Docker in Docker in Kubernetes

The install

This is to chronicle the install and testing of the lsio build slave process in kubernetes

FROM debian:stretch

RUN apt-get update
RUN apt-get install -y apt-transport-https \
                ca-certificates \
                curl \
                gnupg2 \
                software-properties-common \
                jq \
                git \
                default-jre

RUN curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
RUN add-apt-repository    "deb [arch=amd64] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \
                $(lsb_release -cs) \
                stable"
RUN apt-get update && apt-get install docker-ce -y

RUN adduser jenkins
RUN usermod -aG docker jenkins
RUN su - jenkins -c "git config --global user.email 'ci@linuxserver.io' && git config --global user.name 'LinuxServer-CI'"
RUN su - jenkins -c "mkdir -p /home/jenkins/.docker && \
        touch /home/jenkins/.docker/config.json && \
        echo '{\"experimental\": \"enabled\"}' > /home/jenkins/.docker/config.json"

CMD ["sleep", "infinity"]
apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: build-slave
  name: build-slave
  namespace: lsio
spec:
  replicas: 2
  selector:
    matchLabels:
      app: build-slave
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: build-slave
    spec:
      containers:
      - image: tezzreg.almueti.com/lsio-build-slave
        name: lsio-build-slave
        resources:
          requests:
            cpu: 200m
            memory: 1Gi
          limits:
            cpu: 1
            memory: 1Gi
        env:
          - name: DOCKER_HOST
            value: tcp://localhost:2375
          - name: DOCKER_TLS_VERIFY
            value: "1"
          - name: DOCKER_CERT_PATH
            value: /certs/client
        imagePullPolicy: Always
        volumeMounts:
          - name: certs
            mountPath: /certs/client
      - name: dind
        args:
          - --host=tcp://0.0.0.0:2375
        resources:
          requests:
            cpu: 500m
            memory: 1Gi
          limits:
            cpu: 500m
            memory: 5Gi
        env:
          - name: DOCKER_CERT_PATH
            value: /certs/client
        image: docker:19.03-rc-dind
        securityContext:
          privileged: true
        volumeMounts:
          - name: docker-graph-storage
            mountPath: /var/lib/docker
          - name: certs
            mountPath: /certs/client
      imagePullSecrets:
      - name: regcred
      volumes:
        - name: docker-graph-storage
          emptyDir: {}
        - name: certs
          emptyDir: {}