github/confidential-containers
1
0
Fork 0
mirror of https://github.com/confidential-containers/confidential-containers.git synced 2025-10-21 15:31:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

quickstart: Add a note about Enclave CC limitations with Kind

Browse Source 
Enclave CC requires the Kind cluster to be prepared with
`/opt/confidential-containers` to **not** be mounted on an overlayfs,
but rather being part of the `hostPath` mount.

Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
This commit is contained in:
Fabiano Fidêncio
2022-11-10 11:31:39 +01:00
parent 9b797d0ddf
commit 40d3394918
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
quickstart.md
View File

@@ -36,6 +36,9 @@ get using `ansible-galaxy colection install community.docker`.
> **Note** You can also use a Kind or Minikube cluster with containerd runtime to try out the CoCo stack
for development purposes. Make sure to use the `kata-clh` runtime class for your workloads when using Kind or
Minikube, [as QEMU is known to **not** be working with Kind or Minikube](https://github.com/confidential-containers/operator/issues/124).
Also, with the `enclave-cc` runtime class, the cluster must be prepared so that `/opt/confidential-containers`
on the worker nodes is **not** on an overlayfs mount but the path is a `hostPath` mount (see
[a sample configuration](https://github.com/confidential-containers/operator/blob/cf6a4f38114f7c5b71daec6cb666b1b40bcea140/tests/e2e/enclave-cc-kind-config.yaml#L6-L8))
## Prerequisites