Skip to content

Conversation

@csweichel
Copy link
Contributor

This PR provides docker every workspace without the need to call docker-up. Instead of simply running a Docker daemon in every workspace, we do something akin to systemd's socket activation. When someone tries to use Docker (i.e. writes to /var/run/docker.sock), supervisor starts the Docker daemon and forwards the socket. The Docker daemon gets started in a supervisor terminal.

To make this work easier, and also enable supervisor's role within the workspace (reaper, terminator of processes during shutdown), supervisor now runs as UID 0. Terminals, the IDE and other child processes are still started as Gitpod user.

How to test

  1. docker run --rm -it alpine:latest
  2. /.supervisor/supervisor terminal list should show the docker-up process

because that would break the network namespace setup.
Copy link
Member

@akosyakov akosyakov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it looks good:
Screenshot 2021-04-21 at 13 22 40

@csweichel csweichel merged commit 36a1e84 into main Apr 21, 2021
@csweichel csweichel deleted the cw/docker-skt-act branch April 21, 2021 11:24
@jankeromnes jankeromnes added the changelog worth adding to www.gitpod.io/changelog label Apr 22, 2021
@jankeromnes jankeromnes added this to the April 2021 milestone Apr 22, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

changelog worth adding to www.gitpod.io/changelog

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants