Comments (10)
Hehe, good to see you're on top of things, @lburgazzoli! I was thinking that kcp
could indeed be interesting in a testing context for operators.
from kcp.
We are now publishing a kcp image (see https://github.com/kcp-dev/kcp/pkgs/container/kcp).
@lburgazzoli can your test automation use a docker cp
/podman cp
command to copy the admin.kubeconfig out of the container for use by your tests?
from kcp.
@ncdc @metacosm added an initial testcontainer impl that spins up a kcp server https://github.com/lburgazzoli/testcontainers-kcp
from kcp.
I believe we can close this. If there are still any issues, please let us know.
from kcp.
Images are already published in CI to GHCR: https://github.com/kcp-dev/kcp/pkgs/container/kcp%2Fsyncer-c2e3073d5026a8f7f2c47a50c16bdbec -- with tags for short commit SHAs:
docker pull ghcr.io/kcp-dev/kcp/syncer-c2e3073d5026a8f7f2c47a50c16bdbec:7471fb9
We can improve this over time (in particular the image name, which is terrible). If you try it out and give feedback about what worked/didn't that would help us improve it.
from kcp.
As per #111, I tough the image is just the syncer, not kcp.
Am I wrong ?
from kcp.
You are totally correct, sorry for misreading.
It should be easy enough to build the image, but if the intention is to run kcp inside a Kubernetes cluster, I'm not sure that's something we've really explored or prioritized yet, so things might not work very well. In particular, kcp presents a K8s control plane backed by etcd, which should run fine inside K8s with its own etcd storage, but it might end up being confusing to have both running.
from kcp.
if the intention is to run kcp inside a Kubernetes cluster
Not at all, my only goal is to be able to spin up kcp as part of my integration tests running locally on my PC or as part of GitHub Actions. As today I use kind or minikube but they are overkill for my use case where in essence I don't need any of the controller that they ship.
from kcp.
It should be easy enough to build the image,
so yes it is quite simple to generate a container image for kcp
with ko
however, what should be the best and easier way to access the kcp
?
I initially tough to use volumes thus having the .kcp
persisted outside of the container but it may cause troubles:
➜ docker run --rm -ti -v $PWD/conf:/.kcp/data:Z -p 6443:6443 ko.local/kcp.go start
{
"level":"warn",
"ts":1634314144.2230017,
"caller":"fileutil/fileutil.go:57",
"msg":"check file permission","error":"directory \".kcp/data\" exist, but the permission is \"dtrwxr-xr-x\". The recommended permission is \"-rwx------\" to prevent possible unprivileged access to the data"
}
Even if kcp starts, then content of the volume is owned by root and it is not accessible by standard users:
➜ ll conf/
total 16
-rw-------. 1 root root 6896 Oct 15 18:27 admin.kubeconfig
-rw-r--r--. 1 root root 2275 Oct 15 18:27 apiserver.crt
-rw-------. 1 root root 1675 Oct 15 18:27 apiserver.key
drwx------. 4 root root 29 Oct 15 18:27 member
drwx------. 5 root root 42 Oct 15 18:27 secrets
This can be fixed by using podman or rootles docker but it may require some additional set-up so, is there a better way to access a kcp
instance running in a container ?
from kcp.
@lburgazzoli let me know how it goes, would be interested to see if this works nicely in GitHub Actions…
from kcp.
Related Issues (20)
- bug: inconsist required versions for cel-go HOT 3
- Document how to view gathered metrics from e2e tests HOT 6
- feature: deployments couldn’t goes back to the origin replicas count in kcp by syncer reconciler after manual change the deployment in pcluster HOT 5
- Community Meeting Jan 31 2023 HOT 7
- bug: Release workflow should play nice with GitHub Packages
- bug/flake: TestAPIExportAuthorizers - APIExport view missing queueing for related APIExports (via claims) HOT 11
- Flake: TestSyncerVirtualWorkspace/access_is_authorized
- bug: When selecting resources to be synced to physical cluster user should always provide resourcename + GVR of the resource if not, i see that resource does not get synced to physical cluster HOT 1
- feature: Option to create a namespace in workload cluster with same name as it is in KCP workspace HOT 1
- bug: menu bar of docs website is misleading when narrow HOT 1
- bug: `sharded-test-server` cannot be restarted successfully without wiping previous contents of .kcpXXX folders HOT 3
- bug: resources synced to workload cluster are deleted and re-created when computer enters sleep mode HOT 1
- flake: TestSyncTargetLocalExport
- bug/flake: authorizer_test.go:437: verify that service-provider-2-admin cannot lists CRD shadowed sherriffs resources in the tenant workspace "root:e2e-workspace-nvqzj:tenant-shadowed-crd" via the virtual apiexport apiserver HOT 4
- bug: `kcp bind compute` does not work as expected for locations on a different workspace HOT 2
- bug: sometimes preexisting resources don't get permission claims labels applied HOT 6
- flake: test/e2e/virtual/syncer TestSyncerVirtualWorkspace/Never_promote_overridden_syncer_view_status_to_upstream_when_scheduled_on_2_synctargets
- flake: TestAPIExportEndpointSliceWithPartitionPrivate
- flake: TestReplicationDisruptive
- c.CacheDynamicClient uses default QPS/burst settings and gets throttled HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kcp.