diff options
author | Ian Lewis <ianlewis@google.com> | 2021-05-20 19:40:12 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-05-20 19:43:06 -0700 |
commit | 28c78eb03ce95bd39ee6b8c6bea6482c9be11edf (patch) | |
tree | b5bd084d3cc9e1ecbee0d7603d75641a04f5e69e /g3doc/user_guide/tutorials/knative.md | |
parent | 9157a91a4eca7e0811edb20952e9f22ea2c3f13e (diff) |
Add Knative Services tutorial
This adds a new short tutorial on how to run Knative services in gVisor by
enabling the runtime class feature flag for Knative.
Fixes #3634
PiperOrigin-RevId: 374999528
Diffstat (limited to 'g3doc/user_guide/tutorials/knative.md')
-rw-r--r-- | g3doc/user_guide/tutorials/knative.md | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/g3doc/user_guide/tutorials/knative.md b/g3doc/user_guide/tutorials/knative.md new file mode 100644 index 000000000..3f5207fcc --- /dev/null +++ b/g3doc/user_guide/tutorials/knative.md @@ -0,0 +1,88 @@ +# Knative Services + +[Knative](https://knative.dev/) is a platform for running serverless workloads +on Kubernetes. This guide will show you how to run basic Knative workloads in +gVisor. + +## Prerequisites + +This guide assumes you have have a cluster that is capable of running gVisor +workloads. This could be a +[GKE Sandbox](https://cloud.google.com/kubernetes-engine/sandbox/) enabled +cluster on Google Cloud Platform or one you have set up yourself using +[containerd Quick Start](https://gvisor.dev/docs/user_guide/containerd/quick_start/). + +This guide will also assume you have Knative installed using +[Istio](https://istio.io/) as the network layer. You can follow the +[Knative installation guide](https://knative.dev/docs/install/install-serving-with-yaml/) +to install Knative. + +## Enable the RuntimeClass feature flag + +Knative allows the use of various parameters on Pods via +[feature flags](https://knative.dev/docs/serving/feature-flags/). We will enable +the +[runtimeClassName](https://knative.dev/docs/serving/feature-flags/#kubernetes-runtime-class) +feature flag to enable the use of the Kubernetes +[Runtime Class](https://kubernetes.io/docs/concepts/containers/runtime-class/). + +Edit the feature flags ConfigMap. + +```bash +kubectl edit configmap config-features -n knative-serving +``` + +Add the `kubernetes.podspec-runtimeclassname: enabled` to the `data` field. Once +you are finished the ConfigMap will look something like this (minus all the +system fields). + +```yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-features + namespace: knative-serving + labels: + serving.knative.dev/release: v0.22.0 +data: + kubernetes.podspec-runtimeclassname: enabled +``` + +## Deploy the Service + +After you have set the Runtime Class feature flag you can now create Knative +services that specify a `runtimeClassName` in the spec. + +```bash +cat <<EOF | kubectl apply -f - +apiVersion: serving.knative.dev/v1 +kind: Service +metadata: + name: helloworld-go +spec: + template: + spec: + runtimeClassName: gvisor + containers: + - image: gcr.io/knative-samples/helloworld-go + env: + - name: TARGET + value: "gVisor User" +EOF +``` + +You can see the pods running and their Runtime Class. + +```bash +kubectl get pods -o=custom-columns='NAME:.metadata.name,RUNTIME CLASS:.spec.runtimeClassName,STATUS:.status.phase' +``` + +Output should look something like the following. Note that your service might +scale to zero. If you access it via it's URL you should get a new Pod. + +``` +NAME RUNTIME CLASS STATUS +helloworld-go-00002-deployment-646c87b7f5-5v68s gvisor Running +``` + +Congrats! Your Knative service is now running in gVisor! |