Best practices for running Dagger in a Kubernetes cluster (for CI)? | Dagger | Page 1

half cape Apr 6, 2023, 9:28 PM

#

We've been moving our CI into a GKE cluster piece-by-piece, and I'm currently trying to get dagger to work in that context. There's lots of options for deploying buildkit and it's pretty tricky -- I was wondering if the team has recommendations for running in this context.

brazen drum Apr 6, 2023, 10:30 PM

#

We started packaging Dagger in production-grade, supported editions for different infrastructure environments, including Kubernetes. We'll make those bits available as part of Dagger Cloud (so that they can be hooked up to an overall "fleet management" strategy: inventory of runners, telemetry tokens, auto-update etc)

#

We started deploying early versions of this with some of our early customers

dry perch Apr 10, 2023, 9:03 PM

#

Yeah, thats interesting. I was already thinking of experimenting with running buildkit in Kubernetes and have dagger use it in some way. But I didn't get to it yet. I am not sure if its still possible to tell dagger to use a self hosted buildkit deamon.

narrow crater Apr 10, 2023, 9:16 PM

#

dry perch Yeah, thats interesting. I was already thinking of experimenting with running bu...

It isn't. It has to be the dagger engine daemon.

half cape Apr 13, 2023, 5:17 AM

#

Read up on this in other threads a little bit and found https://github.com/dagger/dagger/blob/main/core/docs/d7yxc-operator_manual.md#connection-interface -- this'll definitely work for me, but I haven't figured out how to set the engine container's TCP port yet. Is there an environment variable?

GitHub

dagger/d7yxc-operator_manual.md at main · dagger/dagger

A programmable CI/CD engine that runs your pipelines in containers - dagger/d7yxc-operator_manual.md at main · dagger/dagger

half cape Apr 13, 2023, 5:46 AM

#

found it! For anybody else who's searching, you want to pass --addr tcp://0.0.0.0:someport to the container, e.g. docker run --privileged ghcr.io/dagger/engine:v0.5.0 --addr tcp://0.0.0.0:8372

#

Next question: how do I authenticate with a private registry? When I ran the daemon locally it inherited my credentials from my docker environment, but that doesn't seem to work when running this way, even if there's a docker client with credentials set up on the machine that's running the dagger SDK... 🤔

twin sparrow Apr 13, 2023, 8:06 AM

#

You could use withRegistryAuth: https://pkg.go.dev/dagger.io/dagger#Container.WithRegistryAuth

#

python: https://dagger-io.readthedocs.io/en/sdk-python-v0.5.1/api.html#dagger.api.gen.Container.with_registry_auth

half cape Apr 13, 2023, 5:10 PM

#

@twin sparrow Is there a way to do this with a credential helper rather than a password?

twin sparrow Apr 13, 2023, 5:12 PM

#

You mean using the docker credentials even in this case?

#Best practices for running Dagger in a Kubernetes cluster (for CI)?