erik.kubica
erik.kubica
PostsComments
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
No description
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
yes, but my argocd is bugging out right now, because even if it syncs, its "out of sync" even if I compare with head it looks in sync. so I had to restart the deployment for it to detect changes in the values.yaml
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
and ran "newgrp docker" because docker site said "Log out and log back in so that your group membership is re-evaluated." then my docker ps was saying: error error so i did restart and now it works
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
No description
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
Thank you very much
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
I probably should have started with a reboot! It works now, not sure which step made a difference but created a docker workspace
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
securitz context finally ocntains the values, but no change. i will check the link you posted, theoretically i can have my host machine as "remote" machine right?
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
i might have to resolve issue with security context, because argocd reports: securityContext: {}
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
same result with added fsGroup
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
Error pinging Docker server: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/_ping": dial unix /var/run/docker.sock: connect: permission denied
Error pinging Docker server: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/_ping": dial unix /var/run/docker.sock: connect: permission denied
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
pod does not deteted the group 
coder-7796f56c98-92wxm:~$ getent group docker
coder-7796f56c98-92wxm:~$
coder-7796f56c98-92wxm:~$ getent group docker
coder-7796f56c98-92wxm:~$
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
if it helps, my docker is a snap install
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
root@erik-XPS-15-7590:~/infrastructure# getent group docker
docker:x:1002:erik
root@erik-XPS-15-7590:~/infrastructure# getent group docker
docker:x:1002:erik
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
when i tried add coder into group it just said coder user does not exist
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
how can a user in pod be part of group on host machine?
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
i had no group, so i created one, but pod is trying to run gid 1000 which is my sudoer user
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
my chart.yaml 
apiVersion: v2
name: coder-custom
description: A custom Helm chart that extends the original-chart.
version: 0.1.0
appVersion: 1.0.0
keywords:
maintainers:
  - name: Erik Kubica
dependencies:
  - name: coder
    version: 2.8.5
    repository: https://helm.coder.com/v2
apiVersion: v2
name: coder-custom
description: A custom Helm chart that extends the original-chart.
version: 0.1.0
appVersion: 1.0.0
keywords:
maintainers:
  - name: Erik Kubica
dependencies:
  - name: coder
    version: 2.8.5
    repository: https://helm.coder.com/v2
my values.yaml 
coder:
  coder:
    env:
      - name: CODER_PG_CONNECTION_URL
        valueFrom:
          secretKeyRef:
            name: coder-db-url
            key: url
      - name: CODER_ACCESS_URL
        value: "https://coder.apps.erik-kubica.dev"
    service:
      enable: true
      type: NodePort
    ingress:
      enable: true
      className: "public"
      host: "coder.apps.erik-kubica.dev"
      tls:
        enable: true
    securityContext:
      runAsNonRoot: false
      allowPrivilegeEscalation: true
    volumes: 
      - name: docker-socket
        hostPath:
          path: /var/run/docker.sock
    volumeMounts:
      - name: docker-socket
        mountPath: /var/run/docker.sock
coder:
  coder:
    env:
      - name: CODER_PG_CONNECTION_URL
        valueFrom:
          secretKeyRef:
            name: coder-db-url
            key: url
      - name: CODER_ACCESS_URL
        value: "https://coder.apps.erik-kubica.dev"
    service:
      enable: true
      type: NodePort
    ingress:
      enable: true
      className: "public"
      host: "coder.apps.erik-kubica.dev"
      tls:
        enable: true
    securityContext:
      runAsNonRoot: false
      allowPrivilegeEscalation: true
    volumes: 
      - name: docker-socket
        hostPath:
          path: /var/run/docker.sock
    volumeMounts:
      - name: docker-socket
        mountPath: /var/run/docker.sock
34 replies
CCoder.com
Created by erik.kubica on 3/10/2024 in #help
docker daemon
Yes, I have. Yes it is. I have mounted it later, now I have issue with permissions, so i have: securityContext: runAsNonRoot: false allowPrivilegeEscalation: true and still does not like the permissions
34 replies