doc: write how to use kata-container for pods (#8817)

kata-container is not used by default even if enabling kata_containers_enabled.
This updates the doc for writing how to do that.
pull/8827/head
Kenichi Omichi 2022-05-13 23:15:18 -07:00 committed by GitHub
parent dc8ad78206
commit 0bf070c33b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 26 additions and 1 deletions

View File

@ -8,7 +8,7 @@ _Qemu_ is the only hypervisor supported by Kubespray.
## Installation ## Installation
To use Kata Containers, set the following variables: To enable Kata Containers, set the following variables:
**k8s-cluster.yml**: **k8s-cluster.yml**:
@ -23,6 +23,31 @@ kata_containers_enabled: true
etcd_deployment_type: host etcd_deployment_type: host
``` ```
## Usage
By default, runc is used for pods.
Kubespray generates the runtimeClass kata-qemu, and it is necessary to specify it as
the runtimeClassName of a pod spec to use Kata Containers:
```shell
$ kubectl get runtimeclass
NAME HANDLER AGE
kata-qemu kata-qemu 3m34s
$
$ cat nginx.yaml
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
runtimeClassName: kata-qemu
containers:
- name: nginx
image: nginx:1.14.2
$
$ kubectl apply -f nginx.yaml
```
## Configuration ## Configuration
### Recommended : Pod Overhead ### Recommended : Pod Overhead