Add docs for Kubernetes Runtime Class. (#33)

Adds doc to explicitly create the Kubernetes RuntimeClass object needed
to use the shim via the Kubernetes API.

4 files changed, 125 insertions, 2 deletions

diff --git a/README.md b/README.md
index 26efdbc2a..5480ab905 100644
--- a/README.md
+++ b/README.md
@@ -13,8 +13,8 @@ gvisor-containerd-shim is a containerd shim for [gVisor](https://github.com/goog
 ## Installation
 
 - [Untrusted Workload Quick Start (containerd >=1.1)](docs/untrusted-workload-quickstart.md)
-- [Runtime Handler Quick Start (containerd >=1.2)](docs/runtime-handler-quickstart.md)
-- [Runtime Handler Quick Start (shim v2) (containerd >=1.2)](docs/runtime-handler-shim-v2-quickstart.md)
+- [Runtime Handler/RuntimeClass Quick Start (containerd >=1.2)](docs/runtime-handler-quickstart.md)
+- [Runtime Handler/RuntimeClass Quick Start (shim v2) (containerd >=1.2)](docs/runtime-handler-shim-v2-quickstart.md)
 
 # Contributing
 
diff --git a/docs/runtime-handler-quickstart.md b/docs/runtime-handler-quickstart.md
index e48b2dd1a..684390b55 100644
--- a/docs/runtime-handler-quickstart.md
+++ b/docs/runtime-handler-quickstart.md
@@ -204,3 +204,48 @@ sudo crictl inspect ${CONTAINER_ID}
 sudo crictl exec ${CONTAINER_ID} dmesg | grep -i gvisor
 }
 ```
+
+### Set up the Kubernetes Runtime Class
+
+1. Install the Runtime Class for gVisor
+
+[embedmd]:# (../test/e2e/runtimeclass-install.sh shell /{ # Step 1/ /^}/)
+```shell
+{ # Step 1: Install a RuntimeClass
+cat <<EOF | kubectl apply -f -
+apiVersion: node.k8s.io/v1beta1
+kind: RuntimeClass
+metadata:
+  name: gvisor
+handler: runsc
+EOF
+}
+```
+
+2. Create a Pod with the gVisor Runtime Class
+
+[embedmd]:# (../test/e2e/runtimeclass-install.sh shell /{ # Step 2/ /^}/)
+```shell
+{ # Step 2: Create a pod
+cat <<EOF | kubectl apply -f -
+apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx-gvisor
+spec:
+  runtimeClassName: gvisor
+  containers:
+  - name: nginx
+    image: nginx
+EOF
+}
+```
+
+3. Verify that the Pod is running
+
+[embedmd]:# (../test/e2e/runtimeclass-install.sh shell /{ # Step 3/ /^}/)
+```shell
+{ # Step 3: Get the pod
+kubectl get pod nginx-gvisor -o wide
+}
+```
diff --git a/docs/runtime-handler-shim-v2-quickstart.md b/docs/runtime-handler-shim-v2-quickstart.md
index f5253074d..ca8336089 100644
--- a/docs/runtime-handler-shim-v2-quickstart.md
+++ b/docs/runtime-handler-shim-v2-quickstart.md
@@ -185,3 +185,48 @@ sudo crictl inspect ${CONTAINER_ID}
 sudo crictl exec ${CONTAINER_ID} dmesg | grep -i gvisor
 }
 ```
+
+### Set up the Kubernetes Runtime Class
+
+1. Install the Runtime Class for gVisor
+
+[embedmd]:# (../test/e2e/runtimeclass-install.sh shell /{ # Step 1/ /^}/)
+```shell
+{ # Step 1: Install a RuntimeClass
+cat <<EOF | kubectl apply -f -
+apiVersion: node.k8s.io/v1beta1
+kind: RuntimeClass
+metadata:
+  name: gvisor
+handler: runsc
+EOF
+}
+```
+
+2. Create a Pod with the gVisor Runtime Class
+
+[embedmd]:# (../test/e2e/runtimeclass-install.sh shell /{ # Step 2/ /^}/)
+```shell
+{ # Step 2: Create a pod
+cat <<EOF | kubectl apply -f -
+apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx-gvisor
+spec:
+  runtimeClassName: gvisor
+  containers:
+  - name: nginx
+    image: nginx
+EOF
+}
+```
+
+3. Verify that the Pod is running
+
+[embedmd]:# (../test/e2e/runtimeclass-install.sh shell /{ # Step 3/ /^}/)
+```shell
+{ # Step 3: Get the pod
+kubectl get pod nginx-gvisor -o wide
+}
+```
diff --git a/test/e2e/runtimeclass-install.sh b/test/e2e/runtimeclass-install.sh
new file mode 100755
index 000000000..28abbcd00
--- /dev/null
+++ b/test/e2e/runtimeclass-install.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+
+# A sample script to test installing a RuntimeClass
+
+set -ex
+
+{ # Step 1: Install a RuntimeClass
+cat <<EOF | kubectl apply -f -
+apiVersion: node.k8s.io/v1beta1
+kind: RuntimeClass
+metadata:
+  name: gvisor
+handler: runsc
+EOF
+}
+
+{ # Step 2: Create a pod
+cat <<EOF | kubectl apply -f -
+apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx-gvisor
+spec:
+  runtimeClassName: gvisor
+  containers:
+  - name: nginx
+    image: nginx
+EOF
+}
+
+{ # Step 3: Get the pod
+kubectl get pod nginx-gvisor -o wide
+}