aljaz/kata-containers
1
0
Fork 0
mirror of https://github.com/aljazceru/kata-containers.git synced 2026-01-07 08:24:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
38a82d725e39f296346673efe37e6372f3fdd67a
kata-containers/snap
History
Julio Montes 38a82d725e snap: add yaml to build snap image 
the yaml file is the recipe to build a snap image
with all Kata Containers components inside.

fixes #81

Signed-off-by: Julio Montes <julio.montes@intel.com>
2018-07-04 15:59:33 -05:00
..
README.md
snap: add yaml to build snap image
2018-07-04 15:59:33 -05:00
snapcraft.yaml.in
snap: add yaml to build snap image
2018-07-04 15:59:33 -05:00

README.md

Kata Containers snap image

This directory contains the resources needed to build the Kata Containers snap image.

Initial setup

Ubuntu 18.04

$ sudo apt-get install -y snapd snapcraft

Build snap image

Run next command at the root directory of the packaging repository.

$ make snap

Install snap (developer)

To install the resulting snap image, snap must be put in classic mode and the security confinement must be disabled (--classic). Also since the resulting snap has not been signed the verification of signature must be omitted (--dangerous).

$ sudo snap install --classic --dangerous kata-containers_[VERSION]_[ARCH].snap

Replace VERSION with the current version of Kata Containers and ARCH with the system architecture.

Configuring Kata Containers

By default Kata Containers snap image is mounted at /snap/kata-containers as a read-only file system, therefore default configuration file can not be edited. Fortunately kata-runtime supports loading a configuration file from another path than the default.

$ sudo mkdir -p /etc/kata-containers
$ sudo cp /snap/kata-containers/current/usr/share/defaults/kata-containers/configuration.toml /etc/kata-containers/
$ $EDITOR /etc/kata-containers/configuration.toml

Integration with docker

the path to the runtime provided by the Kata Containers snap image is /snap/kata-containers/current/usr/bin/kata-runtime, this runtime must be added to dockerd via systemd or dockerd configuration file.

/etc/systemd/system/docker.service.d/runtime.conf

[Service]
ExecStart=/usr/bin/dockerd -D --add-runtime kata-runtime=/snap/kata-containers/current/usr/bin/kata-runtime --default-runtime=kata-runtime

or

/etc/docker/daemon.json

{
	"default-runtime": "kata-runtime",
	"runtimes": {
		"kata-runtime": {
			"path": "/snap/kata-containers/current/usr/bin/kata-runtime"
		}
	}
}

after having added the new runtime, the service must be reloaded and restarted

$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

Limitations

The miniOS image is not included in the snap image as it is not possible for QEMU to open a guest RAM backing store on a read-only filesystem.