-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: Improve top-level README #3558
Conversation
README.md
Outdated
## Configuration | ||
|
||
See the [runtime configuration details](src/runtime/README.md#configuration) and | ||
the [stateless systems](src/runtime/README.md#stateless-systems) | ||
documentation. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm undecided whether this is the best approach (reference the config details in the runtime's README) or whether we should just move those details to the top-level README since the config file doesn't just apply to the runtime. Thoughts folks?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The config file doesn't just apply to the runtime, but doesn't everything that we describe in that README only apply to the runtime?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Jakob-Naucke - I'm not totally clear on what you're saying here. The license and platform support applies to the whole project so that's why I've moved it to the top-level. The config is a bit more debatable since although it's technically for the runtime (it's read by the runtime), it also affects other parts of the system (such as the agent). Are you saying we should move that config detail into the top-level too? That would make the information more visible but I left it in the runtime README since if we moved the full details to the top-level README, it felt a bit odd for the runtime's README to refer to another file for it's configuration. It's debatable though ;)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, I'm too brief lately :) I meant: While the Kata Containers config does not only affect the runtime, AFAICT, everything we describe in https://github.com/kata-containers/kata-containers/tree/main/src/runtime#configuration does only affect the runtime. Thus, right now, I don't see a reason to move it up anyway.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ack. I've updated the Configuration for both README's to give a bit of extra information to users.
Ugh. The static checker is failing to validate a correct URL:
The problem appears to be that the site in question is filtering on the user agent. Our CI checker doesn't set one, hence the HTTP 403 ("forbidden") error message. For now, I've just removed that link since currently there is no good way to fix the static checker's URL check in a generic way. |
A head's up that may affect your PR. In the Architecture Committee meeting from January 25th, 2022, the Architecture Committee has agreed on using the "Dismiss stale pull request approvals when new commits are pushed" configuration from GitHub. It basically means that if your PR has been rebased or updated, the approvals given will be erased. In order to minimize traumas due to the new approach, please, consider adding a note on the changes done before the rebase / force-push, and also pinging the reviewers for a subsequent round of reviews. Thanks for your understanding! Related issue: kata-containers/community#249 |
1618cf1
to
1a29550
Compare
1a29550
to
f0ad203
Compare
9160dc9
to
e779aff
Compare
Ping for reviews y'all! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @jodh-intel, also for the spelling updates. I have two other minor comments...
src/runtime/README.md
Outdated
> - The runtime will read the configuration file from one of [two | ||
> possible locations](#stateless-systems). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about the /opt/kata
tree?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, there's a bit more detail here, indeed. it'd be more accurate to say what it will do by default.
If we want to provide more detail, we can find a nice way to describe what actually happens, hopefully more succinctly than I do in my blather that follows:
It'll first check if a config path is specified in annotations associated with the pause container (yuck - I hope no one ever does this), and then it'll check for a path specified within the CreateTaskRequest (this is what is done in the case of kata-deploy install, since we look at /opt/kata...), and then finally check the two default locations on the host filesystem, with /etc/kata-containers taking precedence over /usr/share/defaults/kata-containers....).
See:
kata-containers/src/runtime/pkg/containerd-shim-v2/create.go
Lines 212 to 256 in 88a70d3
func loadRuntimeConfig(s *service, r *taskAPI.CreateTaskRequest, anno map[string]string) (*oci.RuntimeConfig, error) { | |
if s.config != nil { | |
return s.config, nil | |
} | |
configPath := oci.GetSandboxConfigPath(anno) | |
if configPath == "" && r.Options != nil { | |
v, err := typeurl.UnmarshalAny(r.Options) | |
if err != nil { | |
return nil, err | |
} | |
option, ok := v.(*crioption.Options) | |
// cri default runtime handler will pass a linux runc options, | |
// and we'll ignore it. | |
if ok { | |
configPath = option.ConfigPath | |
} else { | |
// Some versions of containerd, such as 1.4.3, and 1.4.4 | |
// still rely on the runtime options coming from | |
// github.com/containerd/cri-containerd/pkg/api/runtimeoptions/v1 | |
// Knowing that, instead of breaking compatibility with such | |
// versions, let's work this around on our side | |
oldOption, ok := v.(*oldcrioption.Options) | |
if ok { | |
configPath = oldOption.ConfigPath | |
} | |
} | |
} | |
// Try to get the config file from the env KATA_CONF_FILE | |
if configPath == "" { | |
configPath = os.Getenv("KATA_CONF_FILE") | |
} | |
_, runtimeConfig, err := katautils.LoadConfiguration(configPath, false) | |
if err != nil { | |
return nil, err | |
} | |
// For the unit test, the config will be predefined | |
if s.config == nil { | |
s.config = &runtimeConfig | |
} | |
return &runtimeConfig, nil | |
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm, thanks @jodh-intel!
### Hardware requirements | ||
|
||
The [Kata Containers runtime](src/runtime) provides a command to | ||
determine if your host system is capable of running and creating a |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I, personally, think that kata-runtime check
is not the best way to check whether the host system is capable of running and creating a Kata Container.
As we're 100% Kubernetes focused nowadays, I'd rather see us working on and recommending NFD instead.
But hey, I guess this is the best we have now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I find the tool useful as a starting point, however -- most people will come here to test in their VM environment, and this helps. I do wonder if we need /want this here versus user/developer guide?
/test |
/retest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice improvements! I left a bit of feedback, mostly just agreeing with Jakob :)
### Hardware requirements | ||
|
||
The [Kata Containers runtime](src/runtime) provides a command to | ||
determine if your host system is capable of running and creating a |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I find the tool useful as a starting point, however -- most people will come here to test in their VM environment, and this helps. I do wonder if we need /want this here versus user/developer guide?
src/runtime/README.md
Outdated
> - The runtime will read the configuration file from one of [two | ||
> possible locations](#stateless-systems). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, there's a bit more detail here, indeed. it'd be more accurate to say what it will do by default.
If we want to provide more detail, we can find a nice way to describe what actually happens, hopefully more succinctly than I do in my blather that follows:
It'll first check if a config path is specified in annotations associated with the pause container (yuck - I hope no one ever does this), and then it'll check for a path specified within the CreateTaskRequest (this is what is done in the case of kata-deploy install, since we look at /opt/kata...), and then finally check the two default locations on the host filesystem, with /etc/kata-containers taking precedence over /usr/share/defaults/kata-containers....).
See:
kata-containers/src/runtime/pkg/containerd-shim-v2/create.go
Lines 212 to 256 in 88a70d3
func loadRuntimeConfig(s *service, r *taskAPI.CreateTaskRequest, anno map[string]string) (*oci.RuntimeConfig, error) { | |
if s.config != nil { | |
return s.config, nil | |
} | |
configPath := oci.GetSandboxConfigPath(anno) | |
if configPath == "" && r.Options != nil { | |
v, err := typeurl.UnmarshalAny(r.Options) | |
if err != nil { | |
return nil, err | |
} | |
option, ok := v.(*crioption.Options) | |
// cri default runtime handler will pass a linux runc options, | |
// and we'll ignore it. | |
if ok { | |
configPath = option.ConfigPath | |
} else { | |
// Some versions of containerd, such as 1.4.3, and 1.4.4 | |
// still rely on the runtime options coming from | |
// github.com/containerd/cri-containerd/pkg/api/runtimeoptions/v1 | |
// Knowing that, instead of breaking compatibility with such | |
// versions, let's work this around on our side | |
oldOption, ok := v.(*oldcrioption.Options) | |
if ok { | |
configPath = oldOption.ConfigPath | |
} | |
} | |
} | |
// Try to get the config file from the env KATA_CONF_FILE | |
if configPath == "" { | |
configPath = os.Getenv("KATA_CONF_FILE") | |
} | |
_, runtimeConfig, err := katautils.LoadConfiguration(configPath, false) | |
if err != nil { | |
return nil, err | |
} | |
// For the unit test, the config will be predefined | |
if s.config == nil { | |
s.config = &runtimeConfig | |
} | |
return &runtimeConfig, nil | |
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good improvements, just some additional feedback.
e779aff
to
a196c0f
Compare
@egernst, @Jakob-Naucke - ptal. The configuration is more confusing then even Eric listed. Hopefully, the verbiage on this PR will make things clearer 😄 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @jodh-intel -- I have some comments again
aa7a1db
to
22180a9
Compare
/test |
Ping for re-review folks. |
22180a9
to
56461e5
Compare
Various improvements to the top-level README file: - Moved the following sections from the runtime's README to the top-level README: - License - Platform support / Hardware requirements - Added the following sections to the top-level README: - Configuration - Hypervisors - Improved formatting of the Documentation section in the top-level README. - Removed some unused named links from the top-level README. Also improvements to the runtime README: - Removed confusing mention of the old 1.x runtime name. - Clarify the binary name for the 2.x runtime and the utility program. > **Note:** > > We cannot currently link to the AMD website as that site's > configuration causes the CI static checks to fail. See > kata-containers/tests#4401 Fixes: kata-containers#3557. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
56461e5
to
9818cf7
Compare
/test |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm, thanks @jodh-intel!
Various improvements to the top-level README file:
top-level README:
README.
Fixes: #3557.
Signed-off-by: James O. D. Hunt james.o.hunt@intel.com