Created
May 22, 2018 17:37
-
-
Save jon/fd018b220921a8f1b48743b0ba2d33c7 to your computer and use it in GitHub Desktop.
Kubernetes running a Kata Container on GCE with Nested Virtualization
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Name: nginx-untrusted | |
| Namespace: default | |
| Node: kata/10.138.0.2 | |
| Start Time: Tue, 22 May 2018 17:29:25 +0000 | |
| Labels: <none> | |
| Annotations: io.kubernetes.cri-o.TrustedSandbox=false | |
| io.kubernetes.cri.untrusted-workload=true | |
| kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{"io.kubernetes.cri-o.TrustedSandbox":"false","io.kubernetes.cri.untrusted-workload":"true"},... | |
| Status: Running | |
| IP: 192.168.86.196 | |
| Containers: | |
| nginx: | |
| Container ID: containerd://d78f9a82893b5144913b0758814bff60ab8015c66846f6d88d48495355d5ceff | |
| Image: nginx | |
| Image ID: docker.io/library/nginx@sha256:0fb320e2a1b1620b4905facb3447e3d84ad36da0b2c8aa8fe3a5a81d1187b884 | |
| Port: <none> | |
| Host Port: <none> | |
| State: Running | |
| Started: Tue, 22 May 2018 17:29:35 +0000 | |
| Ready: True | |
| Restart Count: 0 | |
| Environment: <none> | |
| Mounts: | |
| /var/run/secrets/kubernetes.io/serviceaccount from default-token-pgdmp (ro) | |
| Conditions: | |
| Type Status | |
| Initialized True | |
| Ready True | |
| PodScheduled True | |
| Volumes: | |
| default-token-pgdmp: | |
| Type: Secret (a volume populated by a Secret) | |
| SecretName: default-token-pgdmp | |
| Optional: false | |
| QoS Class: BestEffort | |
| Node-Selectors: kata-runtime=true | |
| Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s | |
| node.kubernetes.io/unreachable:NoExecute for 300s | |
| Events: | |
| Type Reason Age From Message | |
| ---- ------ ---- ---- ------- | |
| Normal Scheduled 34s default-scheduler Successfully assigned nginx-untrusted to kata | |
| Normal SuccessfulMountVolume 33s kubelet, kata MountVolume.SetUp succeeded for volume "default-token-pgdmp" | |
| Normal Pulling 30s kubelet, kata pulling image "nginx" | |
| Normal Pulled 23s kubelet, kata Successfully pulled image "nginx" | |
| Normal Created 23s kubelet, kata Created container | |
| Normal Started 23s kubelet, kata Started container | |
| 6755 ? Ssl 0:09 /usr/local/bin/containerd | |
| 7108 ? Sl 0:00 \_ containerd-shim -namespace k8s.io -workdir /var/lib/containerd/io.containerd.runtime.v1.linux/k8s.io/b6a71ffd920a331f60fc3406b47d645f5a9e2542a9c07da0354a050675ac4591 -address /run/containerd/containerd.sock -containerd-binary /usr/local/bin/containerd | |
| 7126 ? Ssl 0:00 | \_ /sidecar --v=2 --logtostderr --probe=kubedns,127.0.0.1:10053,kubernetes.default.svc.cluster.local,5,SRV --probe=dnsmasq,127.0.0.1:53,kubernetes.default.svc.cluster.local,5,SRV | |
| 10529 ? Sl 0:00 \_ containerd-shim -namespace k8s.io -workdir /var/lib/containerd/io.containerd.runtime.v1.linux/k8s.io/9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca -address /run/containerd/containerd.sock -containerd-binary /usr/local/bin/containerd | |
| 10563 ? Sl 0:02 | \_ /opt/kata/bin/qemu-system-x86_64 -name sandbox-9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca -uuid 10a64a56-50eb-4996-8c14-f0478ca87629 -machine pc,accel=kvm,kernel_irqchip,nvdimm -cpu host,pmu=off -qmp unix:/run/vc/sbs/9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca/mon-10a64a56-50eb-4996-8c14-f0,server,nowait -qmp unix:/run/vc/sbs/9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca/ctl-10a64a56-50eb-4996-8c14-f0,server,nowait -m 2048M,slots=2,maxmem=16056M -device pci-bridge,bus=pci.0,id=pci-bridge-0,chassis_nr=1,shpc=on,addr=2 -device virtio-serial-pci,disable-modern=true,id=serial0 -device virtconsole,chardev=charconsole0,id=console0 -chardev socket,id=charconsole0,path=/run/vc/sbs/9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca/console.sock,server,nowait -device nvdimm,id=nv0,memdev=mem0 -object memory-backend-file,id=mem0,mem-path=/opt/kata/kata-containers.img,size=536870912 -device virtio-scsi-pci,id=scsi0,disable-modern=true -device virtserialport,chardev=charch0,id=channel0,name=agent.channel.0 -chardev socket,id=charch0,path=/run/vc/sbs/9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca/kata.sock,server,nowait -device virtio-9p-pci,disable-modern=true,fsdev=extra-9p-kataShared,mount_tag=kataShared -fsdev local,id=extra-9p-kataShared,path=/run/kata-containers/shared/sandboxes/9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca,security_model=none -netdev tap,id=network-0,vhost=on,vhostfds=3:4:5:6:7:8:9:10,fds=11:12:13:14:15:16:17:18 -device driver=virtio-net-pci,netdev=network-0,mac=b6:2d:8f:c8:e1:e6,disable-modern=true,mq=on,vectors=18 -rtc base=utc,driftfix=slew -global kvm-pit.lost_tick_policy=discard -vga none -no-user-config -nodefaults -nographic -daemonize -kernel /opt/kata/vmlinuz.container -append tsc=reliable no_timer_check rcupdate.rcu_expedited=1 i8042.direct=1 i8042.dumbkbd=1 i8042.nopnp=1 i8042.noaux=1 noreplace-smp reboot=k console=hvc0 console=hvc1 iommu=off cryptomgr.notests net.ifnames=0 pci=lastbus=0 root=/dev/pmem0p1 rootflags=dax,data=ordered,errors=remount-ro rw rootfstype=ext4 quiet systemd.show_status=false panic=1 initcall_debug ip=::::::9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca::off:: init=/usr/lib/systemd/systemd systemd.unit=kata-containers.target systemd.mask=systemd-networkd.service systemd.mask=systemd-networkd.socket -smp 1,cores=1,threads=1,sockets=1,maxcpus=240 | |
| 10579 ? Sl 0:00 | \_ /opt/kata/bin/kata-proxy -listen-socket unix:///run/vc/sbs/9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca/proxy.sock -mux-socket /run/vc/sbs/9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca/kata.sock | |
| 10670 ? Sl 0:00 | \_ /opt/kata/bin/kata-shim -agent unix:///run/vc/sbs/9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca/proxy.sock -container 9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca -exec-id 9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca | |
| 10792 ? Sl 0:00 \_ containerd-shim -namespace k8s.io -workdir /var/lib/containerd/io.containerd.runtime.v1.linux/k8s.io/d78f9a82893b5144913b0758814bff60ab8015c66846f6d88d48495355d5ceff -address /run/containerd/containerd.sock -containerd-binary /usr/local/bin/containerd | |
| 10812 ? Sl 0:00 \_ /opt/kata/bin/kata-shim -agent unix:///run/vc/sbs/9e5a234c748d2495ce04dde77a0be9f4fef38365738f05045d51d4b51809faca/proxy.sock -container d78f9a82893b5144913b0758814bff60ab8015c66846f6d88d48495355d5ceff -exec-id d78f9a82893b5144913b0758814bff60ab8015c66846f6d88d48495355d5ceff |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment