kind icon indicating copy to clipboard operation
kind copied to clipboard

Published 20 hours ago verified publisher icon kubernetes-sigs

How to use a punctuation mark colon in cluster config field extraMounts.containerPath.hostPath ?

Open iming0319 opened this issue 2 years ago • 3 comments

I want to mount a harbor ca.crt file to my kind cluster. and part of my cluster config yaml looks like this `

extraMounts:
  - containerPath: /etc/docker/certs.d/my.harbor.domain:30725
    hostPath: /etc/docker/certs.d/my.harbor.domain:30725

` Then I run my command: $ kind create cluster --config kind-clustercfg.yaml I got an error message

Creating cluster "harbor-ready" ... ✓ Ensuring node image (kindest/node:v1.21.1) 🖼 ✗ Preparing nodes 📦 ERROR: failed to create cluster: docker run error: command "docker run --hostname harbor-ready-control-plane --name harbor-ready-control-plane --label io.x-k8s.kind.role=control-plane --privileged --security-opt seccomp=unconfined --security-opt apparmor=unconfined --tmpfs /tmp --tmpfs /run --volume /var --volume /lib/modules:/lib/modules:ro --detach --tty --label io.x-k8s.kind.cluster=harbor-ready --net kind --restart=on-failure:1 --init=false --volume=/etc/docker/certs.d/my.harbor.domain:30725:/etc/docker/certs.d/my.harbor.domain:30725 --volume=/etc/acm-sub-manager:/etc/acm-sub-manager --volume=/home/acmop/.docker/config.json:/var/lib/kubelet/config.json --publish=0.0.0.0:32459:32459/TCP --publish=127.0.0.1:33891:6443/TCP -e KUBECONFIG=/etc/kubernetes/admin.conf kindest/node:v1.21.1@sha256:69860bda5563ac81e3c0057d654b5253219618a22ec3a346306239bba8cfa1a6" failed with error: exit status 125 Command Output: docker: Error response from daemon: invalid volume specification: '/etc/docker/certs.d/my.harbor.domain:30725:/etc/docker/certs.d/my.harbor.domain:30725'. See 'docker run --help'. I think the point is the name of the directory. Is it possible to use a colon mark in hostPath?

iming0319 avatar May 17 '22 03:05 iming0319

I think you can't in the current implementation. FWIW you could:

  • mount the whole certs.d directory
  • docker cp instead of using an extra mount

as work arounds for now.

if we alter the implementation, we'll need to take care to consider how to leave room for https://github.com/kubernetes-sigs/kind/issues/1966

BenTheElder avatar May 17 '22 15:05 BenTheElder

I think if we use --mount instead of --voulme in the code it might be possible, here:

https://github.com/kubernetes-sigs/kind/blob/c6b929bd797afecc2cbcc4d5425c614e6a68f495/pkg/cluster/internal/providers/docker/provision.go#L317

Reference

Want me to give it a shot?

yardenshoham avatar Aug 28 '22 17:08 yardenshoham

See above comment and linked thread for why we need to be careful about how we approach supporting this -- users are used to colons => volumes and we'll actually want to support volumes in a future API revision.

I don't think anyone has outlined how exactly we should do this yet and handle both of these.

BenTheElder avatar Aug 28 '22 20:08 BenTheElder