howto: k8s grammar and format changes

Went through and made a few grammar and format updates to make how-to guide easier to follow, as well as adddirect links to project Github pages where applicable. Fixes: #127 Signed-off-by: trilliams <tribecca@tribecc.us> howto: k8s grammar and format changes Went through and made a few grammar and format updates to make how-to guide easier to follow, as well as adddirect links to project Github pages where applicable. Fixes: #127 Signed-off-by: trilliams <tribecca@tribecc.us>
kata-containers · Jul 26, 2018 · 85964d3 · 85964d3
1 parent 9664caf
commit 85964d3
Showing 1 changed file with 210 additions and 21 deletions.
diff --git a/how-to/how-to-use-k8s-with-cri-containerd-and-kata.md b/how-to/how-to-use-k8s-with-cri-containerd-and-kata.md
@@ -1,65 +1,133 @@
 # How to use Kata Containers and CRI (containerd plugin) with Kubernetes
 
+<<<<<<< HEAD
 This document describes how to set up a single-machine Kubernetes cluster. 
+<<<<<<< HEAD
+<<<<<<< HEAD
 The Kubernetes cluster will use the CRI containerd plugin and Kata Containers to launch untrusted workloads.
+=======
+The Kubernetes cluster will use the [CRI containerd plugin](https://github.com/containerd/cri) and [Kata Containers](https://katacontainers.io) to launch untrusted workloads.
+>>>>>>> c22d45e... made a few grammatical & format changes
 
 ## Requirements 
+=======
+The Kubernetes cluster will use the [CRI containerd plugin](https://github.com/containerd/cri) and [Kata Containers](https://katacontainers.io) to launch untrusted workloads.
+=======
+This document describes how to set up a single-machine Kubernetes cluster.
+<<<<<<< HEAD
+The Kubernetes cluster will use the [CRI containerd plugin](https://github.com/containerd/cri) and [Kata Containers](https://github.com/kata-containers) to launch untrusted workloads.
+>>>>>>> f208a33... howto: k8s grammar and format changes
+=======
+The Kubernetes cluster will use the [CRI containerd plugin](https://github.com/containerd/cri/blob/master/README.md) and [Kata Containers](https://katacontainers.io) to launch untrusted workloads.
+>>>>>>> 592bf58... edit
+
+## Requirements
+>>>>>>> 6486053... howto: k8s grammar and format changes
 - Kubernetes, kubelet, kubeadm
 - cri-containerd
 - Kata Containers
 
+<<<<<<< HEAD
+<<<<<<< HEAD
 For information about the supported version of these components see 
 Kata Containers [versions.yaml](https://github.com/kata-containers/runtime/blob/master/versions.yaml) file.
+=======
+<<<<<<< HEAD
+=======
+>>>>>>> c22d45e... made a few grammatical & format changes
+Note|
+----------------- |
+|For information about the supported versions of these components, see the  Kata Containers [versions.yaml](https://github.com/kata-containers/runtime/blob/master/versions.yaml) file. |
+
+<<<<<<< HEAD
+=======
+For information about the supported versions of these components, see the Kata Containers [versions.yaml](https://github.com/kata-containers/runtime/blob/master/versions.yaml) file.
+>>>>>>> f208a33... howto: k8s grammar and format changes
+
+>>>>>>> 6486053... howto: k8s grammar and format changes
+=======
+
+>>>>>>> c22d45e... made a few grammatical & format changes
 
 ## Install containerd(with CRI plugin enabled)
 
 Follow the instructions from [CRI installation guide](http://github.com/containerd/cri/blob/master/docs/installation.md)
 
-<!---
 ```bash
 # Check if containerd is installed
 $ command -v containerd
 ```
---->
 
-## Install Kata Containers 
+## Install Kata Containers
 
 Follow the instructions to [install Kata](https://github.com/kata-containers/documentation/blob/master/install/README.md).
 
-<!---
 ```bash
 # Check if kata-runtime is installed
 $ command -v kata-runtime
 # Check kata is well configured
 $ kata-runtime kata-env
 ```
---->
 
 ## Install Kubernetes
-Install Kubernetes in your host.  See kubeadm [installation](https://kubernetes.io/docs/tasks/tools/install-kubeadm/)
-<!---
+Install Kubernetes in your host.  See kubeadm [installation](https://kubernetes.io/docs/setup/independent/install-kubeadm/)
+
 ```bash
 # Check if kubadm is installed
 $ command -v kubeadm
 ```
---->
 
 ### Configure containerd to use Kata Containers
 
-The CRI containerd plugin support configuration for two runtime types.
+The CRI containerd plugin supports configuration for two runtime types.
 
+<<<<<<< HEAD
+<<<<<<< HEAD
 - Default runtime: A runtime that is used by default to run workloads.
 - Untrusted workload runtime: A runtime that will be used run untrusted workloads.
+=======
+- **Default runtime:** A runtime that is used by default to run workloads.
+<<<<<<< HEAD
+- **Untrusted workload runtime:** A runtime that will be used run untrusted workloads.
+=======
+- **Untrusted workload runtime:** A runtime that will be used to run untrusted workloads.
+>>>>>>> f208a33... howto: k8s grammar and format changes
+>>>>>>> 6486053... howto: k8s grammar and format changes
+
+#### Define the Kata runtime as `untrusted_workload_runtime`
+
+Configure the Kata runtime for untrusted workloads with the [config option](https://github.com/containerd/cri/blob/v1.0.0-rc.0/docs/config.md)
+`plugins.cri.containerd.untrusted_workload_runtime`.
+
+Unless configured otherwise, the default runtime is set to `runc`.
+<<<<<<< HEAD
+=======
+
+<<<<<<< HEAD
+- Configure containerd to use Kata as `untrusted_workload_runtime`
+=======
+- Configure containerd to use Kata as `untrusted_workload_runtime`:
+>>>>>>> f208a33... howto: k8s grammar and format changes
+
+>>>>>>> 6486053... howto: k8s grammar and format changes
+=======
+- **Default runtime:** A runtime that is used by default to run workloads.
+- **Untrusted workload runtime:** A runtime that will be used run untrusted workloads.
 
 #### Define the Kata runtime as `untrusted_workload_runtime` 
 
 Configure the Kata runtime for untrusted workload with the [config option](https://github.com/containerd/cri/blob/v1.0.0-rc.0/docs/config.md)
 `plugins.cri.containerd.untrusted_workload_runtime`.
 
 Unless configured otherwise, the default runtime is set to `runc`.
+
+- Configure containerd to use Kata as `untrusted_workload_runtime`
+
+>>>>>>> c22d45e... made a few grammatical & format changes
 ```bash
-# Configure containerd to use Kata as untrusted_workload_runtime
 $ sudo mkdir -p /etc/containerd/
+```
+```bash
 $ cat << EOT | sudo tee /etc/containerd/config.toml
 [plugins]
     [plugins.cri.containerd]
@@ -71,23 +139,60 @@ EOT
 
 ### Configure Kubelet to use containerd
 
+<<<<<<< HEAD
+<<<<<<< HEAD
 In order to allow kubelet use containerd (using CRI interface) configure the service to
 point to containerd socket.
+=======
+<<<<<<< HEAD
+In order to allow kubelet use containerd (using CRI interface), configure the service to
+point to the `containerd` socket.
+=======
+In order to allow kubelet to use containerd (using CRI interface), configure the service to point to the `containerd` socket.
+>>>>>>> f208a33... howto: k8s grammar and format changes
+
+
+- Configure k8s to use containerd
+>>>>>>> 6486053... howto: k8s grammar and format changes
+=======
+In order to allow kubelet use containerd (using CRI interface), configure the service to
+point to the `containerd` socket.
+
+
+- Configure k8s to use containerd
+>>>>>>> c22d45e... made a few grammatical & format changes
 
 ```bash
-# Configure k8s to use containerd
 $ sudo mkdir -p  /etc/systemd/system/kubelet.service.d/
+```
+```bash
 $ cat << EOF | sudo tee  /etc/systemd/system/kubelet.service.d/0-containerd.conf
 [Service]                                                 
 Environment="KUBELET_EXTRA_ARGS=--container-runtime=remote --runtime-request-timeout=15m --container-runtime-endpoint=unix:///run/containerd/containerd.sock"
 EOF
+```
+```bash
 $ sudo systemctl daemon-reload
 ```
 
 ### Optional: Configure proxy
 
+<<<<<<< HEAD
+<<<<<<< HEAD
 If you are behind a proxy this script will configure your proxy for docker
 kubelet and containerd.
+=======
+<<<<<<< HEAD
+If you are behind a proxy, use this script to configure your proxy for docker,
+kubelet, and containerd.
+=======
+If you are behind a proxy, use the following script to configure your proxy for docker, kubelet, and containerd:
+>>>>>>> f208a33... howto: k8s grammar and format changes
+>>>>>>> 6486053... howto: k8s grammar and format changes
+=======
+If you are behind a proxy, use this script to configure your proxy for docker,
+kubelet, and containerd.
+>>>>>>> c22d45e... made a few grammatical & format changes
 
 ```bash
 # Set proxys
@@ -109,20 +214,61 @@ Environment="HTTPS_PROXY=${https_proxy}"
 Environment="NO_PROXY=${no_proxy}"
 EOT
 done
+```
+```bash
 $ sudo systemctl daemon-reload
 ```
 
-###  Start Kubernetes with kubeadm 
+###  Start Kubernetes with `kubeadm`
+
+
+- Make sure containerd is up and running
 
 ```bash
-# Mark sure containerd is up and running
 $ sudo systemctl restart containerd
 $ sudo systemctl status containerd
+<<<<<<< HEAD
+<<<<<<< HEAD
+=======
+```
+<<<<<<< HEAD
 
-# Prevent docker iptables rules conflict with k8s pod communication
+- Prevent conflicts of docker iptables rules & k8s pod communication
+
+```bash
 $ sudo iptables -P FORWARD ACCEPT
+```
 
+-  Start cluster using `kubeadm`
+
+=======
+
+- Prevent conflicts of docker iptables rules & k8s pod communication
+>>>>>>> 6486053... howto: k8s grammar and format changes
+=======
+```
+
+- Prevent conflicts of docker iptables rules & k8s pod communication
+>>>>>>> c22d45e... made a few grammatical & format changes
+
+```bash
+$ sudo iptables -P FORWARD ACCEPT
+```
+
+<<<<<<< HEAD
+<<<<<<< HEAD
 # Start cluster using kubeadm
+=======
+-  Start cluster using `kubeadm`
+
+>>>>>>> f208a33... howto: k8s grammar and format changes
+```bash
+>>>>>>> 6486053... howto: k8s grammar and format changes
+=======
+-  Start cluster using `kubeadm`
+
+```bash
+>>>>>>> c22d45e... made a few grammatical & format changes
 $ sudo kubeadm init --skip-preflight-checks \
 --cri-socket /run/containerd/containerd.sock --pod-network-cidr=10.244.0.0/16
 
@@ -132,21 +278,41 @@ $ sudo -E kubectl get nodes
 $ sudo -E kubectl get pods
 ```
 
+<<<<<<< HEAD
+<<<<<<< HEAD
 ### Install a pod network
 Install a pod network plugin is needed to allow pods communicate with each other.
 
 Install flannel plugging, by following the instructions in the section *Installing a pod network*
 from [Using kubeadm to Create a Cluster ](https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/)
 guide.
+=======
+### Install a Pod Network
+<<<<<<< HEAD
+
+A pod network plugin is needed to allow pods to communicate with each other.
+
+=======
+
+A pod network plugin is needed to allow pods to communicate with each other.
+
+>>>>>>> f208a33... howto: k8s grammar and format changes
+Install the `flannel` plugin by following the [Using kubeadm to Create a Cluster](https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/#instructions) guide, starting from the **Installing a pod network** section.
+>>>>>>> 6486053... howto: k8s grammar and format changes
+=======
+### Install a Pod Network
+
+A pod network plugin is needed to allow pods to communicate with each other.
+
+Install the `flannel` plugin by following the [Using kubeadm to Create a Cluster](https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/#instructions) guide, starting from the **Installing a pod network** section.
+>>>>>>> c22d45e... made a few grammatical & format changes
 
-<!---
 ```bash
 # Install a pod network using flannel
 # There is not a programmatic way to know last what flannel commit use
 # See https://github.com/coreos/flannel/issues/995
 $ sudo -E kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
 ```
---->
 
 
 ```bash
@@ -166,19 +332,37 @@ $ sudo -E kubectl get pods --all-namespaces | grep dns | grep Running && echo "O
 
 ### Allow run pods in master node
 
-By default, the cluster will not schedule pods in the master node to allow that run:
+By default, the cluster will not schedule pods in the master node. To enable master node scheduling, run:
 
 ```bash
-# allow master node run pods
+# allow master node to run pods
 $ sudo -E kubectl taint nodes --all node-role.kubernetes.io/master-
 ```
 
 
-### Create a unstrusted pod using Kata Containers
+### Create an unstrusted pod using Kata Containers
 
 By default, all pods are created with the default runtime configured in CRI containerd plugin.
+<<<<<<< HEAD
+<<<<<<< HEAD
 If a pod has the `io.kubernetes.cri.untrusted-workload annotation` set as
 `"true"`, the CRI plugin will run the pod with the Kata Containers runtime.
+=======
+If a pod has the `io.kubernetes.cri.untrusted-workload` annotation set to
+<<<<<<< HEAD
+<<<<<<< HEAD
+`"true"`, the CRI plugin will run the pod with the [Kata Containers runtime](https://github.com/kata-containers/runtime).
+=======
+`"true"`, the CRI plugin runs the pod with the [Kata Containers runtime](https://github.com/kata-containers/runtime).
+>>>>>>> f208a33... howto: k8s grammar and format changes
+=======
+`"true"`, the CRI plugin runs the pod with the [Kata Containers runtime](https://github.com/kata-containers/runtime/blob/master/README.md).
+>>>>>>> 592bf58... edit
+>>>>>>> 6486053... howto: k8s grammar and format changes
+=======
+If a pod has the `io.kubernetes.cri.untrusted-workload` annotation set to
+`"true"`, the CRI plugin will run the pod with the [Kata Containers runtime](https://github.com/kata-containers/runtime).
+>>>>>>> c22d45e... made a few grammatical & format changes
 
 ```bash
 # Create untrusted pod configuration
@@ -195,19 +379,24 @@ spec:
     image: nginx
     
 EOT
+```
 
+```bash
 # Create untrusted pod
 $ sudo -E kubectl apply -f nginx-untrusted.yaml
-
+```
+```bash
 # Check pod is running
 $ sudo -E kubectl get pods
+```
 
+```bash
 # Check qemu is running
 $ ps aux | grep qemu
 ```
-### Delete created pod
 
 ```bash
+### Delete created pod
 # Delete pod
 $ sudo -E kubectl delete -f  nginx-untrusted.yaml
 ```