diff options
Diffstat (limited to 'shim/v2/runtime-handler-shim-v2-quickstart.md')
-rw-r--r-- | shim/v2/runtime-handler-shim-v2-quickstart.md | 59 |
1 files changed, 39 insertions, 20 deletions
diff --git a/shim/v2/runtime-handler-shim-v2-quickstart.md b/shim/v2/runtime-handler-shim-v2-quickstart.md index ca8336089..3b88ca74b 100644 --- a/shim/v2/runtime-handler-shim-v2-quickstart.md +++ b/shim/v2/runtime-handler-shim-v2-quickstart.md @@ -5,17 +5,21 @@ the containerd runtime handler support. This requires containerd 1.2 or later. ## Requirements -- **runsc**: See the [gVisor documentation](https://github.com/google/gvisor) for information on how to install runsc. -- **containerd**: See the [containerd website](https://containerd.io/) for information on how to install containerd. +- **runsc**: See the [gVisor documentation](https://github.com/google/gvisor) + for information on how to install runsc. +- **containerd**: See the [containerd website](https://containerd.io/) for + information on how to install containerd. ## Install ### Install containerd-shim-runsc-v1 -1. Build and install `containerd-shim-runsc-v1`. +1. Build and install `containerd-shim-runsc-v1`. <!-- TODO: Use a release once we have one available. --> + [embedmd]:# (../test/e2e/shim-install.sh shell /{ # Step 1\(dev\)/ /^}/) + ```shell { # Step 1(dev): Build and install gvisor-containerd-shim and containerd-shim-runsc-v1 make @@ -25,10 +29,11 @@ the containerd runtime handler support. This requires containerd 1.2 or later. ### Configure containerd -1. Update `/etc/containerd/config.toml`. Make sure `containerd-shim-runsc-v1` is - in `${PATH}`. +1. Update `/etc/containerd/config.toml`. Make sure `containerd-shim-runsc-v1` + is in `${PATH}`. [embedmd]:# (../test/e2e/runtime-handler-shim-v2/install.sh shell /{ # Step 1/ /^}/) + ```shell { # Step 1: Create containerd config.toml cat <<EOF | sudo tee /etc/containerd/config.toml @@ -41,7 +46,7 @@ EOF } ``` -2. Restart `containerd` +1. Restart `containerd` ```shell sudo systemctl restart containerd @@ -53,9 +58,10 @@ You can run containers in gVisor via containerd's CRI. ### Install crictl -1. Download and install the crictl binary: +1. Download and install the crictl binary: [embedmd]:# (../test/e2e/crictl-install.sh shell /{ # Step 1/ /^}/) + ```shell { # Step 1: Download crictl wget https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.13.0/crictl-v1.13.0-linux-amd64.tar.gz @@ -64,9 +70,10 @@ sudo mv crictl /usr/local/bin } ``` -2. Write the crictl configuration file +1. Write the crictl configuration file [embedmd]:# (../test/e2e/crictl-install.sh shell /{ # Step 2/ /^}/) + ```shell { # Step 2: Configure crictl cat <<EOF | sudo tee /etc/crictl.yaml @@ -77,18 +84,20 @@ EOF ### Create the nginx Sandbox in gVisor -1. Pull the nginx image +1. Pull the nginx image [embedmd]:# (../test/e2e/runtime-handler/usage.sh shell /{ # Step 1/ /^}/) + ```shell { # Step 1: Pull the nginx image sudo crictl pull nginx } ``` -2. Create the sandbox creation request +1. Create the sandbox creation request [embedmd]:# (../test/e2e/runtime-handler/usage.sh shell /{ # Step 2/ /^EOF\n}/) + ```shell { # Step 2: Create sandbox.json cat <<EOF | tee sandbox.json @@ -107,9 +116,10 @@ EOF } ``` -3. Create the pod in gVisor +1. Create the pod in gVisor [embedmd]:# (../test/e2e/runtime-handler/usage.sh shell /{ # Step 3/ /^}/) + ```shell { # Step 3: Create the sandbox SANDBOX_ID=$(sudo crictl runp --runtime runsc sandbox.json) @@ -118,9 +128,10 @@ SANDBOX_ID=$(sudo crictl runp --runtime runsc sandbox.json) ### Run the nginx Container in the Sandbox -1. Create the nginx container creation request +1. Create the nginx container creation request [embedmd]:# (../test/e2e/run-container.sh shell /{ # Step 1/ /^EOF\n}/) + ```shell { # Step 1: Create nginx container config cat <<EOF | tee container.json @@ -139,18 +150,20 @@ EOF } ``` -2. Create the nginx container +1. Create the nginx container [embedmd]:# (../test/e2e/run-container.sh shell /{ # Step 2/ /^}/) + ```shell { # Step 2: Create nginx container CONTAINER_ID=$(sudo crictl create ${SANDBOX_ID} container.json sandbox.json) } ``` -3. Start the nginx container +1. Start the nginx container [embedmd]:# (../test/e2e/run-container.sh shell /{ # Step 3/ /^}/) + ```shell { # Step 3: Start nginx container sudo crictl start ${CONTAINER_ID} @@ -159,27 +172,30 @@ sudo crictl start ${CONTAINER_ID} ### Validate the container -1. Inspect the created pod +1. Inspect the created pod [embedmd]:# (../test/e2e/validate.sh shell /{ # Step 1/ /^}/) + ```shell { # Step 1: Inspect the pod sudo crictl inspectp ${SANDBOX_ID} } ``` -2. Inspect the nginx container +1. Inspect the nginx container [embedmd]:# (../test/e2e/validate.sh shell /{ # Step 2/ /^}/) + ```shell { # Step 2: Inspect the container sudo crictl inspect ${CONTAINER_ID} } ``` -3. Verify that nginx is running in gVisor +1. Verify that nginx is running in gVisor [embedmd]:# (../test/e2e/validate.sh shell /{ # Step 3/ /^}/) + ```shell { # Step 3: Check dmesg sudo crictl exec ${CONTAINER_ID} dmesg | grep -i gvisor @@ -188,9 +204,10 @@ sudo crictl exec ${CONTAINER_ID} dmesg | grep -i gvisor ### Set up the Kubernetes Runtime Class -1. Install the Runtime Class for gVisor +1. Install the Runtime Class for gVisor [embedmd]:# (../test/e2e/runtimeclass-install.sh shell /{ # Step 1/ /^}/) + ```shell { # Step 1: Install a RuntimeClass cat <<EOF | kubectl apply -f - @@ -203,9 +220,10 @@ EOF } ``` -2. Create a Pod with the gVisor Runtime Class +1. Create a Pod with the gVisor Runtime Class [embedmd]:# (../test/e2e/runtimeclass-install.sh shell /{ # Step 2/ /^}/) + ```shell { # Step 2: Create a pod cat <<EOF | kubectl apply -f - @@ -222,9 +240,10 @@ EOF } ``` -3. Verify that the Pod is running +1. Verify that the Pod is running [embedmd]:# (../test/e2e/runtimeclass-install.sh shell /{ # Step 3/ /^}/) + ```shell { # Step 3: Get the pod kubectl get pod nginx-gvisor -o wide |