Coder.com•8mo ago

Docker-in-Docker with sysbox on Kubernetes

Hi! I'm trying to setup sysbox-runc using the instructions provided in https://coder.com/docs/v2/latest/templates/docker-in-workspaces#use-sysbox-in-kubernetes-based-templates (and previously installing the sysbox on the k8s cluster in question). However, when I'm creating a new workspace I get the following error:

Error: pods "coder-artyom-artyom-test-sysbox-coder" is forbidden: pod rejected: RuntimeClass "sysbox-runc" not found
on main.tf line 205, in resource "kubernetes_pod" "main":
  205: resource "kubernetes_pod" "main" {

Error: pods "coder-artyom-artyom-test-sysbox-coder" is forbidden: pod rejected: RuntimeClass "sysbox-runc" not found
on main.tf line 205, in resource "kubernetes_pod" "main":
  205: resource "kubernetes_pod" "main" {

I can definitely see the sysbox-runc runtime existing on the cluster. Wondering what can be wrong?

Docker in workspaces - Coder v2 Docs

Use Docker inside containerized templates

6 Replies

Codercord•8mo ago

<#1222195875443376138>

Category

Help needed

Product

Coder OSS (v2)

Platform

Linux

Logs

Please post any relevant logs/error messages.

kyle•8mo ago

Are you certain it's allowed in that namespace?

privetartyomkaOP•8mo ago

How can I check that? The namespace is just created, nothing extra was done for it

kyle•8mo ago

It's possible you'll have to adjust the service account permissions to provide access to the runtime 🤔

privetartyomkaOP•8mo ago

The service account on behalf of which the coder workspaces are created, right? That could have been skipped, as we currently don't have any service account specification in the templates Just a sanity check -- if I'm trying to test setup on a brand new fresh GKE cluster, one has to go thru the entire setup, including installing coder with helm?

kyle•8mo ago

Yup

Gaming

Programming

Docker-in-Docker with sysbox on Kubernetes