A kind user left a list of nice to have CI integrations

kubernetes-sigs/kind#509 (comment)

adding it here so we can track it

• - CircleCI #5
• - TravisCI #4
• - BuildKite
• - Prow https://github.com/kubernetes/test-infra/tree/master/config/jobs/kubernetes-sigs/kind
• - Gitlab
• - Concourse
• - Drone
• - GCB
• - Codeship kubernetes-sigs/kind#523

following the example and use a dind service:

1, created and registered a project specific runner with flags
--executor docker --docker-privileged=true --docker-volumes "/certs/client" --docker-volumes /cache
(without --docker-volumes "/var/run/docker.sock:/var/run/docker.sock" because gitlab doc. states this is mounted by service container)

2, in gitlabci.yaml, activated feature flag to support per-job-networking
FF_NETWORK_PER_BUILD: "true"

3, ran pipeline
...
$ kind create cluster --name kind1 --config=./kind/config.yaml --wait 5m
ERROR: failed to create cluster: failed to list nodes: command "docker ps -a --filter label=io.x-k8s.kind.cluster=kind1 --format '{{.Names}}'" failed with error: exit status 1
Command Output: error during connect: Get https://docker:2376/v1.24/containers/json?all=1&filters=%7B%22label%22%3A%7B%22io.x-k8s.kind.cluster%3Dkind1%22%3Atrue%7D%7D: dial tcp: lookup docker on 127.0.0.11:53: no such host

anyone has an idea?
I have no clue how can this be further investigated?

I'm basically using the example on gitlab shared runners and cluster is started and can use kubectl.

The problem is that the error "KubeletNotReady runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" appears when describing the nodes and marks them as "NotReady"

Does anyone know how to solve this?

It would be really helpful to have an example where KinD runs on Gitlab with multiple nodes and proxy settings enabled. Running just the master node works, but as soon as workers get added, the problem of setting NO_PROXY correctly arises. In our case the workers don't successfully run kubeadm join as the join seems to try going through the proxy

Some of the CI systems allow showing the job status using embedded images called status badges

https://docs.travis-ci.com/user/status-images/
https://circleci.com/docs/2.0/status-badges/

We should implement it

Hi,

I've attempted to create kind cluster within team city agent (which runs on docker) with the following steps:

curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/v0.5.1/kind-$(uname)-amd64
chmod +x ./kind
mv ./kind /usr/local/bin/kind

Upon executing, kind create cluster --name=testcluster, it stucks at ensuring node image kindest/node

root@1a923b0e0774:/# kind create cluster --name=testcluster
Creating cluster "testcluster" ...
Ensuring node image (kindest/node:v1.15.3)

Also did further check by pulling kindest/node image, which gives below error:

root@1a923b0e0774:/# docker pull kindest/node:v1.15.3
v1.15.3: Pulling from kindest/node
09fe536fe3e4: Pull complete
4326ed393c12: Pull complete
73a8f76105d8: Extracting [==================================================>]     209B/209B
61a147631503: Download complete
ebf284b29a9b: Download complete
45edd976aead: Download complete
25a49a5ef18f: Download complete
ac9964da2ccf: Download complete
a9e631f193b5: Download complete
3d2abb89014a: Download complete
c4dcd9c54845: Download complete
1a7ee4f67711: Download complete
failed to register layer: Error processing tar file(exit status 1): failed to mknod("/var/lib/apt/lists/auxfiles", S_IFCHR, 0): operation not permitted

Appreciate if anyone can shed some light on this.

On the gcb.md file we have an awk command that is hard to follow:

port="$( awk -F: '/server:/{ print $4 }' "$$KUBECONFIG" )"

I understand this is getting the 4th element on the line that matches server: within the file $KUBECONFIG, but this requires that I should know what the contents of that file are, could you add an example of what this specific line is meant to be?

Hi there,

I would love to use kind, my use case would be to test helm charts against different version of k8s versions(Kind nodes) to make sure that the api versions used in my k8s manifest will still work with newer version of K8s.

Unfortunately, I'm a bit stuck right now on accessing the kind cluster using kubectl.

I'm getting Unable to connect to the server: dial tcp: lookup docker on 10.37.36.27:53: no such host
I've seen that you are patching kubeconfig in the examples https://github.com/kind-ci/examples/blob/master/.gitlab-ci.yml#L18
Should I do the same if so what should it be? My environment is an EC2 instance running docker gitlab executor and this will be in a docker (docker stable) image as in https://github.com/kind-ci/examples/blob/master/.gitlab-ci.yml#L1

8d7a7cb#commitcomment-34164496

first we need to actually have the gitlab config running continuously, then we can add the badge to the readme.

we have a CI config now, so we just need to set up the gitlab integration etc...

I was using the https://github.com/kind-ci/examples/blob/master/.gitlab-ci.yml, but with different versions.

    KUBECTL: v1.23.0
    KIND: v0.11.1

still works fine.

Starting from KIND: v0.12.0, Gitlab CI will give me the following error

$ kubectl get nodes -o wide
Unable to connect to the server: x509: certificate is valid for 582660598-control-plane, kubernetes, kubernetes.default, kubernetes.default.svc, kubernetes.default.svc.cluster.local, localhost, not docker

How can I fix it?

So existing example configuration works well with GitLab.com shared runners. But if you want to use your own runner, a Kubernetes runner, then it seems there are some issues. First, this applies. I addressed it by adding:

[[runners.kubernetes.volumes.host_path]]
  name = "modules"
  mount_path = "/lib/modules"
  host_path = "/lib/modules"
  read_only = true
[[runners.kubernetes.volumes.host_path]]
  name = "cgroup"
  mount_path = "/sys/fs/cgroup"
  host_path = "/sys/fs/cgroup"
  read_only = true

I set cgroup mount to read-only, too, because it has been reported that it works and it seems it does. This blog post documents more things to be done, but I am not sure how to do them on GitLab CI, or if they are even necessary.

Next issue was that modern Docker uses TLS, but I have not read this configuration in time, so I just ended up disabling it by having the following environment variables in my .gitlab-ci.yml:

variables:
  DOCKER_HOST: tcp://docker:2375
  DOCKER_TLS_CERTDIR: ""

Next, Kubernetes runner sets environment variables like:

declare -x KUBERNETES_PORT="tcp://10.62.0.1:443"
declare -x KUBERNETES_PORT_443_TCP="tcp://10.62.0.1:443"
declare -x KUBERNETES_PORT_443_TCP_ADDR="10.62.0.1"
declare -x KUBERNETES_PORT_443_TCP_PORT="443"
declare -x KUBERNETES_PORT_443_TCP_PROTO="tcp"
declare -x KUBERNETES_SERVICE_HOST="10.62.0.1"
declare -x KUBERNETES_SERVICE_PORT="443"
declare -x KUBERNETES_SERVICE_PORT_HTTPS="443"

When using kubectl this means that it tries to connect to your external Kubernetes cluster and not to kind's. I had to add:

for name in $(printenv | grep "^KUBERNETES_" | cut -f1 -d=); do export -n $name; done

at the beginning of before_script and after_script sections in my CI job.

I have also added kind delete cluster at the end of after_script, as it seems it is necessary to cleanup things.