#Struggling with dagger-engine in kubernetes

Hello Everyone,

my problems with dagger-engine in corporate k8s continues. I've installed the engine inside a single pod. The pod is up and running. For testing purposes I started an alpine pod besides the dagger-engine pod with mounted buildkitd.sock file.

I installed the dagger cli and tried to execute the following script via dagger run ./build.sh

Simple build script

#!/bin/bash  
  
alpine=$(dagger query <<EOF    
{  
 container {  
   from(address:"secret-corporate-registry/alpine:latest") {  
     withExec(args:["uname", "-nrio"]) {  
       stdout  
     }  
   }  
 }  
}  
EOF  
)
echo $alpine

I have attached an image with my cli commands and the dagger run output. To be honest I am really a bit frustrated because I am fighting with this for some days now without success.

Maybe someone had similar issues and could help me out? Thanks for your patience.

👋 is your engine pod running as privileged?

can you try running ./build.sh directly without dagger run?

that "permission denied" issue seems weird

Hi @pine pebble , I will have try

where did you take the instructions to run the engine pod from?

our k8s guide?

Yes I copied the relevant parts into a pod file because I also had issues with the helm chart

My idea was to just provide a single pod for testing reasons

the script alone doesn't work.... for some reasons it fails with a syntax error. Let me check this

  containers:
    - name: dagger-pod
      image: ...
      imagePullPolicy: IfNotPresent
      args:
        - "--oci-max-parallelism"
        - "num-cpu"      
      securityContext:
        privileged: true
        capabilities:
          add:
            - ALL

Is this the relevant part for the proviledged mode?

yep, that should be ok

wanna jump quickly into #911305510882513037 to check what's happening?

I can help to do a quick troubleshoot if you can share your screen

alright give me a second

we managed to get unblocked. @maiden night will ping me on monday since he needs the SRE team on his company to re-provision a GHA pod so he can get this running on his internal CI pipeline

but he's able to connect to the engine pod in k8s now

he also has a company hackathon next week where he's looking forward to show their colleagues some awesome Dagger stuff. cc @sly edge

@clear kestrel any chances we can get then some Dagger stickers? he's based in Germany

@pine pebble Thank you for your time, that was really helpful. I have rarely experienced so much helpfulness before! Many thanks!

my pleasure, happy to empower our community Daggernatus that invest their time into trying out Dagger

yup! Hapy to, I'll have @dense patio DM @maiden night for details.

Hello @pine pebble . Today, my colleague and I revisited the issue, and we managed to solve it. What was missing in the GitHub runner was the correct permission assignment on /var/run/dagger/buildkitd.sock. The runner couldn't read it, which caused the pipeline to time out