this PR, I see there is another PR #13828
do you mind clarifying their relations ? does one of them depend on the other one ?

Orthogonal. #13828 is a bug fix for --container-runtime=containerd that has been broken since minikube 1.25. #13829 is for adding a support for --driver=podman --rootless --container-runtime=(crio|containerd). #13829 does not depend on #13828 (unless used in conjunction with --container-runtime=containerd)

thank you very much for clarifying

Member

medyagh commented on Mar 23

/ok-to-test

k8s-ci-robot

added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label

on Mar 23

kvm2 driver with docker runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 13829) |
+----------------+----------+---------------------+
| minikube start | 53.0s    | 52.2s               |
| enable ingress | 29.2s    | 28.5s               |
+----------------+----------+---------------------+

docker driver with docker runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 13829) |
+----------------+----------+---------------------+
| minikube start | 25.8s    | 26.0s               |
| enable ingress | 22.2s    | 22.9s               |
+----------------+----------+---------------------+

docker driver with containerd runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 13829) |
+----------------+----------+---------------------+
| minikube start | 43.0s    | 41.7s               |
| enable ingress | 24.8s    | 21.5s               |
+----------------+----------+---------------------+

These are the flake rates of all failed tests.

Environment Failed Tests Flake Rate (%)
Docker_Linux_containerd TestNetworkPlugins/group/enable-default-cni/Start (gopogh) 0.00 (chart)
Docker_Linux TestStartStop/group/embed-certs/serial/Pause (gopogh) 5.92 (chart)
Docker_Linux_containerd TestPause/serial/Start (gopogh) 18.56 (chart)
Docker_Linux_containerd TestAddons/Setup (gopogh) 21.56 (chart)
Docker_Linux_containerd TestIngressAddonLegacy/serial/ValidateIngressAddonActivation (gopogh) 21.56 (chart)
Docker_Linux_containerd TestIngressAddonLegacy/StartLegacyK8sCluster (gopogh) 21.56 (chart)
Docker_Linux_containerd TestJSONOutput/start/Audit (gopogh) 21.56 (chart)
Docker_Linux_containerd TestJSONOutput/start/Command (gopogh) 21.56 (chart)
Docker_Linux_containerd TestMultiNode/serial/AddNode (gopogh) 21.56 (chart)
Docker_Linux_containerd TestMultiNode/serial/DeleteNode (gopogh) 21.56 (chart)
Docker_Linux_containerd TestMultiNode/serial/FreshStart2Nodes (gopogh) 21.56 (chart)
Docker_Linux_containerd TestMultiNode/serial/ProfileList (gopogh) 21.56 (chart)
Docker_Linux_containerd TestMultiNode/serial/RestartKeepsNodes (gopogh) 21.56 (chart)
Docker_Linux_containerd TestMultiNode/serial/RestartMultiNode (gopogh) 21.56 (chart)
Docker_Linux_containerd TestMultiNode/serial/StartAfterStop (gopogh) 21.56 (chart)
Docker_Linux_containerd TestMultiNode/serial/StopNode (gopogh) 21.56 (chart)
Docker_Linux_containerd TestPreload (gopogh) 21.56 (chart)
Docker_Linux_containerd TestOffline (gopogh) 28.74 (chart)
Docker_Linux_containerd TestFunctional/parallel/ServiceCmdConnect (gopogh) 30.32 (chart)
Docker_Linux_containerd TestFunctional/parallel/DashboardCmd (gopogh) 31.14 (chart)
Docker_Linux_containerd TestFunctional/parallel/MountCmd/any-port (gopogh) 31.14 (chart)
Docker_Linux_containerd TestFunctional/parallel/MySQL (gopogh) 31.14 (chart)
Docker_Linux_containerd TestFunctional/parallel/PersistentVolumeClaim (gopogh) 31.14 (chart)
Docker_Linux_containerd TestFunctional/parallel/ServiceCmd (gopogh) 31.14 (chart)
Docker_Linux_containerd TestFunctional/parallel/TunnelCmd/serial/AccessDirect (gopogh) 31.14 (chart)
Docker_Linux_containerd TestFunctional/parallel/TunnelCmd/serial/WaitService/Setup (gopogh) 31.14 (chart)
Docker_Linux_containerd TestFunctional/serial/ExtraConfig (gopogh) 31.14 (chart)
Docker_Linux_containerd TestFunctional/serial/SoftStart (gopogh) 31.14 (chart)
Docker_Linux_containerd TestFunctional/serial/StartWithProxy (gopogh) 31.14 (chart)
Docker_Linux_containerd TestMultiNode/serial/DeployApp2Nodes (gopogh) 31.14 (chart)
More tests... Continued...

Too many tests failed - See test logs for more details.

To see the flake rates of all tests by environment, click here.

@AkihiroSuda What do you think about adding rootless to cmd/minikube/cmd/config/config.go ? That way you can do

minikube config set rootless true

Looking forward to this feature !

Member

Author

AkihiroSuda commented on Mar 26

@AkihiroSuda What do you think about adding rootless to cmd/minikube/cmd/config/config.go ? That way you can do

minikube config set rootless true

Looking forward to this feature !

Thanks for the suggestion +1 , updated PR to support minikube config set rootless true.

AkihiroSuda

changed the title Support rootless Podman driver, take 2

Support rootless Podman driver, take 2 (Usage: minikube config set rootless true)

on Mar 26

kvm2 driver with docker runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 13829) |
+----------------+----------+---------------------+
| minikube start | 52.9s    | 52.3s               |
| enable ingress | 27.5s    | 28.5s               |
+----------------+----------+---------------------+

docker driver with docker runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 13829) |
+----------------+----------+---------------------+
| minikube start | 26.3s    | 25.9s               |
| enable ingress | 24.5s    | 23.0s               |
+----------------+----------+---------------------+

docker driver with containerd runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 13829) |
+----------------+----------+---------------------+
| minikube start | 41.2s    | 43.3s               |
| enable ingress | 21.6s    | 19.9s               |
+----------------+----------+---------------------+

kvm2 driver with docker runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 13829) |
+----------------+----------+---------------------+
| minikube start | 53.5s    | 52.9s               |
| enable ingress | 29.0s    | 27.2s               |
+----------------+----------+---------------------+

docker driver with docker runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 13829) |
+----------------+----------+---------------------+
| minikube start | 25.9s    | 25.6s               |
| enable ingress | 23.1s    | 23.2s               |
+----------------+----------+---------------------+

docker driver with containerd runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 13829) |
+----------------+----------+---------------------+
| minikube start | 41.3s    | 43.0s               |
| enable ingress | 22.1s    | 20.4s               |
+----------------+----------+---------------------+

Thanks for the suggestion +1 , updated PR to support minikube config set rootless true.

Works - podman 3.4.4 w/ CRI-O 1.22.3 (Fedora 35) ! Thank you +1

These are the flake rates of all failed tests.

Environment Failed Tests Flake Rate (%)
Hyper-V_Windows TestNetworkPlugins/group/enable-default-cni/NetCatPod (gopogh) 1.71 (chart)
Docker_Linux_containerd TestKubernetesUpgrade (gopogh) 3.61 (chart)
Docker_Linux TestStartStop/group/embed-certs/serial/Pause (gopogh) 6.88 (chart)
Docker_Linux TestNetworkPlugins/group/auto/DNS (gopogh) 7.50 (chart)
Docker_macOS TestNetworkPlugins/group/false/DNS (gopogh) 19.47 (chart)
Hyper-V_Windows TestNetworkPlugins/group/flannel/Start (gopogh) 20.42 (chart)
Docker_Windows TestNoKubernetes/serial/Stop (gopogh) 24.00 (chart)
Hyper-V_Windows TestSkaffold (gopogh) 26.06 (chart)
Docker_Windows TestSkaffold (gopogh) 26.98 (chart)
Hyper-V_Windows TestNetworkPlugins/group/bridge/Start (gopogh) 33.10 (chart)
Docker_Windows TestStartStop/group/old-k8s-version/serial/Pause (gopogh) 35.62 (chart)
Docker_Windows TestNetworkPlugins/group/bridge/DNS (gopogh) 38.00 (chart)
Hyper-V_Windows TestNetworkPlugins/group/kubenet/Start (gopogh) 38.03 (chart)
Docker_Linux TestFunctional/serial/ComponentHealth (gopogh) 41.88 (chart)
Docker_Windows TestNetworkPlugins/group/kubenet/Start (gopogh) 43.53 (chart)
Docker_macOS TestNetworkPlugins/group/kubenet/DNS (gopogh) 47.95 (chart)
Docker_Windows TestNetworkPlugins/group/kindnet/Start (gopogh) 48.24 (chart)
Docker_macOS TestStartStop/group/default-k8s-different-port/serial/SecondStart (gopogh) 49.00 (chart)
Docker_Linux_containerd TestNetworkPlugins/group/kindnet/Start (gopogh) 50.00 (chart)
Docker_macOS TestFunctional/serial/ComponentHealth (gopogh) 50.33 (chart)
Docker_macOS TestFunctional/serial/ExtraConfig (gopogh) 50.33 (chart)
Docker_Linux TestNetworkPlugins/group/kindnet/DNS (gopogh) 54.08 (chart)
Docker_macOS TestNetworkPlugins/group/calico/Start (gopogh) 58.87 (chart)
Docker_Linux TestNetworkPlugins/group/custom-weave/Start (gopogh) 60.00 (chart)
Docker_macOS TestNetworkPlugins/group/kindnet/Start (gopogh) 60.28 (chart)
Docker_macOS TestNetworkPlugins/group/bridge/DNS (gopogh) 61.39 (chart)
Docker_macOS TestNetworkPlugins/group/enable-default-cni/DNS (gopogh) 64.29 (chart)
Docker_Windows TestNetworkPlugins/group/calico/Start (gopogh) 66.67 (chart)
Docker_Linux TestNetworkPlugins/group/bridge/DNS (gopogh) 70.00 (chart)
Docker_Linux TestNetworkPlugins/group/enable-default-cni/DNS (gopogh) 71.25 (chart)
More tests... Continued...

Too many tests failed - See test logs for more details.

To see the flake rates of all tests by environment, click here.

These are the flake rates of all failed tests.

Environment Failed Tests Flake Rate (%)
Docker_macOS TestNetworkPlugins/group/auto/DNS (gopogh) 2.63 (chart)
Docker_Linux_containerd TestFunctional/serial/LogsFileCmd (gopogh) 7.19 (chart)
Docker_macOS TestDownloadOnlyKic (gopogh) 7.79 (chart)
Docker_macOS TestDownloadOnly/v1.23.3/preload-exists (gopogh) 7.79 (chart)
Docker_macOS TestNetworkPlugins/group/false/DNS (gopogh) 19.30 (chart)
Docker_Windows TestPause/serial/Pause (gopogh) 21.05 (chart)
Docker_Windows TestKubernetesUpgrade (gopogh) 26.98 (chart)
Docker_Windows TestSkaffold (gopogh) 26.98 (chart)
Docker_macOS TestNetworkPlugins/group/bridge/Start (gopogh) 28.17 (chart)
Docker_Windows TestNoKubernetes/serial/StartWithStopK8s (gopogh) 29.27 (chart)
Docker_macOS TestNetworkPlugins/group/kindnet/DNS (gopogh) 29.82 (chart)
Docker_Windows TestNetworkPlugins/group/kubenet/DNS (gopogh) 32.61 (chart)
Docker_macOS TestNetworkPlugins/group/calico/DNS (gopogh) 34.55 (chart)
Docker_macOS TestNetworkPlugins/group/kubenet/Start (gopogh) 47.89 (chart)
Docker_macOS TestFunctional/serial/ComponentHealth (gopogh) 50.65 (chart)
Docker_macOS TestFunctional/serial/ExtraConfig (gopogh) 50.65 (chart)
Docker_macOS TestNetworkPlugins/group/enable-default-cni/DNS (gopogh) 63.72 (chart)
Docker_Windows TestFunctional/parallel/TunnelCmd/serial/WaitService/IngressIP (gopogh) 71.43 (chart)
Docker_macOS TestDownloadOnly/v1.16.0/preload-exists (gopogh) 100.00 (chart)
Docker_Windows TestFunctional/parallel/ServiceCmd (gopogh) 100.00 (chart)
Docker_Windows TestNetworkPlugins/group/cilium/Start (gopogh) 100.00 (chart)

To see the flake rates of all tests by environment, click here.

Member

Author

AkihiroSuda commented on Apr 5

Rebased

kvm2 driver with docker runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 13829) |
+----------------+----------+---------------------+
| minikube start | 63.4s    | 63.1s               |
| enable ingress | 29.7s    | 28.0s               |
+----------------+----------+---------------------+

docker driver with docker runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 13829) |
+----------------+----------+---------------------+
| minikube start | 36.0s    | 36.1s               |
| enable ingress | 22.5s    | 22.4s               |
+----------------+----------+---------------------+

docker driver with containerd runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 13829) |
+----------------+----------+---------------------+
| minikube start | 57.5s    | 59.3s               |
| enable ingress | 26.9s    | 29.5s               |
+----------------+----------+---------------------+

These are the flake rates of all failed tests.

Environment Failed Tests Flake Rate (%)
Docker_Linux TestCertExpiration (gopogh) 0.65 (chart)
Docker_macOS TestSkaffold (gopogh) 1.96 (chart)
Docker_Linux TestNoKubernetes/serial/Start (gopogh) 3.25 (chart)
KVM_Linux TestErrorSpam/setup (gopogh) 4.65 (chart)
KVM_Linux_containerd TestErrorSpam/setup (gopogh) 4.68 (chart)
Hyperkit_macOS TestErrorSpam/setup (gopogh) 6.17 (chart)
Hyper-V_Windows TestNetworkPlugins/group/calico/Start (gopogh) 7.19 (chart)
Hyper-V_Windows TestNetworkPlugins/group/cilium/Start (gopogh) 7.19 (chart)
Hyper-V_Windows TestNetworkPlugins/group/custom-weave/Start (gopogh) 9.35 (chart)
Hyper-V_Windows TestNetworkPlugins/group/false/Start (gopogh) 11.51 (chart)
Hyper-V_Windows TestErrorSpam/setup (gopogh) 14.39 (chart)
Docker_Cloud_Shell TestStartStop/group/cloud-shell/serial/AddonExistsAfterStop (gopogh) 17.31 (chart)
Docker_Cloud_Shell TestStartStop/group/cloud-shell/serial/EnableAddonAfterStop (gopogh) 17.83 (chart)
Docker_Cloud_Shell TestStartStop/group/cloud-shell/serial/Stop (gopogh) 17.83 (chart)
Docker_Cloud_Shell TestStartStop/group/cloud-shell/serial/UserAppExistsAfterStop (gopogh) 18.35 (chart)
Docker_Cloud_Shell TestStartStop/group/cloud-shell/serial/SecondStart (gopogh) 18.87 (chart)
Hyper-V_Windows TestNetworkPlugins/group/enable-default-cni/Start (gopogh) 23.02 (chart)
Docker_Linux_containerd TestStartStop/group/old-k8s-version/serial/FirstStart (gopogh) 26.19 (chart)
Docker_Linux_containerd TestStartStop/group/old-k8s-version/serial/SecondStart (gopogh) 26.19 (chart)
Docker_Linux_containerd TestStartStop/group/old-k8s-version/serial/DeployApp (gopogh) 26.77 (chart)
Docker_Linux_containerd TestStartStop/group/old-k8s-version/serial/UserAppExistsAfterStop (gopogh) 26.77 (chart)
Hyper-V_Windows TestNetworkPlugins/group/flannel/Start (gopogh) 27.34 (chart)
Docker_Linux_containerd TestFunctional/parallel/DashboardCmd (gopogh) 28.48 (chart)
Docker_Linux_containerd TestStartStop/group/no-preload/serial/DeployApp (gopogh) 28.57 (chart)
Docker_Linux_containerd TestStartStop/group/no-preload/serial/FirstStart (gopogh) 29.13 (chart)
Docker_Linux_containerd TestStartStop/group/no-preload/serial/SecondStart (gopogh) 30.16 (chart)
Docker_Linux_containerd TestStartStop/group/no-preload/serial/UserAppExistsAfterStop (gopogh) 30.71 (chart)
Docker_macOS TestStartStop/group/newest-cni/serial/FirstStart (gopogh) 31.82 (chart)
Hyper-V_Windows TestNetworkPlugins/group/bridge/Start (gopogh) 37.41 (chart)
Hyper-V_Windows TestNetworkPlugins/group/kubenet/Start (gopogh) 42.45 (chart)
More tests... Continued...

Too many tests failed - See test logs for more details.

To see the flake rates of all tests by environment, click here.

Member

Author

AkihiroSuda commented on Apr 7

jesperpedersen reacted with thumbs up emoji All reactions

Contributor

k8s-ci-robot commented on Apr 12

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: AkihiroSuda, sharifelgamal

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

k8s-ci-robot

added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label

on Apr 12

sharifelgamal

merged commit ad5c964 into

kubernetes:master on Apr 12

21 of 37 checks passed

champagne
ibakirov reacted with thumbs up emoji All reactions

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Assignees

No one assigned

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects

None yet

Milestone

No milestone

7 participants

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK