Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix hyperkube docs-v2 #905

Merged
merged 1 commit into from
Jul 29, 2016
Merged

Fix hyperkube docs-v2 #905

merged 1 commit into from
Jul 29, 2016

Conversation

cheld
Copy link
Contributor

@cheld cheld commented Jul 25, 2016

I deleted my doc-fork and was not able to recover my old PR. This is the continuation of

#634

Original description:

Kubernetes 1.3.0-alpha.5 requires to update the user guide for starting Hyperkube.

Sections:
"Running Kubernetes Locally via Docker"
"Portable Multi-Node Clusters"

Fixes kubernetes/kubernetes#26943

CC @luxas

@cheld
Copy link
Contributor Author

cheld commented Jul 25, 2016

@gertipoppel could you please have a look?

@pmorie
Copy link
Member

pmorie commented Jul 25, 2016

@cheld Thanks for doing this -- did you have better luck with shared than with rslave ? I think rslave might be a move conservative recommendation to make at this point -- in my reading of the open issues on this subject it seemed like folks had hit some problems with shared. LMK.

@cheld
Copy link
Contributor Author

cheld commented Jul 25, 2016

Up to my knowledge we have the following status:

  1. --containerized: not working at all (since alpha.5 to latest release)
  2. --containerized + (r)slave: worked for me, however, @luxas reported problems
  3. shared: working

Option 2 & 3 both worked on my environment. The usage of containerized + slave do not require a setup step and therefore more user friendly. However, in my understanding containerized is a hack which just broke.

@pmorie
Copy link
Member

pmorie commented Jul 25, 2016

@cheld I'm the author of containerized so I can give you some background. Basically, that option only controls the mounter implementation used. Before docker supported mount propagation mode control, this was necessary to do the mount in the host's mount ns so that the mountpoints could be used by other processes on the host (ie, other containers).

@luxas - did you ever have success with rslave?

@luxas
Copy link
Member

luxas commented Jul 25, 2016

@pmorie No, I didn't. Can take a second look now with v1.3 released, but I think we should switch to the shared mount anyway. The downside of the shared mount is the commands one have to run before, but it has worked well for me.

LGTM

jaredbhatti
jaredbhatti reviewed Jul 25, 2016
View reviewed changes
docs/getting-started-guides/docker.md
2. Decide what Kubernetes version to use. Set the `${K8S_VERSION}` variable to
a released version of Kubernetes >= "v1.2.0". If you'd like to use the current stable version of Kubernetes, run the following:
1. You need to have docker version >= "1.10" installed on the machine.
2. Enable mount propagation. Hyperkube is running in a container which has to mount volumes for other containers, e.g. in case of persistent storage. The required steps depend on the init system.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's better to just say "For example" instead of "e.g."

@cheld
Copy link
Contributor Author

cheld commented Jul 26, 2016

I improved the document structure - mostly by adding tabs. Also, improved the wording a bit.

PTAL

@luxas luxas self-assigned this Jul 26, 2016
luxas
luxas reviewed Jul 26, 2016
View reviewed changes
docs/getting-started-guides/docker.md
systemctl restart docker
```

**Otherwise**, manually set the mount point used by Hyperkube to be shared:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This always needs to be done

@luxas
Copy link
Member

luxas commented Jul 26, 2016

@cheld Just one thing more to change

@cheld
Copy link
Contributor Author

cheld commented Jul 26, 2016

@luxas
hmm...are you sure? I did detail testing with hyperkube and without hyperkube. In my environment the steps are not required.

e.g. see the following steps. Mount a iso volue without shared in a docker container => not visible on host

~/Downloads/iso$ ls
boot2docker.iso  tmp


$ docker run --privileged --volume=/home/cheld/Downloads/iso/:/downloads -it debian /bin/bash 
# cd /downloads
# ls
boot2docker.iso  tmp
# mount boot2docker.iso tmp/

~/Downloads/iso$ ls tmp/  
~/Downloads/iso$           #please note, mount is not visible to host

~/Downloads/iso$ findmnt -o TARGET,PROPAGATION
TARGET                                                               PROPAGATION
/                                                                    shared
├─/sys                                                               shared
│ ├─/sys/kernel/security                                             shared
│ ├─/sys/fs/cgroup                                                   shared
│ │ ├─/sys/fs/cgroup/systemd                                         shared
│ │ ├─/sys/fs/cgroup/cpu,cpuacct                                     shared
│ │ ├─/sys/fs/cgroup/freezer                                         shared
│ │ ├─/sys/fs/cgroup/net_cls,net_prio                                shared
│ │ ├─/sys/fs/cgroup/blkio                                           shared
│ │ ├─/sys/fs/cgroup/devices                                         shared
│ │ ├─/sys/fs/cgroup/hugetlb                                         shared
│ │ ├─/sys/fs/cgroup/memory                                          shared
│ │ ├─/sys/fs/cgroup/cpuset                                          shared
│ │ └─/sys/fs/cgroup/perf_event                                      shared
│ ├─/sys/fs/pstore                                                   shared
│ ├─/sys/kernel/debug                                                shared
│ └─/sys/fs/fuse/connections                                         shared
├─/proc                                                              shared
│ └─/proc/sys/fs/binfmt_misc                                         shared
├─/dev                                                               shared
│ ├─/dev/pts                                                         shared
│ ├─/dev/shm                                                         shared
│ ├─/dev/hugepages                                                   shared
│ └─/dev/mqueue                                                      shared
├─/run                                                               shared
│ ├─/run/lock                                                        shared
│ ├─/run/cgmanager/fs                                                shared
│ ├─/run/user/1000                                                   shared
│ │ └─/run/user/1000/gvfs                                            shared
│ └─/run/docker/netns/63af7e8e918b                                   shared
├─/var/lib/lxcfs                                                     shared
├─/var/lib/docker/aufs                                               private
│ └─/var/lib/docker/aufs/mnt/18e106c214d0946301fc39bb6d5b47881d48d3449e1563472f023e0b94be61cf
│                                                                    private
└─/var/lib/docker/containers/78527660362c345285bde186eece7d5f4db966cd0409fe6920c68bc3c80eb320/shm

# please not, mount is not visible on host

Same steps with shared. Mount iso volume in docker => files visible in host and other containers. No extra steps required

~/Downloads/iso$ docker run --privileged --volume=/home/cheld/Downloads/iso/:/downloads:rw,shared -it debian /bin/bash 
# cd downloads/
# mount boot2docker.iso tmp/

~/Downloads/iso$ ls tmp/
boot  version

~/Downloads/iso$ findmnt -o TARGET,PROPAGATION
TARGET                                                               PROPAGATION
/                                                                    shared
├─/sys                                                               shared
│ ├─/sys/kernel/security                                             shared
│ ├─/sys/fs/cgroup                                                   shared
│ │ ├─/sys/fs/cgroup/systemd                                         shared
│ │ ├─/sys/fs/cgroup/cpu,cpuacct                                     shared
│ │ ├─/sys/fs/cgroup/freezer                                         shared
│ │ ├─/sys/fs/cgroup/net_cls,net_prio                                shared
│ │ ├─/sys/fs/cgroup/blkio                                           shared
│ │ ├─/sys/fs/cgroup/devices                                         shared
│ │ ├─/sys/fs/cgroup/hugetlb                                         shared
│ │ ├─/sys/fs/cgroup/memory                                          shared
│ │ ├─/sys/fs/cgroup/cpuset                                          shared
│ │ └─/sys/fs/cgroup/perf_event                                      shared
│ ├─/sys/fs/pstore                                                   shared
│ ├─/sys/kernel/debug                                                shared
│ └─/sys/fs/fuse/connections                                         shared
├─/proc                                                              shared
│ └─/proc/sys/fs/binfmt_misc                                         shared
├─/dev                                                               shared
│ ├─/dev/pts                                                         shared
│ ├─/dev/shm                                                         shared
│ ├─/dev/hugepages                                                   shared
│ └─/dev/mqueue                                                      shared
├─/run                                                               shared
│ ├─/run/lock                                                        shared
│ ├─/run/cgmanager/fs                                                shared
│ ├─/run/user/1000                                                   shared
│ │ └─/run/user/1000/gvfs                                            shared
│ └─/run/docker/netns/d9666079badc                                   shared
├─/var/lib/lxcfs                                                     shared
├─/var/lib/docker/aufs                                               private
│ └─/var/lib/docker/aufs/mnt/b423d2884314ae9342a89093dd96e1b406ed986546cc85f672562efd0784854d
│                                                                    private
├─/var/lib/docker/containers/32f444aa91872e671f48fca890176d126121229339b522424e8674b4784be412/shm
│                                                                    shared
└─/home/cheld/Downloads/iso/tmp                                      shared

$ docker run --volume=/home/cheld/Downloads/iso/:/downloads debian ls /downloads/tmp
boot
version

Did I miss anything?

@luxas
Copy link
Member

luxas commented Jul 28, 2016

@cheld You're right. Thanks for pointing it out, I didn't notice the mount commands were unecessary on systemd hosts.

LGTM, but needs a rebase

@cheld
Copy link
Contributor Author

cheld commented Jul 29, 2016

kelsey added shared as well. But the setup steps are missing...

@luxas PTAL

@luxas
Copy link
Member

luxas commented Jul 29, 2016

LGTM, thanks!

@luxas luxas merged commit 0fa7771 into kubernetes:master Jul 29, 2016
Okabe-Junya pushed a commit to Okabe-Junya/website that referenced this pull request Dec 4, 2023
@hanyuancheung
Merge pull request kubernetes#905 from JunchengL/dev-zh-firewall
a6de95c 
[zh] Localize firewall.md
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@luxas luxas

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@cheld @pmorie @luxas @jaredbhatti @googlebot @bgrant0607