summaryrefslogtreecommitdiffhomepage
path: root/shim/v2/runtime-handler-shim-v2-quickstart.md
diff options
context:
space:
mode:
Diffstat (limited to 'shim/v2/runtime-handler-shim-v2-quickstart.md')
-rw-r--r--shim/v2/runtime-handler-shim-v2-quickstart.md59
1 files changed, 39 insertions, 20 deletions
diff --git a/shim/v2/runtime-handler-shim-v2-quickstart.md b/shim/v2/runtime-handler-shim-v2-quickstart.md
index ca8336089..3b88ca74b 100644
--- a/shim/v2/runtime-handler-shim-v2-quickstart.md
+++ b/shim/v2/runtime-handler-shim-v2-quickstart.md
@@ -5,17 +5,21 @@ the containerd runtime handler support. This requires containerd 1.2 or later.
## Requirements
-- **runsc**: See the [gVisor documentation](https://github.com/google/gvisor) for information on how to install runsc.
-- **containerd**: See the [containerd website](https://containerd.io/) for information on how to install containerd.
+- **runsc**: See the [gVisor documentation](https://github.com/google/gvisor)
+ for information on how to install runsc.
+- **containerd**: See the [containerd website](https://containerd.io/) for
+ information on how to install containerd.
## Install
### Install containerd-shim-runsc-v1
-1. Build and install `containerd-shim-runsc-v1`.
+1. Build and install `containerd-shim-runsc-v1`.
<!-- TODO: Use a release once we have one available. -->
+
[embedmd]:# (../test/e2e/shim-install.sh shell /{ # Step 1\(dev\)/ /^}/)
+
```shell
{ # Step 1(dev): Build and install gvisor-containerd-shim and containerd-shim-runsc-v1
make
@@ -25,10 +29,11 @@ the containerd runtime handler support. This requires containerd 1.2 or later.
### Configure containerd
-1. Update `/etc/containerd/config.toml`. Make sure `containerd-shim-runsc-v1` is
- in `${PATH}`.
+1. Update `/etc/containerd/config.toml`. Make sure `containerd-shim-runsc-v1`
+ is in `${PATH}`.
[embedmd]:# (../test/e2e/runtime-handler-shim-v2/install.sh shell /{ # Step 1/ /^}/)
+
```shell
{ # Step 1: Create containerd config.toml
cat <<EOF | sudo tee /etc/containerd/config.toml
@@ -41,7 +46,7 @@ EOF
}
```
-2. Restart `containerd`
+1. Restart `containerd`
```shell
sudo systemctl restart containerd
@@ -53,9 +58,10 @@ You can run containers in gVisor via containerd's CRI.
### Install crictl
-1. Download and install the crictl binary:
+1. Download and install the crictl binary:
[embedmd]:# (../test/e2e/crictl-install.sh shell /{ # Step 1/ /^}/)
+
```shell
{ # Step 1: Download crictl
wget https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.13.0/crictl-v1.13.0-linux-amd64.tar.gz
@@ -64,9 +70,10 @@ sudo mv crictl /usr/local/bin
}
```
-2. Write the crictl configuration file
+1. Write the crictl configuration file
[embedmd]:# (../test/e2e/crictl-install.sh shell /{ # Step 2/ /^}/)
+
```shell
{ # Step 2: Configure crictl
cat <<EOF | sudo tee /etc/crictl.yaml
@@ -77,18 +84,20 @@ EOF
### Create the nginx Sandbox in gVisor
-1. Pull the nginx image
+1. Pull the nginx image
[embedmd]:# (../test/e2e/runtime-handler/usage.sh shell /{ # Step 1/ /^}/)
+
```shell
{ # Step 1: Pull the nginx image
sudo crictl pull nginx
}
```
-2. Create the sandbox creation request
+1. Create the sandbox creation request
[embedmd]:# (../test/e2e/runtime-handler/usage.sh shell /{ # Step 2/ /^EOF\n}/)
+
```shell
{ # Step 2: Create sandbox.json
cat <<EOF | tee sandbox.json
@@ -107,9 +116,10 @@ EOF
}
```
-3. Create the pod in gVisor
+1. Create the pod in gVisor
[embedmd]:# (../test/e2e/runtime-handler/usage.sh shell /{ # Step 3/ /^}/)
+
```shell
{ # Step 3: Create the sandbox
SANDBOX_ID=$(sudo crictl runp --runtime runsc sandbox.json)
@@ -118,9 +128,10 @@ SANDBOX_ID=$(sudo crictl runp --runtime runsc sandbox.json)
### Run the nginx Container in the Sandbox
-1. Create the nginx container creation request
+1. Create the nginx container creation request
[embedmd]:# (../test/e2e/run-container.sh shell /{ # Step 1/ /^EOF\n}/)
+
```shell
{ # Step 1: Create nginx container config
cat <<EOF | tee container.json
@@ -139,18 +150,20 @@ EOF
}
```
-2. Create the nginx container
+1. Create the nginx container
[embedmd]:# (../test/e2e/run-container.sh shell /{ # Step 2/ /^}/)
+
```shell
{ # Step 2: Create nginx container
CONTAINER_ID=$(sudo crictl create ${SANDBOX_ID} container.json sandbox.json)
}
```
-3. Start the nginx container
+1. Start the nginx container
[embedmd]:# (../test/e2e/run-container.sh shell /{ # Step 3/ /^}/)
+
```shell
{ # Step 3: Start nginx container
sudo crictl start ${CONTAINER_ID}
@@ -159,27 +172,30 @@ sudo crictl start ${CONTAINER_ID}
### Validate the container
-1. Inspect the created pod
+1. Inspect the created pod
[embedmd]:# (../test/e2e/validate.sh shell /{ # Step 1/ /^}/)
+
```shell
{ # Step 1: Inspect the pod
sudo crictl inspectp ${SANDBOX_ID}
}
```
-2. Inspect the nginx container
+1. Inspect the nginx container
[embedmd]:# (../test/e2e/validate.sh shell /{ # Step 2/ /^}/)
+
```shell
{ # Step 2: Inspect the container
sudo crictl inspect ${CONTAINER_ID}
}
```
-3. Verify that nginx is running in gVisor
+1. Verify that nginx is running in gVisor
[embedmd]:# (../test/e2e/validate.sh shell /{ # Step 3/ /^}/)
+
```shell
{ # Step 3: Check dmesg
sudo crictl exec ${CONTAINER_ID} dmesg | grep -i gvisor
@@ -188,9 +204,10 @@ sudo crictl exec ${CONTAINER_ID} dmesg | grep -i gvisor
### Set up the Kubernetes Runtime Class
-1. Install the Runtime Class for gVisor
+1. Install the Runtime Class for gVisor
[embedmd]:# (../test/e2e/runtimeclass-install.sh shell /{ # Step 1/ /^}/)
+
```shell
{ # Step 1: Install a RuntimeClass
cat <<EOF | kubectl apply -f -
@@ -203,9 +220,10 @@ EOF
}
```
-2. Create a Pod with the gVisor Runtime Class
+1. Create a Pod with the gVisor Runtime Class
[embedmd]:# (../test/e2e/runtimeclass-install.sh shell /{ # Step 2/ /^}/)
+
```shell
{ # Step 2: Create a pod
cat <<EOF | kubectl apply -f -
@@ -222,9 +240,10 @@ EOF
}
```
-3. Verify that the Pod is running
+1. Verify that the Pod is running
[embedmd]:# (../test/e2e/runtimeclass-install.sh shell /{ # Step 3/ /^}/)
+
```shell
{ # Step 3: Get the pod
kubectl get pod nginx-gvisor -o wide