Setup
Docker daemon is running as a sidecar in the Github runner deployment in Kubernetes.
Main container spec to communicate with the Docker daemon
- name: DOCKER_HOST
value: unix:///run/docker.sock
Docker daemon sidecar spec:
- name: docker
image: docker:dind
args:
- dockerd
- '--host=unix:///run/docker.sock'
- '--group=$(DOCKER_GROUP_GID)'
env:
- name: DOCKER_GROUP_GID
value: '1001'
resources: {}
volumeMounts:
- name: runner
mountPath: /runner
- name: var-run
mountPath: /run
- name: work
mountPath: /runner/_work
- name: kube-api-access-dsmkp
readOnly: true
mountPath: /var/run/secrets/kubernetes.io/serviceaccount
securityContext:
privileged: true
Issue
The build intermittently fails with the following error, but after some retries it works fine.
ERROR: failed to solve: failed to read dockerfile: failed to mount /var/lib/docker/tmp/buildkit-mount291855966: [{Type:bind Source:/var/lib/docker/vfs/dir/ttamajesdu10j1yl447jib3it Options:[rbind ro]}]: operation not permitted
Error: Process completed with exit code 1.
Docker version info
github@github-runner-79c678887b-zjj7z:~$ docker version
Client: Docker Engine - Community
Version: 24.0.7
API version: 1.43
Go version: go1.20.10
Git commit: afdd53b
Built: Thu Oct 26 09:08:01 2023
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 24.0.7
API version: 1.43 (minimum version 1.12)
Go version: go1.20.10
Git commit: 311b9ff
Built: Thu Oct 26 09:05:28 2023
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: v1.7.6
GitCommit: 091922f03c2762540fd057fba91260237ff86acb
runc:
Version: 1.1.9
GitCommit: v1.1.9-0-gccaecfc
docker-init:
Version: 0.19.0
GitCommit: de40ad0