-
-
Save alexellis/13ed0de2211e1ac9bd1cb5f8a7e19d47 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Start with clean install of Ubuntu 20.04 | |
### Install dependencies | |
( sudo apt update && \ | |
sudo apt install git curl qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils golang-go socat -qy | |
) | |
### Install faasd | |
( | |
git clone https://github.com/openfaas/faasd --depth=1 && \ | |
cd faasd && \ | |
./hack/install.sh | |
) | |
cat << EOF | sudo tee /lib/systemd/system/faasd-provider.service | |
[Unit] | |
Description=faasd-provider | |
[Service] | |
MemoryLimit=500M | |
Environment="FUNCTION_RUNTIME=io.containerd.run.kata.v2" | |
Environment="secret_mount_path=/var/lib/faasd/secrets" | |
Environment="basic_auth=true" | |
ExecStart=/usr/local/bin/faasd provider | |
Restart=on-failure | |
RestartSec=10s | |
WorkingDirectory=/var/lib/faasd-provider | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
( | |
sudo systemctl stop faasd && sudo systemctl stop faasd-provider && \ | |
curl -LS https://dl.exit.o6s.io/faasd -o /tmp/faasd && \ | |
sudo chmod +x /tmp/faasd && \ | |
sudo mv /tmp/faasd /usr/local/bin/ | |
) | |
### Install kata | |
bash -c "$(curl -fsSL https://raw.githubusercontent.com/kata-containers/tests/master/cmd/kata-manager/kata-manager.sh) install-packages" | |
### Test with ctr | |
( | |
sudo ctr image pull docker.io/library/busybox:latest | |
sudo ctr run -t --rm docker.io/library/busybox:latest hello uname -a # => launches with runc (per `ps`) | |
sudo ctr run --runtime io.containerd.run.kata.v2 -t --rm docker.io/library/busybox:latest hello uname -a # => launches with kata (per `ps`) | |
) | |
### Configure containerd per kata instructions (https://github.com/kata-containers/documentation/blob/master/how-to/containerd-kata.md#install-kata-containers) | |
sudo mkdir /etc/containerd | |
cat <<EOF | sudo tee /etc/containerd/config.toml | |
[plugins.cri.containerd] | |
no_pivot = false | |
[plugins.cri.containerd.runtimes] | |
[plugins.cri.containerd.runtimes.runc] | |
runtime_type = "io.containerd.runc.v1" | |
[plugins.cri.containerd.runtimes.runc.options] | |
NoPivotRoot = false | |
NoNewKeyring = false | |
ShimCgroup = "" | |
IoUid = 0 | |
IoGid = 0 | |
BinaryName = "runc" | |
Root = "" | |
CriuPath = "" | |
SystemdCgroup = false | |
[plugins.cri.containerd.runtimes.kata] | |
runtime_type = "io.containerd.kata.v2" | |
[plugins.cri.containerd.runtimes.katacli] | |
runtime_type = "io.containerd.runc.v1" | |
[plugins.cri.containerd.runtimes.katacli.options] | |
NoPivotRoot = false | |
NoNewKeyring = false | |
ShimCgroup = "" | |
IoUid = 0 | |
IoGid = 0 | |
BinaryName = "/usr/bin/kata-runtime" | |
Root = "" | |
CriuPath = "" | |
SystemdCgroup = false | |
EOF | |
( | |
sudo systemctl daemon-reload ; | |
sudo systemctl restart containerd ; | |
sudo systemctl restart faasd ; | |
sudo systemctl restart faasd-provider ; | |
) | |
### Deploy faasd function | |
cat /var/lib/faasd/secrets/basic-auth-password | faas-cli login -u admin --password-stdin | |
faas-cli deploy --image ghcr.io/openfaas/alpine:latest --fprocess "uname -a" --name uname | |
ps aux | grep uname # => /usr/local/bin/containerd-shim-runc-v2 -namespace openfaas-fn -id uname -address /run/containerd/containerd.sock | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment