diff options
| author | gVisor bot <gvisor-bot@google.com> | 2020-05-12 12:55:23 -0700 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2020-05-12 12:55:23 -0700 |
| commit | a3f97a757a8d6e18f03acecb68b484cc1608c3ae (patch) | |
| tree | 293c51eb9786bc1b8371daaeec2985b17b5b3ec9 /g3doc/user_guide/quick_start/kubernetes.md | |
| parent | 6a4466a46cd551825198fbafc3b734ab5608019a (diff) | |
| parent | 5f3a256425f4fa99fd3e5363418c5978659cecf3 (diff) | |
Merge pull request #2513 from amscanne:website-integrated
PiperOrigin-RevId: 311184385
Diffstat (limited to 'g3doc/user_guide/quick_start/kubernetes.md')
| -rw-r--r-- | g3doc/user_guide/quick_start/kubernetes.md | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/g3doc/user_guide/quick_start/kubernetes.md b/g3doc/user_guide/quick_start/kubernetes.md new file mode 100644 index 000000000..b1f67252e --- /dev/null +++ b/g3doc/user_guide/quick_start/kubernetes.md @@ -0,0 +1,36 @@ +# Kubernetes + +gVisor can be used to run Kubernetes pods and has several integration points +with Kubernetes. + +## Using Minikube + +gVisor can run sandboxed containers in a Kubernetes cluster with Minikube. After +the gVisor addon is enabled, pods with `io.kubernetes.cri.untrusted-workload` +set to true will execute with `runsc`. Follow [these instructions][minikube] to +enable gVisor addon. + +## Using Containerd + +You can also setup Kubernetes nodes to run pods in gvisor using the +[containerd][containerd] CRI runtime and the `gvisor-containerd-shim`. You can +use either the `io.kubernetes.cri.untrusted-workload` annotation or +[RuntimeClass][runtimeclass] to run Pods with `runsc`. You can find instructions +[here][gvisor-containerd-shim]. + +## Using GKE Sandbox + +[GKE Sandbox][gke-sandbox] is available in [Google Kubernetes Engine][gke]. You +just need to deploy a node pool with gVisor enabled in your cluster, and it will +run pods annotated with `runtimeClassName: gvisor` inside a gVisor sandbox for +you. [Here][wordpress-quick] is a quick example showing how to deploy a +WordPress site. You can view the full documentation [here][gke-sandbox-docs]. + +[containerd]: https://containerd.io/ +[minikube]: https://github.com/kubernetes/minikube/blob/master/deploy/addons/gvisor/README.md +[gke]: https://cloud.google.com/kubernetes-engine/ +[gke-sandbox]: https://cloud.google.com/kubernetes-engine/sandbox/ +[gke-sandbox-docs]: https://cloud.google.com/kubernetes-engine/docs/how-to/sandbox-pods +[gvisor-containerd-shim]: https://github.com/google/gvisor-containerd-shim +[runtimeclass]: https://kubernetes.io/docs/concepts/containers/runtime-class/ +[wordpress-quick]: /docs/tutorials/kubernetes/ |