From c6b3dcb67d5f23d8484dc05e191206afdfcc6f2a Mon Sep 17 00:00:00 2001 From: Zhongtao Hu Date: Sun, 18 Sep 2022 11:33:42 +0800 Subject: [PATCH] kata-deploy: support kata-deploy for runtime-rs support kata-deploy for runtime-rs Fixes:#5000 Signed-off-by: Zhongtao Hu --- tools/packaging/kata-deploy/README.md | 15 ++++++- .../packaging/kata-deploy/action/test-kata.sh | 2 +- .../examples/nginx-deployment-dragonball.yaml | 20 +++++++++ .../examples/test-deploy-kata-dragonball.yaml | 42 +++++++++++++++++++ .../runtimeclasses/kata-runtimeClasses.yaml | 13 ++++++ .../kata-deploy/scripts/kata-deploy.sh | 8 +++- 6 files changed, 97 insertions(+), 3 deletions(-) create mode 100644 tools/packaging/kata-deploy/examples/nginx-deployment-dragonball.yaml create mode 100644 tools/packaging/kata-deploy/examples/test-deploy-kata-dragonball.yaml diff --git a/tools/packaging/kata-deploy/README.md b/tools/packaging/kata-deploy/README.md index f56bb005cd79..99ff3d3af204 100644 --- a/tools/packaging/kata-deploy/README.md +++ b/tools/packaging/kata-deploy/README.md @@ -81,6 +81,14 @@ which will ensure the workload is only scheduled on a node that has Kata Contain ```bash $ kubectl apply -f https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/runtimeclasses/kata-runtimeClasses.yaml ``` +The following YAML snippet shows how to specify a workload should use Kata with `Dragonball`: + +```yaml +spec: + template: + spec: + runtimeClassName: kata-dragonball +``` The following YAML snippet shows how to specify a workload should use Kata with Cloud Hypervisor: @@ -108,6 +116,11 @@ spec: spec: runtimeClassName: kata-qemu ``` +To run an example with `kata-dragonball`: + +```bash +$ kubectl apply -f https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/examples/test-deploy-kata-dragonball.yaml +``` To run an example with `kata-clh`: @@ -192,7 +205,7 @@ from the [Kata Containers release page](https://github.com/kata-containers/kata- Host artifacts: * `cloud-hypervisor`, `firecracker`, `qemu`, and supporting binaries -* `containerd-shim-kata-v2` +* `containerd-shim-kata-v2` (go runtime and rust runtime) * `kata-collect-data.sh` * `kata-runtime` diff --git a/tools/packaging/kata-deploy/action/test-kata.sh b/tools/packaging/kata-deploy/action/test-kata.sh index 96d41fbc61b5..de8135d4f3a2 100755 --- a/tools/packaging/kata-deploy/action/test-kata.sh +++ b/tools/packaging/kata-deploy/action/test-kata.sh @@ -66,7 +66,7 @@ function run_test() { cmd="kubectl get pods | grep $busybox_pod | grep Completed" wait_time=120 - configurations=("nginx-deployment-qemu" "nginx-deployment-clh") + configurations=("nginx-deployment-qemu" "nginx-deployment-clh" "nginx-deployment-dragonball") for deployment in "${configurations[@]}"; do # start the kata pod: kubectl apply -f "$YAMLPATH/examples/${deployment}.yaml" diff --git a/tools/packaging/kata-deploy/examples/nginx-deployment-dragonball.yaml b/tools/packaging/kata-deploy/examples/nginx-deployment-dragonball.yaml new file mode 100644 index 000000000000..2f04224830d6 --- /dev/null +++ b/tools/packaging/kata-deploy/examples/nginx-deployment-dragonball.yaml @@ -0,0 +1,20 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nginx-deployment-dragonball +spec: + selector: + matchLabels: + app: nginx + replicas: 2 + template: + metadata: + labels: + app: nginx + spec: + runtimeClassName: kata-dragonball + containers: + - name: nginx + image: nginx:1.14 + ports: + - containerPort: 80 diff --git a/tools/packaging/kata-deploy/examples/test-deploy-kata-dragonball.yaml b/tools/packaging/kata-deploy/examples/test-deploy-kata-dragonball.yaml new file mode 100644 index 000000000000..14ad93a855ab --- /dev/null +++ b/tools/packaging/kata-deploy/examples/test-deploy-kata-dragonball.yaml @@ -0,0 +1,42 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + run: php-apache-kata-dragonball + name: php-apache-kata-dragonball +spec: + replicas: 1 + selector: + matchLabels: + run: php-apache-kata-dragonball + template: + metadata: + labels: + run: php-apache-kata-dragonball + spec: + runtimeClassName: kata-dragonball + containers: + - image: k8s.gcr.io/hpa-example + imagePullPolicy: Always + name: php-apache + ports: + - containerPort: 80 + protocol: TCP + resources: + requests: + cpu: 200m + restartPolicy: Always +--- +apiVersion: v1 +kind: Service +metadata: + name: php-apache-kata-dragonball +spec: + ports: + - port: 80 + protocol: TCP + targetPort: 80 + selector: + run: php-apache-kata-dragonball + sessionAffinity: None + type: ClusterIP diff --git a/tools/packaging/kata-deploy/runtimeclasses/kata-runtimeClasses.yaml b/tools/packaging/kata-deploy/runtimeclasses/kata-runtimeClasses.yaml index 91fb352ee91d..d3260d4a8e26 100644 --- a/tools/packaging/kata-deploy/runtimeclasses/kata-runtimeClasses.yaml +++ b/tools/packaging/kata-deploy/runtimeclasses/kata-runtimeClasses.yaml @@ -37,3 +37,16 @@ overhead: scheduling: nodeSelector: katacontainers.io/kata-runtime: "true" +--- +kind: RuntimeClass +apiVersion: node.k8s.io/v1 +metadata: + name: kata-dragonball +handler: kata-dragonball +overhead: + podFixed: + memory: "130Mi" + cpu: "250m" +scheduling: + nodeSelector: + katacontainers.io/kata-runtime: "true" diff --git a/tools/packaging/kata-deploy/scripts/kata-deploy.sh b/tools/packaging/kata-deploy/scripts/kata-deploy.sh index 4345f240356c..9ad2a3568a3a 100755 --- a/tools/packaging/kata-deploy/scripts/kata-deploy.sh +++ b/tools/packaging/kata-deploy/scripts/kata-deploy.sh @@ -17,6 +17,7 @@ shims=( "fc" "qemu" "clh" + "dragonball" ) default_shim="qemu" @@ -57,6 +58,7 @@ function install_artifacts() { echo "copying kata artifacts onto host" cp -a /opt/kata-artifacts/opt/kata/* /opt/kata/ chmod +x /opt/kata/bin/* + chmod +x /opt/kata/runtime-rs/bin/* } function configure_cri_runtime() { @@ -98,7 +100,11 @@ function configure_different_shims_base() { fi fi - ln -sf /opt/kata/bin/containerd-shim-kata-v2 "${shim_file}" + if [[ "${shim}" == "dragonball" ]]; then + ln -sf /opt/kata/runtime-rs/bin/containerd-shim-kata-v2 "${shim_file}" + else + ln -sf /opt/kata/bin/containerd-shim-kata-v2 "${shim_file}" + fi chmod +x "$shim_file" if [ "${shim}" == "${default_shim}" ]; then