cloud-native-setup icon indicating copy to clipboard operation
cloud-native-setup copied to clipboard

Published 20 hours ago verified publisher icon clearlinux

Suggestion: Kata deployment scripts should check that nested virtualization is enabled

Open olberger opened this issue 5 years ago • 8 comments

As exhibited in #87 crio install won't work whenever no nested virtualization has been allowed for KVM on the host.

I think it would be great to have some check when qemu/kvm will be used for kata-containers, to abort or warn prominently if no nested vrtualization is available, which will make qemu to fail, thus crio too.

Thanks in advance.

olberger avatar Apr 20 '19 09:04 olberger

@olberger since the script itself runs only on master, maybe updating https://github.com/kata-containers/packaging/tree/master/kata-deploy is a better idea?

In this repo we could add all examples to make use of node-selector with kata-runtime true label. That way they wont land on nodes that do not support kata-runtime class. This is a workaround for the current limitation in runtimeclass.

cc @egernst @mcastelino

krsna1729 avatar Apr 20 '19 17:04 krsna1729

@olberger thanks for the suggestion!

krsna1729 avatar Apr 20 '19 17:04 krsna1729

@egernst does your kata-deploy script check for this today?

mcastelino avatar Apr 22 '19 18:04 mcastelino

no

egernst avatar Apr 22 '19 19:04 egernst

We should see if we can use NFD to detect support for VT-x and use that as part of kata-deploy when available.

/cc @krsna1729

mcastelino avatar Jun 19 '19 22:06 mcastelino

@mcastelino that will only save a daemonset pod. It doesnt solve the problem of scheduling the actual workload itself

krsna1729 avatar Jun 19 '19 23:06 krsna1729

that will only save a daemonset pod. It doesnt solve the problem of scheduling the actual workload itself

True but AFAICS the limitation comes from RuntimeClass that assumes homogeneous cluster.

mythi avatar Jun 20 '19 06:06 mythi

Yes see second comment

krsna1729 avatar Jun 20 '19 14:06 krsna1729