Merge pull request #554 from Mirantis/jell/examples_cleanup

Cleanup in examples + fedora example
Mirantis · Jan 17, 2018 · fa3a107 · fa3a107
2 parents e2eb022 + 9d5280c
commit fa3a107
Show file tree

Hide file tree

Showing 10 changed files with 232 additions and 40 deletions.
diff --git a/deploy/images.yaml b/deploy/images.yaml
@@ -1,3 +1,5 @@
 translations:
  - name: cirros
  url: https://github.com/mirantis/virtlet/releases/download/v0.8.2/cirros.img
+ - name: fedora
+ url: https://download.fedoraproject.org/pub/fedora/linux/releases/27/CloudImages/x86_64/images/Fedora-Cloud-Base-27-1.6.x86_64.qcow2
diff --git a/docs/images.md b/docs/images.md
@@ -11,7 +11,7 @@ Virtlet supports QCOW2 format for VM images.
 ```yaml
  containers:
  - name: test-vm
- image: download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
+ image: download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
 ```
 
 **Note:** You need to specify url without `scheme://`. In case you are using [instructions](../deploy/README.md) in `deploy/` directory to deploy Virtlet, you need to add `virtlet.cloud/` prefix to the url.
@@ -30,6 +30,16 @@ Clones used as boot images are stored in "**volumes**" libvirt pool under `/var/
 during the VM execution time and are automatically garbage collected by Virtlet
 after stopping VM pod environment (sandbox).
 
+**Note:**
+Virtlet currently ignores image tags, but their meaning may change
+in future, so it’s better not to set them for VM pods. If there’s no tag
+provided in the image specification kubelet defaults to
+`imagePullPolicy: Always`, which means that the image is always
+redownloaded when the pod is created. In order to make pod creation
+faster and more reliable, we set in examples `imagePullPolicy` to `IfNotPresent`
+so a previously downloaded image is reused if there is one in Virtlet’s
+image store.
+
 ## Restrictions and pitfalls
 
 Image name are a subject to the strict validation rules that normally applied to the docker image names. Thus one cannot

diff --git a/docs/volumes.md b/docs/volumes.md
@@ -124,7 +124,7 @@ spec:
  - virtlet
  containers:
  - name: test-vm
- image: download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
+ image: download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
  volumes:
  - name: vol1
  flexVolume:
@@ -307,7 +307,7 @@ spec:
  - virtlet
  containers:
  - name: test-vm
- image: download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
+ image: download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
  volumes:
  - name: raw
  flexVolume:

diff --git a/examples/cirros-vm-with-additional-annotations.yaml b/examples/cirros-vm-with-additional-annotations.yaml
@@ -0,0 +1,51 @@
+# This example is the same as a basic one but it's extended with
+# example values for VirtletCloudInitUserData and VirtletVCPUCount annotations
+apiVersion: v1
+kind: Pod
+metadata:
+ name: cirros-vm-with-additional-annotations
+ annotations:
+ # This tells CRI Proxy that this pod belongs to Virtlet runtime
+ kubernetes.io/target-runtime: virtlet.cloud
+ # An optional annotation specifying the count of virtual CPUs.
+ # Note that annotation values must always be strings,
+ # thus numeric values need to be quoted.
+ # Defaults to "1".
+ VirtletVCPUCount: "1"
+ # CirrOS doesn't load nocloud data from SCSI CD-ROM for some reason
+ VirtletDiskDriver: virtio
+ # inject ssh keys via cloud-init
+ VirtletSSHKeys: |
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost
+ # cloud-init user data
+ VirtletCloudInitUserDataScript: |
+ #!/bin/sh
+ echo "Hi there"
+spec:
+ # This nodeAffinity specification tells Kubernetes to run this
+ # pod only on the nodes that have extraRuntime=virtlet label.
+ # This label is used by Virtlet DaemonSet to select nodes
+ # that must have Virtlet runtime
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: extraRuntime
+ operator: In
+ values:
+ - virtlet
+ containers:
+ - name: cirros-vm
+ # This specifies the image to use.
+ # virtlet.cloud/ prefix is used by CRI proxy, the remaining part
+ # of the image name is prepended with https:// and used to download the image
+ image: virtlet.cloud/cirros
+ imagePullPolicy: IfNotPresent
+ # tty and stdin required for `kubectl attach -t` to work
+ tty: true
+ stdin: true
+ resources:
+ limits:
+ # This memory limit is applied to the libvirt domain definition
+ memory: 160Mi
diff --git a/examples/cirros-vm.yaml b/examples/cirros-vm.yaml
@@ -5,20 +5,11 @@ metadata:
  annotations:
  # This tells CRI Proxy that this pod belongs to Virtlet runtime
  kubernetes.io/target-runtime: virtlet.cloud
- # An optional annotation specifying the count of virtual CPUs.
- # Note that annotation values must always be strings,
- # thus numeric values need to be quoted.
- # Defaults to "1".
- VirtletVCPUCount: "1"
  # CirrOS doesn't load nocloud data from SCSI CD-ROM for some reason
  VirtletDiskDriver: virtio
  # inject ssh keys via cloud-init
  VirtletSSHKeys: |
  ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost
- # cloud-init user data
- VirtletCloudInitUserDataScript: |
- #!/bin/sh
- echo "Hi there"
 spec:
  # This nodeAffinity specification tells Kubernetes to run this
  # pod only on the nodes that have extraRuntime=virtlet label.
@@ -39,14 +30,6 @@ spec:
  # virtlet.cloud/ prefix is used by CRI proxy, the remaining part
  # of the image name is prepended with https:// and used to download the image
  image: virtlet.cloud/cirros
- # Virtlet currently ignores image tags, but their meaning may change
- # in future, so it’s better not to set them for VM pods. If there’s no tag
- # provided in the image specification kubelet defaults to
- # imagePullPolicy: Always, which means that the image is always
- # redownloaded when the pod is created. In order to make pod creation
- # faster and more reliable, we set imagePullPolicy to IfNotPresent here
- # so a previously downloaded image is reused if there is one
- # in Virtlet’s image store
  imagePullPolicy: IfNotPresent
  # tty and stdin required for `kubectl attach -t` to work
  tty: true

diff --git a/examples/fedora-vm-with-testuser.yaml b/examples/fedora-vm-with-testuser.yaml
@@ -0,0 +1,47 @@
+apiVersion: v1
+kind: Pod
+metadata:
+ name: fedora-vm-with-testuser
+ annotations:
+ kubernetes.io/target-runtime: virtlet.cloud
+ VirtletCloudInitUserData: |
+ ssh_pwauth: True
+ users:
+ - name: testuser
+ gecos: User
+ primary-group: testuser
+ groups: users
+ lock_passwd: false
+ shell: /bin/bash
+ # the password is "testuser"
+ passwd: "$6$rounds=4096$wPs4Hz4tfs$a8ssMnlvH.3GX88yxXKF2cKMlVULsnydoOKgkuStTErTq2dzKZiIx9R/pPWWh5JLxzoZEx7lsSX5T2jW5WISi1"
+ sudo: ALL=(ALL) NOPASSWD:ALL
+ ssh-authorized-keys:
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost
+ VirtletSSHKeys: |
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost
+spec:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: extraRuntime
+ operator: In
+ values:
+ - virtlet
+ # This is the number of seconds Virtlet gives the VM to shut down cleanly.
+ # The default value of 30 seconds is ok for containers but probably too
+ # low for VM, so overriding it here is strongly advised.
+ terminationGracePeriodSeconds: 120
+ containers:
+ - name: fedora-vm
+ image: virtlet.cloud/fedora
+ imagePullPolicy: IfNotPresent
+ # tty and stdin required for `kubectl attach -t` to work
+ tty: true
+ stdin: true
+ resources:
+ limits:
+ # This memory limit is applied to the libvirt domain definition
+ memory: 256Mi
diff --git a/examples/fedora-vm.yaml b/examples/fedora-vm.yaml
@@ -0,0 +1,33 @@
+apiVersion: v1
+kind: Pod
+metadata:
+ name: fedora-vm
+ annotations:
+ kubernetes.io/target-runtime: virtlet.cloud
+ VirtletSSHKeys: |
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost
+spec:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: extraRuntime
+ operator: In
+ values:
+ - virtlet
+ # This is the number of seconds Virtlet gives the VM to shut down cleanly.
+ # The default value of 30 seconds is ok for containers but probably too
+ # low for VM, so overriding it here is strongly advised.
+ terminationGracePeriodSeconds: 120
+ containers:
+ - name: fedora-vm
+ image: virtlet.cloud/fedora
+ imagePullPolicy: IfNotPresent
+ # tty and stdin required for `kubectl attach -t` to work
+ tty: true
+ stdin: true
+ resources:
+ limits:
+ # This memory limit is applied to the libvirt domain definition
+ memory: 256Mi
diff --git a/examples/ubuntu-vm-with-testuser.yaml b/examples/ubuntu-vm-with-testuser.yaml
@@ -0,0 +1,45 @@
+# This example shows how to add by cloud-init a user with sudo passwordless
+# access to root acount. User added that way will have as password "testuser".
+apiVersion: v1
+kind: Pod
+metadata:
+ name: ubuntu-vm-with-testuser
+ annotations:
+ kubernetes.io/target-runtime: virtlet.cloud
+ VirtletCloudInitUserData: |
+ ssh_pwauth: True
+ users:
+ - name: testuser
+ gecos: User
+ primary-group: testuser
+ groups: users
+ lock_passwd: false
+ shell: /bin/bash
+ # the password is "testuser"
+ passwd: "$6$rounds=4096$wPs4Hz4tfs$a8ssMnlvH.3GX88yxXKF2cKMlVULsnydoOKgkuStTErTq2dzKZiIx9R/pPWWh5JLxzoZEx7lsSX5T2jW5WISi1"
+ sudo: ALL=(ALL) NOPASSWD:ALL
+ ssh-authorized-keys:
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost
+ VirtletSSHKeys: |
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost
+spec:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: extraRuntime
+ operator: In
+ values:
+ - virtlet
+ # This is the number of seconds Virtlet gives the VM to shut down cleanly.
+ # The default value of 30 seconds is ok for containers but probably too
+ # low for VM, so overriding it here is strongly advised.
+ terminationGracePeriodSeconds: 120
+ containers:
+ - name: ubuntu-vm
+ image: virtlet.cloud/cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img
+ imagePullPolicy: IfNotPresent
+ # tty and stdin required for `kubectl attach -t` to work
+ tty: true
+ stdin: true
diff --git a/examples/ubuntu-vm-with-volume.yaml b/examples/ubuntu-vm-with-volume.yaml
@@ -0,0 +1,41 @@
+# This example is ubuntu-vm.yaml one extended with example volume for docker
+# which makes it more usable as a test environment
+apiVersion: v1
+kind: Pod
+metadata:
+ name: ubuntu-vm-with-volume
+ annotations:
+ kubernetes.io/target-runtime: virtlet.cloud
+ VirtletSSHKeys: |
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost
+spec:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: extraRuntime
+ operator: In
+ values:
+ - virtlet
+ # This is the number of seconds Virtlet gives the VM to shut down cleanly.
+ # The default value of 30 seconds is ok for containers but probably too
+ # low for VM, so overriding it here is strongly advised.
+ terminationGracePeriodSeconds: 120
+ containers:
+ - name: ubuntu-vm
+ image: virtlet.cloud/cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img
+ imagePullPolicy: IfNotPresent
+ # tty and stdin required for `kubectl attach -t` to work
+ tty: true
+ stdin: true
+ volumeMounts:
+ - name: docker
+ mountPath: /var/lib/docker
+ volumes:
+ - name: docker
+ flexVolume:
+ driver: "virtlet/flexvolume_driver"
+ options:
+ type: qcow2
+ capacity: 2048MB
diff --git a/examples/ubuntu-vm.yaml b/examples/ubuntu-vm.yaml
@@ -4,16 +4,6 @@ metadata:
  name: ubuntu-vm
  annotations:
  kubernetes.io/target-runtime: virtlet.cloud
- VirtletCloudInitUserData: |
- ssh_pwauth: True
- users:
- - name: testuser
- gecos: User
- primary-group: testuser
- groups: users
- lock_passwd: false
- passwd: "$6$rounds=4096$wPs4Hz4tfs$a8ssMnlvH.3GX88yxXKF2cKMlVULsnydoOKgkuStTErTq2dzKZiIx9R/pPWWh5JLxzoZEx7lsSX5T2jW5WISi1"
- sudo: ALL=(ALL) NOPASSWD:ALL
  VirtletSSHKeys: |
  ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaJEcFDXEK2ZbX0ZLS1EIYFZRbDAcRfuVjpstSc0De8+sV1aiu+dePxdkuDRwqFtCyk6dEZkssjOkBXtri00MECLkir6FcH3kKOJtbJ6vy3uaJc9w1ERo+wyl6SkAh/+JTJkp7QRXj8oylW5E20LsbnA/dIwWzAF51PPwF7A7FtNg9DnwPqMkxFo1Th/buOMKbP5ZA1mmNNtmzbMpMfJATvVyiv3ccsSJKOiyQr6UG+j7sc/7jMVz5Xk34Vd0l8GwcB0334MchHckmqDB142h/NCWTr8oLakDNvkfC1YneAfAO41hDkUbxPtVBG5M/o7P4fxoqiHEX+ZLfRxDtHB53 me@localhost
 spec:
@@ -37,13 +27,3 @@ spec:
  # tty and stdin required for `kubectl attach -t` to work
  tty: true
  stdin: true
- volumeMounts:
- - name: docker
- mountPath: /var/lib/docker
- volumes:
- - name: docker
- flexVolume:
- driver: "virtlet/flexvolume_driver"
- options:
- type: qcow2
- capacity: 2048MB