https://pantsbuild.org/ logo
Join Slack
Powered by
Hi :wave: :sos:. For a `docker_image` target, I'm ...
# general
b
Hi 👋 🆘. For a 
docker_image
target, I'm having trouble getting the 
pants package
step to work with buildx when trying to use a (native) *kubernetes *build driver (instead of a local docker daemon/driver). This seems related to #15199 Support for use `docker buildx` / BuildKit features. For the feature requests in that issue > 1. 
--cache-from
and 
--cache-to
support > 2. Custom 
builder
instances using the 
kubernetes
driver I can tell #1 was addressed and is a feature, but I don't see anything in the issue or pantsbuild docs about request #2. On buildx version v0.19.2 I get >
Copy code
ERROR: no valid drivers found: cannot determine Kubernetes namespace, specify manually: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable
And on the older buildx v0.11.1 I get >
Copy code
ERROR: no valid drivers found: cannot determine Kubernetes namespace, specify manually: stat /root/.kube/config: no such file or directory
As best I can tell – and I don't really know about this topic – the issue is that some key buildx kubernetes driver config files are not accessible from the pants environment. More info about my environment in 🧵
This is a Gitlab CI environment where I'm having issues. There's no kubeconfig on the CI worker node The relevant pants.toml docker backend config is
Copy code
[docker]
use_buildx = true
build_verbose = true
env_vars = [
    "DOCKER_CONFIG=%(homedir)s/.docker",
    "DOCKER_HOST",
    "BUILDX_BUILDER=ci",
    "BUILDKIT_NAMESPACE=buildkit-platform",
    "PATH",
]
...
When I run 
docker buildx ls
, I get an output very similar to this:
Copy code
docker buildx ls
NAME/NODE                     DRIVER/ENDPOINT                                                       STATUS    BUILDKIT   PLATFORMS
ci*                           kubernetes                                                                                 
 \_ buildkit-platform-amd64    \_ kubernetes:///ci?deployment=buildkit-platform-amd64&kubeconfig=   running   v0.21.1    linux/amd64 (+4), linux/386
 \_ buildkit-platform-arm64    \_ kubernetes:///ci?deployment=buildkit-platform-arm64&kubeconfig=   running   v0.21.1    linux/arm64, linux/arm (+2)
default                                                                                             error
I'm trying to use that "ci" buildx driver, hence the 
BUILDX_BUILDER=ci
according to 
-ldebug
output, pants is running
Copy code
/usr/bin/docker buildx build \
--platform=linux/amd64 \
--label target=prod \
--output=type=docker \
--pull=False \
--tag <http://registry.ddbuild.io/ci/dd-analytics/run_squares:v1016161113-848c0969|registry.ddbuild.io/ci/dd-analytics/run_squares:v1016161113-848c0969> \
--build-arg CI_COMMIT_REF_SLUG \
--build-arg CI_COMMIT_SHORT_SHA \
--build-arg CI_JOB_ID \
--file subprojects/example/src/python/example/app/ray_job/Dockerfile.run_squares \
.
One more bit of info: the 
~/.docker/buildx/instances/ci
file is present and has this content
Copy code
{
  "Name": "ci",
  "Driver": "kubernetes",
  "Nodes": [
    {
      "Name": "buildkit-platform-amd64",
      "Endpoint": "kubernetes:///ci?deployment=buildkit-platform-amd64&kubeconfig=",
      "Platforms": [],
      "DriverOpts": {
        "namespace": "buildkit-platform"
      },
      "Flags": [
        "--allow-insecure-entitlement=network.host"
      ],
      "Files": null
    },
    {
      "Name": "buildkit-platform-arm64",
      "Endpoint": "kubernetes:///ci?deployment=buildkit-platform-arm64&kubeconfig=",
      "Platforms": null,
      "DriverOpts": {
        "namespace": "buildkit-platform"
      },
      "Flags": [
        "--allow-insecure-entitlement=network.host"
      ],
      "Files": null
    }
  ],
  "Dynamic": false
}
I assumed because we have 
"DOCKER_CONFIG=%(homedir)s/.docker"
set in pants.toml that docker/buildx would 'see' this config
@happy-kitchen-89482 @nutritious-hair-72580 sorry to ping you (I tried to look at the git history to see who's worked in this area)... I was wondering if you had any insight or threads to pull on my end. Or if you know who might have ideas Thanks in advance 🙏
n
Hey @busy-ram-14533 - my suspicion is it's not supported. It would require an extra build arg 
--builder=kube
I think from a brief look at the docs. There is an open issue for supporting arbitrary extra build args which I think would help with this. I might have some time to look at this in the next week or so but can't promise anything at this point.
b
Hey Rhys, thank for the response! I'm also willing to help make the code change, but I'm not that familiar with Buildkit, buildx, and docker build systems (and I also haven't developed on 
pants
yet), so I'm not quite sure what changes need to be made I'll at least get some paperwork out of the way by writing up an issue in Github.
@nutritious-hair-72580 I'm also have doubts that passing 
--builder=kube
alone will be enough to get this working. I set 
BUILDX_BUILDER=ci
, and 
BUILDX_BUILDER
is supposed to do the same thing as the 
--builder
argument (see https://docs.docker.com/reference/cli/docker/buildx/#builder)
h
Just skimming this since I don’t know much about this backend, but I guess at least part of the issue is that 
BUILDX_BUILDER
isn’t plumbed through to the process
That could be fixed relatively easily
n
As far as I can see, that should be working already. There is an existing test for it in package_image_test.py. I'm wondering instead if, per the error, your kubeconfig file can't be found by docker - i'm not sure if would need to be added to the sandbox.
b
In my case, there's no kubeconfig file. I think the kube config should be available from the k8s client I'm trying to look through https://github.com/docker/buildx/blob/v0.19.2/driver/kubernetes/factory.go to figure out where buildx has trouble fetching config... it errors when trying to determine namespace here
I got it working! If anyone else comes searching for how to get 
pants package
to build a 
docker_image
target with buildx using a kubernetes driver type: • I set 
BUILDX_BUILDER=<my buildx driver name>
in [docker].envvars to configure the buildx driver ➡️ I wrote up a feature request to make this configuration more natural for pantsbuild https://github.com/pantsbuild/pants/issues/22487 • Also in [docker].envvars, I had to configure pants to be aware of 
KUBERNETES_SERVICE_[HOST|PORT|PORT_HTTPS]
environment variables. Because pants is running "in-cluster," buildx needs those env vars to correctly instantiate the config client that will pull config from the kubernetes cluster it's in • Because I'm using a kuberenetes buildx driver and I don't have a docker daemon running, I had to set the output of my 
docker_image
target to 
type=registry
. This also means I had to stop doing 
pants publish
... the 
pants package
step does the publishing thanks to this output type. What's awesome is that there was a way to this pants package of a docker image to work with pants as it is (I'm using pants v2.27.0). At a minimum, some documentation about this case would be helpful to add to the pants docs.
🔥 2
h
Nice! This might be a good candidate for an entry under https://github.com/pantsbuild/pants/discussions/categories/tips-and-tricks if you feel like adding it
b
Oh interesting, I can add that. I was thinking of adding something in https://www.pantsbuild.org/dev/docs/docker#buildx-support, too.. what do you think?
h
That would be awesome! The docs are in the repo, so it should be easy enough
🫡 1
3 Views
Open in Slack
PreviousNext
Powered by