From 2827d1d3753a34ca7fa5118ce0d52f98862f4f8a Mon Sep 17 00:00:00 2001
From: Kroese <kroese@users.noreply.github.com>
Date: Sun, 1 Dec 2024 17:57:00 +0100
Subject: [PATCH] docs: Add TUN device (#861)

---
 compose.yml    |  1 +
 kubernetes.yml | 72 ++++++++++++++++++++++++++++----------------------
 readme.md      |  3 ++-
 3 files changed, 43 insertions(+), 33 deletions(-)

diff --git a/compose.yml b/compose.yml
index 9f7620df..624f703a 100644
--- a/compose.yml
+++ b/compose.yml
@@ -6,6 +6,7 @@ services:
             DISK_SIZE: "16G"
         devices:
             - /dev/kvm
+            - /dev/net/tun
         cap_add:
             - NET_ADMIN
         ports:
diff --git a/kubernetes.yml b/kubernetes.yml
index 8a0b482c..b3a0385a 100644
--- a/kubernetes.yml
+++ b/kubernetes.yml
@@ -1,10 +1,11 @@
+---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: dsm-pvc
 spec:
   accessModes:
-    - ReadWriteOnce
+  - ReadWriteOnce
   resources:
     requests:
       storage: 16Gi
@@ -16,44 +17,51 @@ metadata:
   labels:
     name: dsm
 spec:
-  terminationGracePeriodSeconds: 120 # the Kubernetes default is 30 seconds and it may be not enough
   containers:
-    - name: dsm
-      image: vdsm/virtual-dsm
-      ports:
-        - containerPort: 5000
-          protocol: TCP
-      securityContext:
-        privileged: true
-      env:
-        - name: RAM_SIZE
-          value: 1G
-        - name: CPU_CORES
-          value: "1"
-        - name: DISK_SIZE
-          value: "16G"  # Kubernetes uses Gi, but DSM uses GB
-      volumeMounts:
-        - mountPath: /storage
-          name: storage
-        - mountPath: /dev/kvm
-          name: dev-kvm
+  - name: dsm
+    image: vdsm/virtual-dsm
+    env:
+    - name: RAM_SIZE
+      value: "1G"
+    - name: CPU_CORES
+      value: "1"
+    - name: DISK_SIZE
+      value: "16G"
+    ports:
+    - containerPort: 5000
+    securityContext:
+      capabilities:
+        add:
+        - NET_ADMIN
+      privileged: true
+    volumeMounts:
+    - mountPath: /storage
+      name: storage
+    - mountPath: /dev/kvm
+      name: dev-kvm
+    - mountPath: /dev/net/tun
+      name: dev-tun
+  terminationGracePeriodSeconds: 120
   volumes:
-    - name: storage
-      persistentVolumeClaim:
-        claimName: dsm-pvc
-    - name: dev-kvm
-      hostPath:
-        path: /dev/kvm
+  - name: storage
+    persistentVolumeClaim:
+      claimName: dsm-pvc
+  - hostPath:
+      path: /dev/kvm
+    name: dev-kvm
+  - hostPath:
+      path: /dev/net/tun
+      type: CharDevice
+    name: dev-tun
 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: dsm
 spec:
-  type: NodePort
+  ports:
+  - name: tcp-5000
+    port: 5000
   selector:
     name: dsm
-  ports:
-    - name: tcp-5000
-      port: 5000
-      targetPort: 5000
+  type: NodePort
diff --git a/readme.md b/readme.md
index eded9547..aaf4177b 100644
--- a/readme.md
+++ b/readme.md
@@ -33,6 +33,7 @@ services:
       DISK_SIZE: "16G"
     devices:
       - /dev/kvm
+      - /dev/net/tun
     cap_add:
       - NET_ADMIN
     ports:
@@ -45,7 +46,7 @@ services:
 Via Docker CLI:
 
 ```bash
-docker run -it --rm -p 5000:5000 --device=/dev/kvm --cap-add NET_ADMIN --stop-timeout 120 vdsm/virtual-dsm
+docker run -it --rm -p 5000:5000 --device=/dev/kvm --device=/dev/net/tun --cap-add NET_ADMIN --stop-timeout 120 vdsm/virtual-dsm
 ```
 
 Via Kubernetes: