https://rancher.com/ logo
Join Slack
Powered by
This message was deleted.
# rancher-desktop
a
This message was deleted.
f
It doesn't; it only links 
docker.sock
.
p
does this make sense
Copy code
nerdctl run --privileged -it -v /Users/kameshs/.rd/docker.sock=:/run/containerd/containerd.sock <http://quay.io/kameshsampath/nerdctl|quay.io/kameshsampath/nerdctl> bash
f
nerdctl
runs inside the VM because it needs access to the file system; you cannot do 
nerdctl build -n <http://k8s.io|k8s.io>
just over the socket
You cannot mount sockets from the host into the container; you can only mount sockets from inside the VM
p
I want to start a container from another
is there anyway to do it ?
f
What do you want to mount, the 
docker.sock
, or 
containerd.sock
?
p
containerd.sock should be helpful
f
Use 
/run/k3s/containerd/containerd.sock
Just mount this into your container and you should be able to connect to it from inside
p
Copy code
nerdctl run -it --privileged -v /run/k3s/containerd/containerd.sock:/run/containerd/containerd.sock <http://quay.io/kameshsampath/nerdctl|quay.io/kameshsampath/nerdctl> bash
when I tried that and do 
nerdctl images
in container I dont see the images I already pulled into 
default
namespace
same happens to 
nerdctl images --namespace=<http://k8s.io|k8s.io>
thought I have a running k3s cluster in RD
f
idk, I would have expected it to work; I cannot pull your image, so I cannot try it myself
p
pushing my image to my registry 2 mins
you can now pull
f
Used a random 
nerdctl
image from dockerhub and it works:
Copy code
lima-rancher-desktop:/Users/jan$ nerdctl run -it --privileged -v /run/k3s/containerd/containerd.sock:/run/containerd/containerd.sock bensonyanger/nerdctl im
ages
REPOSITORY              TAG       IMAGE ID        CREATED          PLATFORM       SIZE
bensonyanger/nerdctl    latest    acb38a408354    7 seconds ago    linux/amd64    32.5 MiB
busybox                 latest    de56395ae078    3 minutes ago    linux/amd64    1.3 MiB
p
ah 🤔
f
It doesn't work with your image, but the issue is with your image and not the way the socket is mounted, as you can see in my example above
p
yeah I think so the issue with my image
f
BTW, container doesn't need to be privileged:
Copy code
lima-rancher-desktop:/Users/jan$ nerdctl run -v /run/k3s/containerd/containerd.sock:/run/containerd/containerd.sock bensonyanger/nerdctl images
REPOSITORY                       TAG       IMAGE ID        CREATED          PLATFORM       SIZE
bensonyanger/nerdctl             latest    acb38a408354    3 minutes ago    linux/amd64    32.5 MiB
busybox                          latest    de56395ae078    6 minutes ago    linux/amd64    1.3 MiB
<http://quay.io/kameshsampath/nerdctl|quay.io/kameshsampath/nerdctl>    latest    86ba57890bb2    2 minutes ago    linux/arm64    588.8 MiB
p
I just did as said in 
nerdctl
repo to build image .. will investigate
f
Yeah, I have to sleep now, but this should get you onto the right path...
p
no worries, have good night. ttyl
thanks for pointers
f
Oh, I see you are using an 
arm64
image; I'm on an 
amd64
machine; that's maybe partially the problem for me
p
yeah I am on arm64 and also I need --privileged to mount the fs otherwise I cant
f
ok, not sure why that is true, but I have to leave now...
👍🏽 1
p
it seem to be an issue with my earlier image build
did one with just the client and used the same command as above, it works like a charm 🙂
I also did not use 
--privileged
@best-city-49378 this helped to solve the other dicsussion
b
What discussion ? Since nerdctl/containerd/buildkitd doesn't have a remote protocol, you're left to bind-mounting
As far as I know you need to mount both the sockets and the storage, but we are just running 
nerdctl
over ssh instead.
p
As far as I know you need to mount both the sockets and the storage, but we are just running nerdctl over ssh instead.
why so ?
b
b
Using podman had the same issues, before they reimplemented a docker socket (main difference was they added a ssh:// protocol by default, rather than letting the user do the ssh tunneling)
163 Views
Open in Slack
PreviousNext
Powered by