post image January 6, 2022 | 1 min Read

RuntimeClass GAdvisor and Kata containers

**Prepare runtimeClass yaml specification''

k get runtimeclasses.node.k8s.io -A
NAME              HANDLER        AGE
gvisor            runsc          2m58s
kata-containers   kata-runtime   2m57s

vim runtimeclass.yaml 
...
apiVersion: node.k8s.io/v1  # RuntimeClass is defined in the node.k8s.io API group
kind: RuntimeClass
metadata:
  name: secure-runtime # The name the RuntimeClass will be referenced by
  # RuntimeClass is a non-namespaced resource
handler: runsc  # The name of the corresponding CRI configuration
:wq!

**Create a custom runtimeClass by using kubectl command''

# apply this file
k create -f  runtimeclass.yaml
runtimeclass.node.k8s.io/secure-runtime created

# check a newly created runtimeClass
k get runtimeclasses.node.k8s.io -A
NAME              HANDLER        AGE
gvisor            runsc          7m25s
kata-containers   kata-runtime   7m24s
secure-runtime    runsc          2m48s

**Create a pod using secure-runtime runtimeClass''

# create a pod using secure-runtime runtimeclass
cat simple-webapp-1.yaml 
apiVersion: v1
kind: Pod
metadata:
    name: simple-webapp-1
    labels:
        name: simple-webapp
spec:
    runtimeClassName: secure-runtime
    containers:
        -
            name: simple-webapp
            image: kodekloud/webapp-delayed-start
            ports:
                -
                    containerPort: 8080
author image

Jan Toth

I have been in DevOps related jobs for past 6 years dealing mainly with Kubernetes in AWS and on-premise as well. I spent quite a lot …

comments powered by Disqus