minikube/docs/vmdriver-none.md

# vm-driver=none

## Overview

This document is written for system integrators who are familiar with minikube, and wish to run it within a customized VM environment.

The `none` driver allows advanced minikube users to skip VM creation, allowing minikube to be run on a user-supplied VM.

## What operating systems are supported?

The `none` driver supports releases of Debian, Ubuntu, and Fedora that are less than 2 years old. In practice, any systemd-based modern distribution is likely to work, and we will accept pull requests which improve compatibility with other systems.

## Can the none driver be used outside of a VM?

Not if you can avoid it.

minikube was designed to run Kubernetes within a dedicated VM, and assumes that it has complete control over the machine it is executing on. With the `none` driver, minikube will overwrite the following system paths:

* /usr/local/bin/kubeadm
* /usr/local/bin/kubectl
* /etc/kubernetes

It will also install `kubelet` as a systemd service, as well as start/stop container runtime services if installed.

## Security Limitations

With the `none` driver, minikube has limited container isolation abilities. Applications running in a container may be able to access your host filesystem. Through using a container escape vulnerability such as [CVE-2019-5736](https://access.redhat.com/security/vulnerabilities/runcescape), they may also be able to execute arbitrary code on your host.

When using the `none` driver, it is highly recommended that your host is isolated from the rest of the network using a firewall.

Additionally, minikube with the `none` driver has a very confusing permissions model, as some commands need to be run as root ("start"), and others by a regular user ("dashboard"). In a future release, we intend to disallow running `minikube`, and instead call into `sudo` when necesarry to avoid permissions issues.

## Uninstalling

The `none` driver now supports uninstallation via `minikube delete`. Please note that it will not fully remove /etc/kubernetes, since it does not track which files in /etc/kubernetes existed before the installation.

## Known Issues

* You cannot run more than one `--vm-driver=none` instance on a single host
* Many `minikube` commands are not supported, such as: `dashboard`, `mount`, `ssh`
Add initial documentation for --vm-driver=none 2018-10-09 22:57:25 +00:00			`# vm-driver=none`

			`## Overview`

			`This document is written for system integrators who are familiar with minikube, and wish to run it within a customized VM environment.`

Make the none driver clearer. 2019-02-16 05:45:49 +00:00			The `none` driver allows advanced minikube users to skip VM creation, allowing minikube to be run on a user-supplied VM.
Add initial documentation for --vm-driver=none 2018-10-09 22:57:25 +00:00
			`## What operating systems are supported?`

More clarifications 2019-02-18 14:46:03 +00:00			The `none` driver supports releases of Debian, Ubuntu, and Fedora that are less than 2 years old. In practice, any systemd-based modern distribution is likely to work, and we will accept pull requests which improve compatibility with other systems.
Add initial documentation for --vm-driver=none 2018-10-09 22:57:25 +00:00
Fix subtitles 2019-02-18 14:46:46 +00:00			`## Can the none driver be used outside of a VM?`
Add initial documentation for --vm-driver=none 2018-10-09 22:57:25 +00:00
Make the none driver clearer. 2019-02-16 05:45:49 +00:00			`Not if you can avoid it.`
Add initial documentation for --vm-driver=none 2018-10-09 22:57:25 +00:00
Make the none driver clearer. 2019-02-16 05:45:49 +00:00			minikube was designed to run Kubernetes within a dedicated VM, and assumes that it has complete control over the machine it is executing on. With the `none` driver, minikube will overwrite the following system paths:
Add initial documentation for --vm-driver=none 2018-10-09 22:57:25 +00:00
Make the none driver clearer. 2019-02-16 05:45:49 +00:00			`* /usr/local/bin/kubeadm`
			`* /usr/local/bin/kubectl`
			`* /etc/kubernetes`
Add initial documentation for --vm-driver=none 2018-10-09 22:57:25 +00:00
More clarifications 2019-02-18 14:46:03 +00:00			It will also install `kubelet` as a systemd service, as well as start/stop container runtime services if installed.

			`## Security Limitations`

			With the `none` driver, minikube has limited container isolation abilities. Applications running in a container may be able to access your host filesystem. Through using a container escape vulnerability such as [CVE-2019-5736](https://access.redhat.com/security/vulnerabilities/runcescape), they may also be able to execute arbitrary code on your host.

			When using the `none` driver, it is highly recommended that your host is isolated from the rest of the network using a firewall.

			Additionally, minikube with the `none` driver has a very confusing permissions model, as some commands need to be run as root ("start"), and others by a regular user ("dashboard"). In a future release, we intend to disallow running `minikube`, and instead call into `sudo` when necesarry to avoid permissions issues.
Add initial documentation for --vm-driver=none 2018-10-09 22:57:25 +00:00
Fix subtitles 2019-02-18 14:46:46 +00:00			`## Uninstalling`
Add initial documentation for --vm-driver=none 2018-10-09 22:57:25 +00:00
More clarifications 2019-02-18 14:46:03 +00:00			The `none` driver now supports uninstallation via `minikube delete`. Please note that it will not fully remove /etc/kubernetes, since it does not track which files in /etc/kubernetes existed before the installation.
Add initial documentation for --vm-driver=none 2018-10-09 22:57:25 +00:00
			`## Known Issues`

Make the none driver clearer. 2019-02-16 05:45:49 +00:00			* You cannot run more than one `--vm-driver=none` instance on a single host
			* Many `minikube` commands are not supported, such as: `dashboard`, `mount`, `ssh`