Merge pull request #2672 from amscanne:shim-integrated

PiperOrigin-RevId: 321053634

2 files changed, 55 insertions, 0 deletions

diff --git a/g3doc/user_guide/BUILD b/g3doc/user_guide/BUILD
index b69aee12c..355dd49b3 100644
--- a/g3doc/user_guide/BUILD
+++ b/g3doc/user_guide/BUILD
@@ -68,3 +68,12 @@ doc(
     permalink = "/docs/user_guide/platforms/",
     weight = "30",
 )
+
+doc(
+    name = "runtimeclass",
+    src = "runtimeclass.md",
+    category = "User Guide",
+    permalink = "/docs/user_guide/runtimeclass/",
+    subcategory = "Advanced",
+    weight = "91",
+)
diff --git a/g3doc/user_guide/runtimeclass.md b/g3doc/user_guide/runtimeclass.md
new file mode 100644
index 000000000..2e2d997be
--- /dev/null
+++ b/g3doc/user_guide/runtimeclass.md
@@ -0,0 +1,46 @@
+# RuntimeClass
+
+First, follow the appropriate installation instructions for your version of
+containerd.
+
+*   For 1.1 or lower, use `gvisor-containerd-shim`.
+*   For 1.2 or higher, use `containerd-shim-runsc-v1`.
+
+# Set up the Kubernetes RuntimeClass
+
+Creating the [RuntimeClass][runtimeclass] in Kubernetes is simple once the
+runtime is available for containerd:
+
+```shell
+cat <<EOF | kubectl apply -f -
+apiVersion: node.k8s.io/v1beta1
+kind: RuntimeClass
+metadata:
+  name: gvisor
+handler: runsc
+EOF
+```
+
+Pods can now be created using this RuntimeClass:
+
+```shell
+cat <<EOF | kubectl apply -f -
+apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx-gvisor
+spec:
+  runtimeClassName: gvisor
+  containers:
+  - name: nginx
+    image: nginx
+EOF
+```
+
+You can verify that the Pod is running via this RuntimeClass:
+
+```shell
+kubectl get pod nginx-gvisor -o wide
+```
+
+[runtimeclass]:  https://kubernetes.io/docs/concepts/containers/runtime-class/