diff --git a/README.md b/README.md index 5830f60d5..f24fb73ff 100644 --- a/README.md +++ b/README.md @@ -7,12 +7,16 @@ [![Build Status](https://api.travis-ci.org/kubernetes-incubator/cri-containerd.svg?style=flat-square)](https://travis-ci.org/kubernetes-incubator/cri-containerd) [![Go Report Card](https://goreportcard.com/badge/github.com/kubernetes-incubator/cri-containerd?style=flat-square)](https://goreportcard.com/report/github.com/kubernetes-incubator/cri-containerd) -`cri-containerd` is a [containerd](https://containerd.io/) based implementation of Kubernetes [container runtime interface (CRI)](https://github.com/kubernetes/kubernetes/blob/v1.6.0/pkg/kubelet/api/v1alpha1/runtime/api.proto). +`cri-containerd` is a [containerd](https://containerd.io/) based implementation of Kubernetes [container runtime interface (CRI)](https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/apis/cri/v1alpha1/runtime/api.proto). + +With it, you could run Kubernetes using containerd as the container runtime. ![cri-containerd](./docs/cri-containerd.png) ## Current Status -`cri-containerd` is in alpha. This release is for use with Kubernetes 1.8. See -the [roadmap](./docs/proposal.md#roadmap-and-milestones) -for information about current and future milestones. +`cri-containerd` is in alpha: +* It is feature complete. +* It works with Kubernetes >= 1.7. +* It has passed all [CRI validation tests](https://github.com/kubernetes/community/blob/master/contributors/devel/cri-validation.md). +* It has passed all regular [node e2e tests](https://github.com/kubernetes/community/blob/master/contributors/devel/e2e-node-tests.md). ## Installing with Ansible and Kubeadm For a multi node cluster installer and bring up steps using ansible and kubeadm refer [here](contrib/ansible/README.md). ## Getting Started for Developers @@ -32,22 +36,19 @@ and [runtime](https://github.com/opencontainers/runtime-spec) specifications, we will also do our best to update `cri-containerd` to the latest releases of these specifications as appropriate. ### Install Dependencies -1. Install runc dependencies. -* runc requires installation of the libsecomp development library appropriate -for your distribution. `libseccomp-dev` (Ubuntu, Debian) / `libseccomp-devel` +1. Install development libraries: +* **libseccomp development library.** Required by cri-containerd and runc seccomp support. `libseccomp-dev` (Ubuntu, Debian) / `libseccomp-devel` (Fedora, CentOS, RHEL). On releases of Ubuntu <=Trusty and Debian <=jessie a -backport version of `libsecomp-dev` is required. See [travis.yml](.travis.yml) -for an example on trusty. To use apparmor on Debian, Ubuntu, and related -distributions runc requires the installation of `libapparmor-dev`. -2. Install containerd dependencies. -* containerd requires installation of a btrfs development library. `btrfs-tools`(Ubuntu, Debian) / `btrfs-progs-devel`(Fedora, CentOS, RHEL) -3. Install other dependencies: -* `nsenter`: Required by CNI and portforward. -* `socat`: Required by portforward. -4. Install and setup a go1.8.x development environment. -5. Make a local clone of this repository. -6. Install binary dependencies by running the following command from your cloned `cri-containerd/` project directory: -```shell +backport version of `libsecomp-dev` is required. See [travis.yml](.travis.yml) for an example on trusty. +* **libapparmor development library.** Required by cri-containerd and runc apparmor support. To use apparmor on Debian, Ubuntu, and related distributions the installation of `libapparmor-dev` is required. +* **btrfs development library.** Required by containerd btrfs support. `btrfs-tools`(Ubuntu, Debian) / `btrfs-progs-devel`(Fedora, CentOS, RHEL) +2. Install other dependencies: +* **`nsenter`**: Required by CNI and portforward. +* **`socat`**: Required by portforward. +3. Install and setup a go 1.8.x development environment. +4. Make a local clone of this repository. +5. Install binary dependencies by running the following command from your cloned `cri-containerd/` project directory: +```bash # Note: install.deps installs the above mentioned runc, containerd, and CNI # binary dependencies. install.deps is only provided for general use and ease of # testing. To customize `runc` and `containerd` build tags and/or to configure @@ -56,10 +57,23 @@ make install.deps ``` ### Build and Install cri-containerd To build and install `cri-containerd` enter the following commands from your `cri-containerd` project directory: -```shell +```bash make sudo make install ``` +#### Build Tags +`cri-containerd` supports optional build tags for compiling support of various features. +To add build tags to the make option the `BUILDTAGS` variable must be set. + +```bash +make BUILD_TAGS='seccomp apparmor' +``` + +| Build Tag | Feature | Dependency | +|-----------|------------------------------------|---------------------------------| +| seccomp | syscall filtering | libseccomp development library | +| selinux | selinux process and mount labeling | | +| apparmor | apparmor profile support | libapparmor development library | ### Validate Your cri-containerd Setup Another Kubernetes incubator project called [cri-tools](https://github.com/kubernetes-incubator/cri-tools) includes programs for exercising CRI implementations such as `cri-containerd`. @@ -67,25 +81,27 @@ More importantly, cri-tools includes the program `critest` which is used for run [CRI Validation Testing](https://github.com/kubernetes/community/blob/master/contributors/devel/cri-validation.md). Run the CRI Validation test to validate your installation of `cri-containerd`: -```shell +```bash make test-cri ``` -### Running with Kubernetes -If you already have a working development environment for Kubernetes, you can +### Running a Kubernetes local cluster +If you already have a working development environment for supported Kubernetes version, you can try `cri-containerd` in a local cluster: 1. Start `containerd` as root in a first terminal: -```shell +```bash sudo containerd ``` 2. Start `cri-containerd` as root in a second terminal: -```shell +```bash sudo cri-containerd -v 2 --alsologtostderr ``` -3. From the kubernetes project directory startup a local cluster using `cri-containerd`: -```shell +3. From the Kubernetes project directory startup a local cluster using `cri-containerd`: +```bash CONTAINER_RUNTIME=remote CONTAINER_RUNTIME_ENDPOINT='/var/run/cri-containerd.sock' ./hack/local-up-cluster.sh ``` +### Test +See [here](./docs/testing.md) for information about test. ## Documentation See [here](./docs) for additional documentation. ## Contributing