che icon indicating copy to clipboard operation
che copied to clipboard
verified publisher icon eclipse-che

Update UDI to allow using fuse-overlay rather than VFS with podman/buildah

Open l0rd opened this issue 3 years ago • 7 comments

Is your enhancement related to a problem? Please describe

VFS is slow and building an image using Eclispe Che may take minutes when the same build takes seconds on a local machine.

Describe the solution you'd like

Configure docker/podman in the Universal Developer Image to use Fuse instead of VFS and test to build and image on OpenShift.

Additional context

It's recommended to use fuse-overlayfs rather than VFS when using podman/buildah/docker There was an initiative to use Fuse overlay by default

l0rd avatar Sep 09 '22 12:09 l0rd

fuse-overlayfs-1.9-1.module+el8.6.0+15917+093ca6f8 exists in RHEL 8.6.

So we can install that, and then follow steps to configure podman:

https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md#ensure-fuse-overlayfs-is-installed

nickboldt avatar Oct 17 '22 16:10 nickboldt

Downstream issue

l0rd avatar Oct 28 '22 12:10 l0rd

Issues go stale after 180 days of inactivity. lifecycle/stale issues rot after an additional 7 days of inactivity and eventually close.

Mark the issue as fresh with /remove-lifecycle stale in a new comment.

If this issue is safe to close now please do so.

Moderators: Add lifecycle/frozen label to avoid stale mode.

che-bot avatar Apr 26 '23 00:04 che-bot

/remove-lifecycle stale

l0rd avatar May 01 '23 10:05 l0rd

@l0rd Try this, it works.

Create a MachineConfig to enable containers to use /dev/fuse

cat << EOF | butane | oc apply -f -
variant: openshift
version: 4.13.0
metadata:
  labels:
    machineconfiguration.openshift.io/role: worker
  name: nested-podman
storage:
  files:
  - path: /etc/crio/crio.conf.d/99-nested-podman
    mode: 0644
    overwrite: true
    contents:
      inline: |
        [crio.runtime.workloads.nested-podman]
        activation_annotation = "io.openshift.nested-podman"
        allowed_annotations = [
          "io.kubernetes.cri-o.Devices"
        ]
        [crio.runtime]
        allowed_devices=["/dev/fuse"]
EOF

Note: Use machineconfiguration.openshift.io/role: master on SNO

Next, create a Dev Spaces workspace with a Podman enabled image.

Edit the devfile and add this to the container that runs vscode:

attributes:
  pod-overrides: {"metadata": {"annotations": {"io.kubernetes.cri-o.Devices":"/dev/fuse","io.openshift.nested-podman":""}}}

Restart the workspace from the local devfile.

Remove the vfs configuration if it has been set in ~/.config/containers/storage.conf

Then run a podman build

cgruver avatar Aug 07 '23 19:08 cgruver

Issues go stale after 180 days of inactivity. lifecycle/stale issues rot after an additional 7 days of inactivity and eventually close.

Mark the issue as fresh with /remove-lifecycle stale in a new comment.

If this issue is safe to close now please do so.

Moderators: Add lifecycle/frozen label to avoid stale mode.

che-bot avatar Feb 03 '24 00:02 che-bot

/remove-lifecycle stale

l0rd avatar Feb 10 '24 01:02 l0rd