Browse Source
doc: write how to use kata-container for pods (#8817)
kata-container is not used by default even if enabling kata_containers_enabled.
This updates the doc for writing how to do that.
pull/8827/head
Kenichi Omichi
2 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with
26 additions and
1 deletions
-
docs/kata-containers.md
|
|
|
@ -8,7 +8,7 @@ _Qemu_ is the only hypervisor supported by Kubespray. |
|
|
|
|
|
|
|
## Installation |
|
|
|
|
|
|
|
To use Kata Containers, set the following variables: |
|
|
|
To enable Kata Containers, set the following variables: |
|
|
|
|
|
|
|
**k8s-cluster.yml**: |
|
|
|
|
|
|
|
@ -23,6 +23,31 @@ kata_containers_enabled: true |
|
|
|
etcd_deployment_type: host |
|
|
|
``` |
|
|
|
|
|
|
|
## Usage |
|
|
|
|
|
|
|
By default, runc is used for pods. |
|
|
|
Kubespray generates the runtimeClass kata-qemu, and it is necessary to specify it as |
|
|
|
the runtimeClassName of a pod spec to use Kata Containers: |
|
|
|
|
|
|
|
```shell |
|
|
|
$ kubectl get runtimeclass |
|
|
|
NAME HANDLER AGE |
|
|
|
kata-qemu kata-qemu 3m34s |
|
|
|
$ |
|
|
|
$ cat nginx.yaml |
|
|
|
apiVersion: v1 |
|
|
|
kind: Pod |
|
|
|
metadata: |
|
|
|
name: mypod |
|
|
|
spec: |
|
|
|
runtimeClassName: kata-qemu |
|
|
|
containers: |
|
|
|
- name: nginx |
|
|
|
image: nginx:1.14.2 |
|
|
|
$ |
|
|
|
$ kubectl apply -f nginx.yaml |
|
|
|
``` |
|
|
|
|
|
|
|
## Configuration |
|
|
|
|
|
|
|
### Recommended : Pod Overhead |
|
|
|
|
