Add OS check to ensure host machine uses Ubuntu 18.04+ #8789
Comments
mrsimonemms
moved this from 🧊Backlog
to ⚒In Progress
in 🚚 Security, Infrastructure, and Delivery Team (SID)
mrsimonemms
moved this from ⚒In Progress
to 📓Scheduled
in 🚚 Security, Infrastructure, and Delivery Team (SID)
|
Hi @mrsimonemms, we are just getting started with on-premise Gitpod running in our EKS environment. Our standard is using Amazon Linux 2 with their EKS optimized AMI. We have it up and running with the latest version and are working on modifications to support in our air gapped VPC config. I am curious about why you require that the Kubernetes cluster is hosted on Ubuntu? Is there a limitation on other platforms that we are missing here? If so, is there an opportunity to support other platforms in the future? BTW: I tried looking for more details in the linked internal Slack comments, but didn't have access. |
|
@hewjoe in order to create a workspace, we need to do various operations on the node itself (check out the It's not inconceivable that we'll support other platforms in future, but it's not currently planned. Basically, treat this as a requirement as you would any other. The full list of restrictions is on gitpod.io |
|
Thanks for the context. We have seen some issues with runc which we were able to stumble through, but did not have anything we would be comfortable using in prod. Hearing your explanation, I understand it will not be possible to work around these unless we make the switch to Ubuntu. |
|
The code is going to be something like this: collectors:
- copyFromHost:
collectorName: os-release
image: busybox:1
name: os-release
hostPath: /usr/lib/os-release
extractArchive: true
analyzers:
- textAnalyze:
checkName: "Host operating system distribution"
fileName: os-release/*/os-release
regexGroups: 'NAME="(?P<Name>\w+)"'
outcomes:
- pass:
when: "Name == Ubuntu"
message: Host operating system detected as Ubuntu
fail:
message: Host operating system not detected as Ubuntu
- textAnalyze:
checkName: "Host operating system version"
fileName: os-release/gitpod-1/os-release
regexGroups: 'VERSION_ID="(?P<Version>.*)"'
outcomes:
- fail:
when: "Version < 18.04"
message: Host operating system must be at least Ubuntu 18.04
- pass:
when: "Version == 18.04"
- pass:
when: "Version == 20.04"
warn:
message: Unknown Ubuntu version
` |
|
This is currently blocked by this issue |
Hi @mrsimonemms do you have any documentation about the ws-daemon/ubuntu dependency? and just to make sure right now Ubuntu is a Hard Requirement. |
Just did some digging for the initContainers on Amazon Linux. Looks like the mount is for /var/lib/containerd/io.containerd.runtime.v2.task/k8s.io in ubuntu and from the amazon linux optomize eks it is /var/lib/containerd/io.containerd.runtime.v2.task/moby. |
|
@gsharma-jiggzy Ubuntu is currently a hard requirement, but this requirement is owned by @gitpod-io/engineering-workspace who can comment further on the reasonings and any planned changes in that |
|
@mrsimonemms could you decide on the next steps for this and then potentially move it back to scheduled? |
lucasvaltl
moved this from 📓Scheduled
to 🧊Backlog
in 🚚 Security, Infrastructure, and Delivery Team (SID)
|
I'm going to close this. The previous issue was that there was an issue with eStartgz in image builder on OSes other than Ubuntu. That has recently been removed. I've checked this on a CentOS 9-based k3s cluster and able to build an image, start a workspace and run a Docker image inside the workspace. Personally, I think we should still recommend Ubuntu as the preferred node, but it's no longer impossible to run on others. |
Gitpod requires that the Kubernetes cluster is hosted on an Ubuntu machine. Make a KOTS preflight check to check this:
Have attempted this already and this has proven problematic getting the data in the collector. Barry's code in shared docs SHOULD work, but isn't working currently so will require investigation.
See internal comment for details/documentation
The text was updated successfully, but these errors were encountered: