"Tetragon" package build failure

codehub8 · January 30, 2024, 1:10pm

I am trying to build Tetragon package.

The build starts a docker container. ‘nixbld’ can not start the container, even I added nixbld* users in docker group but still there is failure:

> building
       > build flags: SHELL=/nix/store/0rwyq0j954a7143p0wzd4rhycny8i967-bash-5.2-p15/bin/bash
       >
       > Cannot load builder default *: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
       > docker rm tetragon-clang || true
       > Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
       > docker run -v /build/source:/tetragon:Z -u $(id -u) -e BPF_TARGET_ARCH=x86 --name tetragon-clang quay.io/cilium/clang:aeaada5cf60efe8d0e772d032fe3cc2bc613739c@sha256:b440ae7b3591a80ffef8120b2ac99e802bbd31dee10f5f15a48566832ae0866f make -C /tetragon/bpf -j64
       > docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
       > See 'docker run --help'.

Probably I need to start docker daemon inside build env but we can not elevate privileged of nixbld. I started dockerd-withoutroot but problem persists. Any input to handle this?
Thanks in advance.

TLATER · January 30, 2024, 2:07pm

Nix builds to create OCI images typically don’t invoke docker. Is there any way you could create a different build target that doesn’t pack everything up into an OCI image and do that step afterwards? Their makefile seems to have non-image targets as well.

codehub8 · January 31, 2024, 7:37am

Non image targets (e.g. “make tetragon”) also invokes docker.