install: Add minikube instructions

[grahamwhaley]

Add a doc on how to setup and install Kata into Minikube.

[grahamwhaley]

/cc @krsna1729

[grahamwhaley]

@krsna1729 @GabyCT - feedback rolled in thanks. Updated.
but, when I did a dry run through with a fresh minikube install at my desk, launching the example deployment/pod gets stuck in the ContainerCreating status, and there is no qemu running on the node!
I wonder if something has changed maybe in the kata 1.6.2 release (which kata-deploy installed on my node) that is showing some incompatibility with minikube. I'm going to have to debug it (which will be good for my kata-k8s debug skillset).

[grahamwhaley]

@jodh-intel @jcvenegas - oh, Travis gave me a:

ERROR: shell code in file 'install/minikube-installation-guide.md' is not valid

Hmm, shame it did not give me details - and, what are the rules - do all lines have to be executable in the CI/travis system? That no doubt won't work for this minikube code (no minikube installed for a start) - I'm prone to flip all the bash entries to sh entries to avoid the check/execution - unless you can see something obvious and easy to fix?

[jodh-intel]

@grahamwhaley - The rules are in https://github.com/kata-containers/documentation/blob/master/Documentation-Requirements.md#code-blocks.

The problem with your file is that you are using bash code blocks and intermingling commands and command output. If you want this file to be executable, you will need to remove all command output from those blocks. If you really want to show commands and output (not generally recommended), use a ```sh code block instead as they will be ignored.

[grahamwhaley]

Right, I don't think we can realistically execute these bash blocks unless we had some pre-scripts that set up the machine to have kvm and the docker block kvm2 driver installed and minikube itself, which this doc does not cover - I'll flip them all to sh blocks.

[jodh-intel]

Ack. It's a shame though as I was hoping we could offer an automated install alternative to Docker. Maybe that can come later?

[grahamwhaley]

It might. discussed with @egernst yesterday if we can add a minikube ci setup/test for kata-deploy testing at least - we might get the script to auto-install and setup minikube from that.

[jodh-intel]

I'd almost prefer we wait until we can do that since once it's a valid auto-installation option, we can test (and continue to test) that doc to guarantee it doesn't go stale as these things have a habit of doing on their own ;)

[GabyCT]

@grahamwhaley thanks for the changes

[gabibeyer]

When attempting to follow the instructions I came across this bug too. The pod was failing at sandbox creation, and when I ran a kubectl describe pods I got Failed create pod sandbox: rpc error: code = Unknown desc = container create failed: Failed to add filter for index 4 : no such file or directory".

Talked with @grahamwhaley and started doing a little bit of debugging. The first step was getting the last known good version up and running. So I did an scp of the artifacts from 1.6.0 (the version closest to the time it was last working 4/2/19) to minikube, and it worked. 1.6.1 started a container as well, so it seems to be something in 1.6.2 that is breaking it. Going to keep seeing what I can find, but in the meantime, should we open a new issue for this?

[amshinde]

@gabibeyer Just happened to have a look at your error message, that does come from the network code:
https://github.com/kata-containers/runtime/blob/63e1c440a1a77d940af2b8b130249514657b90b3/virtcontainers/network.go#L846

@grahamwhaley Is that the same error you are seeing during the setup?

[wilsonianb]

I just so happened to be trying these instructions (from the gist) today and got the same error deploying the example:
Failed create pod sandbox: rpc error: code = Unknown desc = container create failed: Failed to add filter for index 4 : no such file or directory
Could this be the 1.6.2 change causing it?
kata-containers/runtime#1502

[grahamwhaley]

@amshinde yep, same error. @wilsonianb could be! Minikube is running a v4.15 kernel and a rootfs constructed from a buildroot. It has a config.gz in the fs, which I had a look in - afaict it has all the netlink filtering enabled. @amshinde , any clues on what to look for then? I suspect an ip a from inside minikube might help?...

$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether f0:b9:23:8a:c2:18 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.207/24 brd 192.168.122.255 scope global dynamic eth0
       valid_lft 3359sec preferred_lft 3359sec
    inet6 fe80::f2b9:23ff:fe8a:c218/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether c0:23:26:2f:70:8a brd ff:ff:ff:ff:ff:ff
    inet 192.168.39.221/24 brd 192.168.39.255 scope global dynamic eth1
       valid_lft 3358sec preferred_lft 3358sec
    inet6 fe80::c223:26ff:fe2f:708a/64 scope link 
       valid_lft forever preferred_lft forever
4: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000
    link/sit 0.0.0.0 brd 0.0.0.0
5: mybridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc noqueue state UP group default qlen 1000
    link/ether 0a:58:0a:01:00:01 brd ff:ff:ff:ff:ff:ff
    inet 10.1.0.1/16 scope global mybridge
       valid_lft forever preferred_lft forever
    inet6 fe80::70e3:99ff:fe6d:d2ae/64 scope link 
       valid_lft forever preferred_lft forever
6: veth285ea917@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc noqueue master mybridge state UP group default 
    link/ether 26:29:dc:7b:2f:7c brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::2429:dcff:fe7b:2f7c/64 scope link 
       valid_lft forever preferred_lft forever
7: vethcf6c1fd5@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc noqueue master mybridge state UP group default 
    link/ether ee:3d:ff:66:a3:b1 brd ff:ff:ff:ff:ff:ff link-netnsid 1
    inet6 fe80::ec3d:ffff:fe66:a3b1/64 scope link 
       valid_lft forever preferred_lft forever
8: veth175a9042@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc noqueue master mybridge state UP group default 
    link/ether e2:e2:c6:a6:49:ab brd ff:ff:ff:ff:ff:ff link-netnsid 2
    inet6 fe80::e0e2:c6ff:fea6:49ab/64 scope link 
       valid_lft forever preferred_lft forever

Let us know what to look for (or, of course, you can make a minikube by following the doc in this PR ;-) ).

And then... to confirm - if you run up the minikube and kata, but before you launch the example pod/deployment, minikube ssh into minikube, sudo and go to /opt/kata/share/defaults/kata-containers and edit the configuration-qemu.toml. Flip the default networking from tcfilter to macvtap, and then you can launch the kata deployment/container! :-)

OK, let's see if we can figure out why tcfilter does not work for Minikube, and then either:

• if we have a bug, fix it
• or, maybe we can dynamically detect lack of tcfilter support and back out to use macvtap instead

[grahamwhaley]

I'm sticking a DNM on here until we figure out what to do about the tc networking not working under minikube as is.

[grahamwhaley]

@amshinde - I had a probe around (not that I'm sure what I'm looking for ;-) ) to see if anything obvious jumped out in the minikube about why tc filter add seems to be failing.

I did notice that minikube does not appear to have the macvtap or macvlan modules - do we need either/both of those to use tc?

I did also spot some error/warnings in the dmesg, but I'm not convinced they are the problem, but will post here just in case:

[ 2940.796857] eth0: Caught tx_queue_len zero misconfig
[ 2940.841446] mybridge: port 4(veth3039814e) entered disabled state

It might just be co-incidence that we get an error on index 4, and this is showing an error on port 4.
If there is anything you want me to try, let me know.
I might get the strength to see what it takes to build minikube, just in case ;-)

[grahamwhaley]

@amshinde OK, I think the MACVTAP and other module missing may be red herring - I think they are not modules, but built into the minikube kernel.
Also, that kernel eth0 error looks like it is benignly fixed up in the kernel, so probably also not relevant.
I had a dig around, and it looks to me like our vendor of the netlink library we use is very very old. I may try a local update/build/test of that - I see there was a bug a while back on some of its internal functions that failed if there were many network items live (due to a buffer size restriction). Worth an update/spin I think for a start.

[grahamwhaley]

@amshinde OK, I did a vendor update for the netlink module (if you do that, watch out for vishvananda/netlink#357 btw if you fail to compile...) - and the same fault still happens :-(

[grahamwhaley]

@amshinde in case it helps, I added a few logger lines into network.go and dumped some of the attrs and tapattrs info, just in case anything leapt out. Sorry for the format, this is go's interpretation of the data structures:

time="2019-05-10T16:39:49Z" level=debug msg="setupTCFiltering()" arch=amd64 command=create container=2261fbf40e765e0d007c8297ee1980f6332bb3f86f77626104c4c2893dff700b name=kata-runtime pid=17175 source=virtcontainers subsystem=network
time="2019-05-10T16:39:49Z" level=info msg="TC: attrs" arch=amd64 attrs="&{4 1460 0 eth0 0a:58:0a:01:00:9c up|broadcast|multicast 69699 160 0 <nil>  0xc000443168 0 0xc00025ff00 ether <nil> up 0 0 0 65536 65535 []}" command=create container=2261fbf40e765e0d007c8297ee1980f6332bb3f86f77626104c4c2893dff700b name=kata-runtime pid=17175 source=virtcontainers subsystem=network
time="2019-05-10T16:39:49Z" level=info msg="TC: tapattrs" arch=amd64 command=create container=2261fbf40e765e0d007c8297ee1980f6332bb3f86f77626104c4c2893dff700b name=kata-runtime pid=17175 source=virtcontainers subsystem=network tapattrs="&{5 1500 1000 tap0_kata 7e:48:18:6c:7e:43 broadcast|multicast 4098 0 0 <nil>  0xc000442be4 0 0xc00025fe40 ether <nil> down 0 0 0 65536 65535 []}"
time="2019-05-10T16:39:49Z" level=debug msg="addRedirectTCFilter()" arch=amd64 command=create container=2261fbf40e765e0d007c8297ee1980f6332bb3f86f77626104c4c2893dff700b name=kata-runtime pid=17175 source=virtcontainers subsystem=network
time="2019-05-10T16:39:49Z" level=info msg="TC: src:dest" arch=amd64 command=create container=2261fbf40e765e0d007c8297ee1980f6332bb3f86f77626104c4c2893dff700b dest=5 name=kata-runtime pid=17175 source=virtcontainers src=4 subsystem=network
time="2019-05-10T16:39:49Z" level=error msg="Error bridging virtual endpoint" arch=amd64 command=create container=2261fbf40e765e0d007c8297ee1980f6332bb3f86f77626104c4c2893dff700b error="Failed to add filter for index 4 : no such file or directory" name=kata-runtime pid=17175 source=virtcontainers subsystem=network

If you need me to add more logging, let me know (or throw me a diff/patch)...

[amshinde]

@grahamwhaley finally taking a look at this, this fell out of sight!
So the error is this "Failed to add filter for index 4 : no such file or directory"
I am inclined to think this is because of some missing kernel configs. Can you check if you have the kernel configs related to tc enabled in the minikube kernel? These would be CONFIG_NET_CLS_ACT, CONFIG_NET_INGRESS and CONFIG_NET_EGRESS.

[grahamwhaley]

@amshinde - I will get to look at this, but in case you want to beat me to it, I think the minikube kernel config is over at https://github.com/kubernetes/minikube/blob/master/deploy/iso/minikube-iso/configs/minikube_defconfig

[grahamwhaley]

Heh, oh, that link to the minikube repo is to the buildroot config... here is the one to the kernel config file:
https://github.com/kubernetes/minikube/blob/master/deploy/iso/minikube-iso/board/coreos/minikube/linux_defconfig
but, I'm not 100% sure that is the one that is used, and maybe it also picks up some default settings upon build?... So, logging into my local minikube, I can grab /proc/config.gz and have a look in there. I'm attaching a version here.
minikube_config.txt

From that file:

• CONFIG_NET_CLS_ACT=y
• CONFIG_NET_INGRESS=y
• CONFIG_NET_OUTGRESS=y

All those look to be set @amshinde . Any more ideas? or, we can start trying to add more debug (but I have a feeling ultimately the bottom level netlink library we are using is just running into the default fairly anonymous not found error coming back out from the kernel :-(

Oh, if you want to re-create, just follow the minikube doc guide attached to this PR with any Kata > v1.6.2 (so the kata-deploy will pick that up for you and should fail as is today)

[GabyCT]

/test

[grahamwhaley]

I've stuck a WIP in the title, as I have some edit/updates to do to this I believe before we land.
@jodh-intel @egernst - I did find though that there are no WIP or do not merge labels in the label list now we've enabled auto-magic-global-lable-thingy it seems. Is that intentional? Am I missing something?, as our WIP checker looks for those ;-)

[jodh-intel]

@grahamwhaley - yep, we seemed to have lost those labels in the switch to the new set (amazing how these things pass through review eh? :)

I've now re-added those labels to all repos and raised the following to update the master database of labels:

• Update GitHub labels tests#1670

[jodh-intel]

Thanks @grahamwhaley. Some backticks changes required I think but also, it does look to me like all these commands could be made non-interactive. If so, we could make this document testable.

[jodh-intel]

I'm not clear why we need backticks for these two? If they are project or product names, they can just be left capitalised I think, but use backticks for command names. Also, I guess drop the * as discussed on my runtime PR?

[jodh-intel]

Againk, backticks?

[jodh-intel]

Backticks?

[jodh-intel]

Please can you add backticks to all these options?

[jodh-intel]

Missing backticks.

[jodh-intel]

• Missing $ prompt?
• Could this become something like?:

  $ minikube ssh egrep 'vmx|svm' /proc/cpuinfo

[grahamwhaley]

Sure. We have to add "'s or it goes horribly wrong though:

$ minikube ssh "egrep 'vmx|svm' /proc/cpuinfo"

I would have loved to add the --color option in there as well to make it pop out, but Minikube is based on busybox, so does not have it :-(

[jodh-intel]

Could this become something like?:

$ kubectl get nodes | grep -E "\<minikube\>" | grep -E "\<Ready\>"

[grahamwhaley]

If we were automating a spin wait then maybe, but I think minikube waits until the cluster is notionally up and Ready before it returns to the prompt anyway. Thus, if it failed to start and configure you'd get something like:

The connection to the server localhost:8080 was refused - did you specify the right host or port?

but when it works you see the fairly obvious:

NAME       STATUS   ROLES    AGE   VERSION
minikube   Ready    master   99m   v1.14.3

[jodh-intel]

Oh, so kubectl will block on any command until it can talk to the cluster? OOI I wonder if there is either a formal is-the-cluster-up-yet command or a timeout / async option? If the cluster never comes up, does get nodes error / timeout or just hang forever?

[grahamwhaley]

errors out immediately if the cluster is not up (as it cannot connect to the socket), or returns an answer (even if that is 'no nodes ready yet') otherwise afaik

[jodh-intel]

Yuck. Oh well...

[jodh-intel]

Could this become something like?:

$ kubectl get pods | grep -- -apache-kata | grep -E "\<Running\>"

[grahamwhaley]

I'm not sold. It looks OK on my machine as my distro by default aliases grep to use colour - but, I think having the whole output of kubectl get pods is more normal and useful in a k8s scenario, it's more what the user expects I would think.

[jodh-intel]

Surely there must be some way to detect the pod is running without having to manually eyeball the output though? Maybe a --json option or something to make parsing reliable?

[grahamwhaley]

there is - I'll update to kubectl rollout status deployment php-apache-kata-qemu

[jodh-intel]

Could this and the uname command become two minikube ssh ... command instead?

[grahamwhaley]

sure. found a pgrep string command that does a nice job.

[jodh-intel]

Could this become something like?:

$ pod=$(kubectl get pods | grep -E "\<Running\>" | grep kata- | head -1)
$ kernel=$(kubectl exec -ti "$pod" uname -r)

[grahamwhaley]

similar to above, will replace with:

podname=$(kubectl get pods -o=name | fgrep php-apache-kata-qemu | sed 's?pod/??')
kubectl exec ${podname} -- uname -a

[grahamwhaley]

Updated and pushed.
Updates applied.
I also tested the latest Minikube (v1.1.1) with the latest Kata from kata-deploy (v1.7.1), and it now works fine.

[grahamwhaley]

Explained in the table above - as Kata has 2G default pod RAM sizes, but the Minikube default is only 2G, so v.likely we cannot launch a single default Kata inside a default Minikube without extending the RAM allocation.

[grahamwhaley]

I think the big issue with testability is our reliance on the external docker kvm2 driver (where we link out to the installation instructions), and the fact that drive has some issues as a native installation on some distros.
I'll clean up all the other bits and update the PR, and then see if I can work out how do do a 'docs execution' locally and peek at how hard it would be to make it runnable.
We would really like to have minikube in the CI, particuarly for kata-deploy, but I'm not sure if we can realistically use this doc to help with that.

[grahamwhaley]

If we were automating a spin wait then maybe, but I think minikube waits until the cluster is notionally up and Ready before it returns to the prompt anyway. Thus, if it failed to start and configure you'd get something like:

The connection to the server localhost:8080 was refused - did you specify the right host or port?

but when it works you see the fairly obvious:

NAME       STATUS   ROLES    AGE   VERSION
minikube   Ready    master   99m   v1.14.3

[grahamwhaley]

Sure. We have to add "'s or it goes horribly wrong though:

$ minikube ssh "egrep 'vmx|svm' /proc/cpuinfo"

I would have loved to add the --color option in there as well to make it pop out, but Minikube is based on busybox, so does not have it :-(

[grahamwhaley]

@krsna1729 heh, sleep 100. sigh. hmm, I'm not over the moon with that ;-)
Let me see if there is some way to check kata-deploy has entered its infinity sleep state (which is what it does when it completes). Maybe we need to add some magic to kata-deploy to create a 'I am done' marker at the end of its work loop...

[grahamwhaley]

@krsna1729 @jodh-intel @amshinde @egernst Well, best I can come up with to check if kata-deploy has finished its work is:

podname=$(kubectl -n kube-system get pods -o=name | fgrep kata-deploy | sed 's?pod/??')
active=$(kubectl -n kube-system exec ${podname} -- ps -ef | fgrep infinity)

Better than guessing I guess - but, not great, and only really works in the single node case - does not scale out well.
I had a quick look at daemonsets - no obvious in-built way to manage 'status' - I think it would have to be built on some other infra method, and have the kata-deploy pods push status out to something else.

For the minikube docs, I'll update to the above ps sleep infinity hack, and note this only works for single node clusters.

[grahamwhaley]

I'm not sold. It looks OK on my machine as my distro by default aliases grep to use colour - but, I think having the whole output of kubectl get pods is more normal and useful in a k8s scenario, it's more what the user expects I would think.

[grahamwhaley]

sure. found a pgrep string command that does a nice job.

[grahamwhaley]

similar to above, will replace with:

podname=$(kubectl get pods -o=name | fgrep php-apache-kata-qemu | sed 's?pod/??')
kubectl exec ${podname} -- uname -a

[grahamwhaley]

/test

[jodh-intel]

Nit: You could sort the options alphabetically.

[grahamwhaley]

I could, but I think as they are they keep related items (particularly the cni ones for instance) together. They also align somewhat with the order in the upstream Minikube docs iirc.

[jodh-intel]

If they group logically, you could add a new column for that to make it clear (and then sort by that grouping column and sub-sort by the what column).

[grahamwhaley]

if the only way to get the PR landed is to sort them .... table now sorted.

[jodh-intel]

The MacOS and Windows sentences could be turned into a "Note" or a "Warning" maybe?

https://github.com/kata-containers/documentation/blob/master/Documentation-Requirements.md#warnings-and-other-admonitions

[grahamwhaley]

done

[jodh-intel]

Two notes next to each other, so I'd turn them into a list:

Notes:

• item one.
• item two.

[grahamwhaley]

Done. and for the new pair of notes earlier on. let's see if I got the formatting right..

[jodh-intel]

• Can you expand > and < into words for clarity?
• s/did not work for/does not work with/

[grahamwhaley]

done

[jodh-intel]

Oh, so kubectl will block on any command until it can talk to the cluster? OOI I wonder if there is either a formal is-the-cluster-up-yet command or a timeout / async option? If the cluster never comes up, does get nodes error / timeout or just hang forever?

[jodh-intel]

I know you are trying to be helpful by providing command output throughout this doc. But I believe the best practice is to avoid showing any command output unless absolutely necessary; commands have a nasty habit of changing their output format so showing output that is different to what the user sees is worse than not showing output. I've tried to allude to that at the bottom of https://github.com/kata-containers/documentation/blob/master/Documentation-Requirements.md#code-blocks.

Maybe @klynnrif can comment on this.

[klynnrif]

@jodh-intel I agree. In general, if you can avoid showing output you should avoid it.

[grahamwhaley]

dropped the output and added a relevant genericised sentence on what to look for.

[jodh-intel]

It would probably be worth referencing https://github.com/kata-containers/packaging/blob/master/kata-deploy/scripts/kata-deploy.sh as that is what (currently) runs the sleep.

[grahamwhaley]

done. reworded. moved the comment out of the code block.

[jodh-intel]

These two sentences are essentially saying the same thing. I'd consider dropping the "Nominally, " sentence.

[grahamwhaley]

done

[jodh-intel]

Could this be simplified to the following?:

This guide has shown an easy way to setup a Minikube with Kata Containers.

[grahamwhaley]

done

[jodh-intel]

s/It will have/It has/

[grahamwhaley]

rephrased a bit

[jodh-intel]

s/utilises running/creates/ ?

[grahamwhaley]

done

[jodh-intel]

Maybe turn this around and make it prescriptive:

Install Kata Containers in a Minikube cluster using kata-deploy.

[grahamwhaley]

I don't think prescriptive works in the Introduction - this is describing what can be done, not what to do or how to do it. Later in the 'installing Kata Containers' section is/can be prescriptive.

[jodh-intel]

Agreed.

[jodh-intel]

I'm still not clear on this magic number - why/how is 6144 "sufficient"?

[jodh-intel]

Thanks for updating @grahamwhaley. A bunch more comments.

@klynnrif - ptal.

[jodh-intel]

I still don't think this is explained clearly enough in the document but let's see what other think...

[jodh-intel]

Yuck. Oh well...

[jodh-intel]

How about a compromise:

$ egrep -o -m 1 'vmx|svm' /proc/cpuinfo

You can then explain that if the command above returns any output, the system is usable. That's better than a number and imho one heck of a lot better than the rest of the noise in that file which users shouldn't care about (and which just adds noise to our docs imho).

[jodh-intel]

This is perfect as the paragraph explains the output of the shell block above. But that means you can drop the command output since, as confirmed by the doc team, we should avoid displaying command output unless absolutely necessary (see https://github.com/kata-containers/documentation/blob/master/Documentation-Requirements.md#code-blocks).

There are still quite a few examples of command output in this doc.

[grahamwhaley]

🤷‍♂️ nuked.

[jodh-intel]

• typo: "installation".
• nit: double space.

[grahamwhaley]

done

[jodh-intel]

If they group logically, you could add a new column for that to make it clear (and then sort by that grouping column and sub-sort by the what column).

[grahamwhaley]

repushed

[grahamwhaley]

went with -c - I'd thought the count was just the retval, but is also on stdout, so is OK to explain.

[grahamwhaley]

done

[grahamwhaley]

if the only way to get the PR landed is to sort them .... table now sorted.

[grahamwhaley]

I've added an extra Note: to try and help.

[grahamwhaley]

🤷‍♂️ nuked.

[klynnrif]

Scrubbed for grammar, structure, and flow. Sentence rewrites suggested to keep an active voice. Thanks!

[klynnrif]

Spelling error "compatability" => compatibility

[grahamwhaley]

done

[klynnrif]

Suggested rewrite to stay active:
Minikube/Kubernetes versions <= 1.13 only requires this step.

[grahamwhaley]

done, but I moved the 'only' earlier:

Only Minikube/Kubernetes versions <= 1.13 require this step.

[klynnrif]

Suggested rewrite to stay active:
The Kata Containers installation process should be complete and enabled in the Minikube cluster.

[grahamwhaley]

done

[grahamwhaley]

@klynnrif - changes applied and pushed. thx

[grahamwhaley]

done

[grahamwhaley]

done

[grahamwhaley]

done

[grahamwhaley]

done

[grahamwhaley]

I've moved the reference to Apache PHP to the previous sentence to avoid having to try and keep the post-tense reference.

[grahamwhaley]

done

[jodh-intel]

"MacOS" isn't in the dictionary I'm afraid ;) To correct that, all you need to do is add MacOS/B (exactly as I've written it) in one of the spell checkers data files, say one of:

• https://github.com/kata-containers/tests/blob/master/cmd/check-spelling/data/main.txt
• https://github.com/kata-containers/tests/blob/master/cmd/check-spelling/data/distros.txt

[grahamwhaley]

so, open another PR in another repo, sigh....
and, looks like it is macOS (capitalisation).
OK, let me go make another PR...
Over at kata-containers/tests#1826
I'll see if that lands, or if we need to add a depends on this PR for it.

[jodh-intel]

Nice. Is there an obvious "next step" (or "further information") you could point users at?

[grahamwhaley]

hmm, not one that I can immediately think of. Next step would be to pick your route to a 'full k8s install', and you'd still use the above kube-deploy style install probably. I think there are too many possibilities to choose one to suggest.

[jodh-intel]

Agreed.

[grahamwhaley]

Updated, pushed.
We may want to wait for the 'macOS' spellcheck PR to land before we spin a CI again.

[grahamwhaley]

so, open another PR in another repo, sigh....
and, looks like it is macOS (capitalisation).
OK, let me go make another PR...
Over at kata-containers/tests#1826
I'll see if that lands, or if we need to add a depends on this PR for it.

[grahamwhaley]

hmm, not one that I can immediately think of. Next step would be to pick your route to a 'full k8s install', and you'd still use the above kube-deploy style install probably. I think there are too many possibilities to choose one to suggest.

[jodh-intel]

Thanks @grahamwhaley.

[klynnrif]

lgtm - thanks!