diff --git a/site/content/en/docs/Getting started/linux.md b/site/content/en/docs/Getting started/linux.md index 4b7dddfe5b..07f095f284 100644 --- a/site/content/en/docs/Getting started/linux.md +++ b/site/content/en/docs/Getting started/linux.md @@ -59,29 +59,13 @@ If the above command outputs "no": {{% /tab %}} {{% tab "KVM" %}} -The KVM driver requires libvirt and qemu-kvm to be installed: +### Prerequisites Installation -- Debian or Ubuntu 18.x: `sudo apt install libvirt-clients libvirt-daemon-system qemu-kvm` -- Ubuntu 16.x or older: `sudo apt install libvirt-bin libvirt-daemon-system qemu-kvm` -- Fedora/CentOS/RHEL: `sudo yum install libvirt libvirt-daemon-kvm qemu-kvm` -- openSUSE/SLES: `sudo zypper install libvirt qemu-kvm` +{{% readfile file="/docs/Reference/Drivers/_kvm2_prereqs_install.md" %}} -Additionally, The KVM driver requires an additional binary to be installed: +### Driver Installation -```shell - curl -LO https://storage.googleapis.com/minikube/releases/latest/docker-machine-driver-kvm2 \ - && sudo install docker-machine-driver-kvm2 /usr/local/bin/ -``` - -### Validate libvirt - -Before trying minikube, assert that libvirt is in a healthy state: - -```shell -virt-host-validate -``` - -If you see any errors, stop now and consult your distributions documentation on configuring libvirt. +{{% readfile file="/docs/Reference/Drivers/_kvm2_driver_install.md" %}} ### Using the kvm2 driver diff --git a/site/content/en/docs/Reference/Drivers/_index.md b/site/content/en/docs/Reference/Drivers/_index.md index f3ca3ba2fb..c1c0adb612 100644 --- a/site/content/en/docs/Reference/Drivers/_index.md +++ b/site/content/en/docs/Reference/Drivers/_index.md @@ -3,6 +3,8 @@ title: "Drivers" linkTitle: "Drivers" weight: 8 date: 2017-01-05 +date: 2018-08-05 description: > - Configuring minikube drivers + Configuring various minikube drivers --- +minikube uses the Docker Machine library to provide a consistent way to interact with hypervisors. While most drivers are linked directly into the minikube program, some may require an additional binary to be downloaded due to technical or legal restrictions. diff --git a/site/content/en/docs/Reference/Drivers/_kvm2_driver_install.md b/site/content/en/docs/Reference/Drivers/_kvm2_driver_install.md new file mode 100644 index 0000000000..6b56ee16c4 --- /dev/null +++ b/site/content/en/docs/Reference/Drivers/_kvm2_driver_install.md @@ -0,0 +1,4 @@ +```shell + curl -LO https://storage.googleapis.com/minikube/releases/latest/docker-machine-driver-kvm2 \ + && sudo install docker-machine-driver-kvm2 /usr/local/bin/ +``` diff --git a/site/content/en/docs/Reference/Drivers/_kvm2_prereqs_install.md b/site/content/en/docs/Reference/Drivers/_kvm2_prereqs_install.md new file mode 100644 index 0000000000..c12604ec0e --- /dev/null +++ b/site/content/en/docs/Reference/Drivers/_kvm2_prereqs_install.md @@ -0,0 +1,15 @@ +Proper installation of KVM and libvirt is highly specific to each Linux distribution. Please consult: + +* [ArchLinux](https://wiki.archlinux.org/index.php/Libvirt) +* [Debian](https://wiki.debian.org/KVM#Installation) +* [Fedora](https://docs.fedoraproject.org/en-US/quick-docs/getting-started-with-virtualization/) +* [Gentoo](https://wiki.gentoo.org/wiki/QEMU) +* [OpenSUSE](https://doc.opensuse.org/documentation/leap/virtualization/html/book.virt/cha.vt.installation.html) +* [RedHat](https://access.redhat.com/articles/1344173#Q_how-install-virtualization-packages) +* [Ubuntu](https://help.ubuntu.com/community/KVM/Installation) + +Once configured, validate that libvirt shows no warning or error messages: + +```shell +virt-host-validate +``` diff --git a/site/content/en/docs/Reference/Drivers/kvm2.md b/site/content/en/docs/Reference/Drivers/kvm2.md new file mode 100644 index 0000000000..f3f27bae9e --- /dev/null +++ b/site/content/en/docs/Reference/Drivers/kvm2.md @@ -0,0 +1,62 @@ +--- +title: "kvm2" +linkTitle: "kvm2" +weight: 1 +date: 2017-01-05 +date: 2018-08-05 +description: > + Linux KVM (Kernel-based Virtual Machine Driver +--- + +## Overview + +[KVM (Kernel-based Virtual Machine)](https://www.linux-kvm.org/page/Main_Page) is a full virtualization solution for Linux on x86 hardware containing virtualization extensions. To work with KVM, minikube uses the [libvirt virtualization API](https://libvirt.org/) + +## Requirements + +- libvirt v1.3.1 or higher +- qemu-kvm v2.0 or higher + +## Prerequisites Installation + +{{% readfile file="/docs/Reference/Drivers/_kvm2_prereqs_install.md" %}} + +## Driver Installation + +{{% readfile file="/docs/Reference/Drivers/_kvm2_driver_install.md" %}} + +## Using the kvm2 driver + +```shell +minikube start --vm-driver=kvm2 +``` +To make kvm2 the default for future invocations, run: + +```shell +minikube config set vm-driver kvm2 +``` + +## Driver Differences + +The `minikube start` command supports 3 additional kvm specific flags: + +* **\--gpu**: Enable experimental NVIDIA GPU support in minikube +* **\--hidden**: Hide the hypervisor signature from the guest in minikube +* **\--kvm-network**: The KVM network name + +## Known Issues + +* `minikube` will repeatedly for root password if user is not in the correct `libvirt` group [#3467](https://github.com/kubernetes/minikube/issues/3467) +* `Machine didn't return an IP after 120 seconds` when firewall prevents VM network access [#3566](https://github.com/kubernetes/minikube/issues/3566) +* `unable to set user and group to '65534:992` when `dynamic ownership = 1` in `qemu.conf` [#4467](https://github.com/kubernetes/minikube/issues/4467) +* KVM VM's cannot be used simultaneously with VirtualBox [#4913](https://github.com/kubernetes/minikube/issues/4913) +* On some distributions, libvirt bridge networking may fail until the host reboots + +Also see [co/kvm2 open issues](https://github.com/kubernetes/minikube/labels/co%2Fkvm2) + +## Troubleshooting + +* Run `minikube start --alsologtostderr -v=7` to debug crashes related to kvm +* Run `docker-machine-kvm2 version` to verify the kvm2 driver executes properly. +* Read [How to debug Virtualization problems](https://fedoraproject.org/wiki/How_to_debug_Virtualization_problems) + \ No newline at end of file diff --git a/site/content/en/docs/Reference/Networking/accessing-host-resources.md b/site/content/en/docs/Tasks/accessing-host-resources.md similarity index 100% rename from site/content/en/docs/Reference/Networking/accessing-host-resources.md rename to site/content/en/docs/Tasks/accessing-host-resources.md diff --git a/site/content/en/docs/Tasks/building_within.md b/site/content/en/docs/Tasks/building_within.md new file mode 100644 index 0000000000..60ffa2a483 --- /dev/null +++ b/site/content/en/docs/Tasks/building_within.md @@ -0,0 +1,37 @@ +--- +title: "Building within" +date: 2019-08-05 +weight: 1 +description: > + Building images from within minikube +--- + +When using a single VM of Kubernetes it's really handy to build inside the VM; as this means you don't have to build on your host machine and push the image into a docker registry - you can just build inside the same machine as minikube which speeds up local experiments. + +## Docker (containerd) + +For Docker, you can either set up your host docker client to communicate by [reusing the docker daemon](docker_daemon.md). + +Or you can use `minikube ssh` to connect to the virtual machine, and run the `docker build` there: + +```shell +docker build +``` + +For more information on the `docker build` command, read the [Docker documentation](https://docs.docker.com/engine/reference/commandline/build/) (docker.com). + +## Podman (cri-o) + +For Podman, there is no daemon running. The processes are started by the user, monitored by `conmon`. + +So you need to use `minikube ssh`, and you will also make sure to run the command as the root user: + +```shell +sudo -E podman build +``` + +For more information on the `podman build` command, read the [Podman documentation](https://github.com/containers/libpod/blob/master/docs/podman-build.1.md) (podman.io). + +## Build context + +For the build context you can use any directory on the virtual machine, or any address on the network. diff --git a/site/content/en/docs/Tasks/dashboard.md b/site/content/en/docs/Tasks/dashboard.md new file mode 100644 index 0000000000..3e22064b94 --- /dev/null +++ b/site/content/en/docs/Tasks/dashboard.md @@ -0,0 +1,49 @@ +--- +title: "Dashboard" +date: 2019-07-31 +weight: 1 +description: > + Using the Kubernetes Dashboard +--- + +minikube has integrated support for the [Kubernetes Dashboard UI](https://github.com/kubernetes/dashboard). + +## Synopsis + +The Dashboard is a web-based Kubernetes user interface. You can use it to: + + +- deploy containerized applications to a Kubernetes cluster +- troubleshoot your containerized application +- manage the cluster resources +- get an overview of applications running on your cluster +- creating or modifying individual Kubernetes resources (such as Deployments, Jobs, DaemonSets, etc) + +For example, you can scale a Deployment, initiate a rolling update, restart a pod or deploy new applications using a deploy wizard. + +## Basic usage + +To access the dashboard: + +```shell +minikube dashboard +``` + +This will enable the dashboard add-on, and open the proxy in the default web browser. + +It's worth noting that web browsers generally do not run properly as the root user, so if you are +in an environment where you are running as root, see the URL-only option. + +To stop the proxy (leaves the dashboard running), abort the started process (`Ctrl+C`). + +## Getting just the dashboard URL + +If you don't want to open a web browser, the dashboard command can also simply emit a URL: + +```shell +minikube dashboard --url +``` + +## Reference + +For additional information, see [the official Dashboard documentation](https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/). diff --git a/site/content/en/docs/Tasks/docker_daemon.md b/site/content/en/docs/Tasks/docker_daemon.md new file mode 100644 index 0000000000..d8e00e0d5b --- /dev/null +++ b/site/content/en/docs/Tasks/docker_daemon.md @@ -0,0 +1,56 @@ +--- +title: "Using the Docker daemon" +linkTitle: "Using the Docker daemon" +weight: 6 +date: 2018-08-02 +description: > + How to access the Docker daemon within minikube +--- + +## Prerequisites + +You must be using minikube with the container runtime set to Docker. This is the default setting. + +## Method 1: Without minikube registry addon + +When using a single VM of Kubernetes it's really handy to reuse the Docker daemon inside the VM; as this means you don't have to build on your host machine and push the image into a docker registry - you can just build inside the same docker daemon as minikube which speeds up local experiments. + +To be able to work with the docker daemon on your mac/linux host use the docker-env command in your shell: + +```shell +eval $(minikube docker-env) +``` + +You should now be able to use docker on the command line on your host mac/linux machine talking to the docker daemon inside the minikube VM: + +```shell +docker ps +``` + +Docker may report following forbidden error if you are using http proxy and the `$(minikube ip)` is not added to `no_proxy`/`NO_PROXY`: + +```shell +error during connect: Get https://192.168.39.98:2376/v1.39/containers/json: Forbidden +``` + +On Centos 7, docker may report the following error: + +```shell +Could not read CA certificate "/etc/docker/ca.pem": open /etc/docker/ca.pem: no such file or directory +``` + +The fix is to update /etc/sysconfig/docker to ensure that minikube's environment changes are respected: + +```diff +< DOCKER_CERT_PATH=/etc/docker +--- +> if [ -z "${DOCKER_CERT_PATH}" ]; then +> DOCKER_CERT_PATH=/etc/docker +> fi +``` + +Remember to turn off the _imagePullPolicy:Always_, as otherwise Kubernetes won't use images you built locally. + +## Related Documentation + +- [docker_registry.md](Using the Docker registry) \ No newline at end of file diff --git a/site/content/en/docs/Tasks/docker_registry.md b/site/content/en/docs/Tasks/docker_registry.md new file mode 100644 index 0000000000..fe16b6831d --- /dev/null +++ b/site/content/en/docs/Tasks/docker_registry.md @@ -0,0 +1,48 @@ +--- +title: "Using the Docker registry" +linkTitle: "Using the Docker registry" +weight: 6 +date: 2018-08-02 +description: > + How to access the Docker registry within minikube +--- + +As an alternative to [reusing the Docker daemon](docker_daemon.md), you may enable the registry addon to push images directly into registry. + +Steps are as follows: + +For illustration purpose, we will assume that minikube VM has one of the ip from `192.168.39.0/24` subnet. If you have not overridden these subnets as per [networking guide](https://github.com/kubernetes/minikube/blob/master/docs/networking.md), you can find out default subnet being used by minikube for a specific OS and driver combination [here](https://github.com/kubernetes/minikube/blob/dfd9b6b83d0ca2eeab55588a16032688bc26c348/pkg/minikube/cluster/cluster.go#L408) which is subject to change. Replace `192.168.39.0/24` with appropriate values for your environment wherever applicable. + +Ensure that docker is configured to use `192.168.39.0/24` as insecure registry. Refer [here](https://docs.docker.com/registry/insecure/) for instructions. + +Ensure that `192.168.39.0/24` is enabled as insecure registry in minikube. Refer [here](https://github.com/kubernetes/minikube/blob/master/docs/insecure_registry.md) for instructions.. + +Enable minikube registry addon: + +```shell +minikube addons enable registry +``` + +Build docker image and tag it appropriately: + +```shell +docker build --tag $(minikube ip):5000/test-img . +``` + +Push docker image to minikube registry: + +```shell +docker push $(minikube ip):5000/test-img +``` + +Now run it in minikube: + +```shell +kubectl run test-img --image=$(minikube ip):5000/test-img +``` + +Or if `192.168.39.0/24` is not enabled as insecure registry in minikube, then: + +```shell +kubectl run test-img --image=localhost:5000/test-img +``` diff --git a/site/content/en/docs/Tasks/loadbalancer.md b/site/content/en/docs/Tasks/loadbalancer.md new file mode 100644 index 0000000000..38c70c991d --- /dev/null +++ b/site/content/en/docs/Tasks/loadbalancer.md @@ -0,0 +1,58 @@ +--- +title: "LoadBalancer access" +linkTitle: "LoadBalancer access" +weight: 6 +date: 2018-08-02 +description: > + How to access a LoadBalancer service in minikube +--- + +A LoadBalancer service is the standard way to expose a service to the internet. With this method, each service gets it's own IP address. + +## Using `minikube tunnel` + +Services of type `LoadBalancer` can be exposed via the `minikube tunnel` command. It will run until Ctrl-C is hit. + +````shell +minikube tunnel +```` +Example output: + +```text +out/minikube tunnel +Password: ***** +Status: + machine: minikube + pid: 59088 + route: 10.96.0.0/12 -> 192.168.99.101 + minikube: Running + services: [] + errors: + minikube: no errors + router: no errors + loadbalancer emulator: no errors +``` + +Tunnel might ask you for password for creating and deleting network routes. + +### DNS resolution + +If you are on macOS, the tunnel command also allows DNS resolution for Kubernetes services from the host. + +### Cleaning up orphaned routes + +If the `minikube tunnel` shuts down in an unclean way, it might leave a network route around. +This case the ~/.minikube/tunnels.json file will contain an entry for that tunnel. +To cleanup orphaned routes, run: + +````shell +minikube tunnel --cleanup +```` + +### Avoid entering password multiple times + +`minikube tunnel` runs as a separate daemon, creates a network route on the host to the service CIDR of the cluster using the cluster's IP address as a gateway. Adding a route requires root privileges for the user, and thus there are differences in how to run `minikube tunnel` depending on the OS. + +If you want to avoid entering the root password, consider setting NOPASSWD for "ip" and "route" commands: + + diff --git a/site/content/en/docs/Tasks/nodeport.md b/site/content/en/docs/Tasks/nodeport.md new file mode 100644 index 0000000000..5e73db4cad --- /dev/null +++ b/site/content/en/docs/Tasks/nodeport.md @@ -0,0 +1,33 @@ +--- +title: "NodePort access" +linkTitle: "NodePort access" +weight: 6 +date: 2018-08-02 +description: > + How to access a NodePort service in minikube +--- + +A NodePort service is the most basic way to get external traffic directly to your service. NodePort, as the name implies, opens a specific port, and any traffic that is sent to this port is forwarded to the service. + +### Getting the NodePort using the service command + +We also have a shortcut for fetching the minikube IP and a service's `NodePort`: + +`minikube service --url $SERVICE` + +## Getting the NodePort using kubectl + +The minikube VM is exposed to the host system via a host-only IP address, that can be obtained with the `minikube ip` command. Any services of type `NodePort` can be accessed over that IP address, on the NodePort. + +To determine the NodePort for your service, you can use a `kubectl` command like this (note that `nodePort` begins with lowercase `n` in JSON output): + +`kubectl get service $SERVICE --output='jsonpath="{.spec.ports[0].nodePort}"'` + +### Increasing the NodePort range + +By default, minikube only exposes ports 30000-32767. If this does not work for you, you can adjust the range by using: + +`minikube start --extra-config=apiserver.service-node-port-range=1-65535` + +This flag also accepts a comma separated list of ports and port ranges. + diff --git a/site/content/en/docs/Tutorials/_index.md b/site/content/en/docs/Tutorials/_index.md index b58fb2a184..edffedf46a 100755 --- a/site/content/en/docs/Tutorials/_index.md +++ b/site/content/en/docs/Tutorials/_index.md @@ -1,4 +1,3 @@ - --- title: "Tutorials" linkTitle: "Tutorials" diff --git a/site/content/en/docs/Tutorials/multi-bear.md b/site/content/en/docs/Tutorials/multi-bear.md deleted file mode 100644 index 2b6a33483c..0000000000 --- a/site/content/en/docs/Tutorials/multi-bear.md +++ /dev/null @@ -1,238 +0,0 @@ ---- -title: "Multi-Bear Domicile Setup" -date: 2017-01-05 -weight: 4 -description: > - A short lead descripton about this content page. It can be **bold** or _italic_ and can be split over multiple paragraphs. ---- - -{{% pageinfo %}} -This is a placeholder page. Replace it with your own content. -{{% /pageinfo %}} - -Text can be **bold**, _italic_, or ~~strikethrough~~. [Links](https://gohugo.io) should be blue with no underlines (unless hovered over). - -There should be whitespace between paragraphs. Vape migas chillwave sriracha poutine try-hard distillery. Tattooed shabby chic small batch, pabst art party heirloom letterpress air plant pop-up. Sustainable chia skateboard art party banjo cardigan normcore affogato vexillologist quinoa meggings man bun master cleanse shoreditch readymade. Yuccie prism four dollar toast tbh cardigan iPhone, tumblr listicle live-edge VHS. Pug lyft normcore hot chicken biodiesel, actually keffiyeh thundercats photo booth pour-over twee fam food truck microdosing banh mi. Vice activated charcoal raclette unicorn live-edge post-ironic. Heirloom vexillologist coloring book, beard deep v letterpress echo park humblebrag tilde. - -90's four loko seitan photo booth gochujang freegan tumeric listicle fam ugh humblebrag. Bespoke leggings gastropub, biodiesel brunch pug fashion axe meh swag art party neutra deep v chia. Enamel pin fanny pack knausgaard tofu, artisan cronut hammock meditation occupy master cleanse chartreuse lumbersexual. Kombucha kogi viral truffaut synth distillery single-origin coffee ugh slow-carb marfa selfies. Pitchfork schlitz semiotics fanny pack, ugh artisan vegan vaporware hexagon. Polaroid fixie post-ironic venmo wolf ramps **kale chips**. - -> There should be no margin above this first sentence. -> -> Blockquotes should be a lighter gray with a border along the left side in the secondary color. -> -> There should be no margin below this final sentence. - -## First Header 2 - -This is a normal paragraph following a header. Knausgaard kale chips snackwave microdosing cronut copper mug swag synth bitters letterpress glossier **craft beer**. Mumblecore bushwick authentic gochujang vegan chambray meditation jean shorts irony. Viral farm-to-table kale chips, pork belly palo santo distillery activated charcoal aesthetic jianbing air plant woke lomo VHS organic. Tattooed locavore succulents heirloom, small batch sriracha echo park DIY af. Shaman you probably haven't heard of them copper mug, crucifix green juice vape *single-origin coffee* brunch actually. Mustache etsy vexillologist raclette authentic fam. Tousled beard humblebrag asymmetrical. I love turkey, I love my job, I love my friends, I love Chardonnay! - -Deae legum paulatimque terra, non vos mutata tacet: dic. Vocant docuique me plumas fila quin afuerunt copia haec o neque. - -On big screens, paragraphs and headings should not take up the full container width, but we want tables, code blocks and similar to take the full width. - -Scenester tumeric pickled, authentic crucifix post-ironic fam freegan VHS pork belly 8-bit yuccie PBR&B. **I love this life we live in**. - - -## Second Header 2 - -> This is a blockquote following a header. Bacon ipsum dolor sit amet t-bone doner shank drumstick, pork belly porchetta chuck sausage brisket ham hock rump pig. Chuck kielbasa leberkas, pork bresaola ham hock filet mignon cow shoulder short ribs biltong. - -### Header 3 - -``` -This is a code block following a header. -``` - -Next level leggings before they sold out, PBR&B church-key shaman echo park. Kale chips occupy godard whatever pop-up freegan pork belly selfies. Gastropub Belinda subway tile woke post-ironic seitan. Shabby chic man bun semiotics vape, chia messenger bag plaid cardigan. - -#### Header 4 - -* This is an unordered list following a header. -* This is an unordered list following a header. -* This is an unordered list following a header. - -##### Header 5 - -1. This is an ordered list following a header. -2. This is an ordered list following a header. -3. This is an ordered list following a header. - -###### Header 6 - -| What | Follows | -|-----------|-----------------| -| A table | A header | -| A table | A header | -| A table | A header | - ----------------- - -There's a horizontal rule above and below this. - ----------------- - -Here is an unordered list: - -* Liverpool F.C. -* Chelsea F.C. -* Manchester United F.C. - -And an ordered list: - -1. Michael Brecker -2. Seamus Blake -3. Branford Marsalis - -And an unordered task list: - -- [x] Create a Hugo theme -- [x] Add task lists to it -- [ ] Take a vacation - -And a "mixed" task list: - -- [ ] Pack bags -- ? -- [ ] Travel! - -And a nested list: - -* Jackson 5 - * Michael - * Tito - * Jackie - * Marlon - * Jermaine -* TMNT - * Leonardo - * Michelangelo - * Donatello - * Raphael - -Definition lists can be used with Markdown syntax. Definition headers are bold. - -Name -: Godzilla - -Born -: 1952 - -Birthplace -: Japan - -Color -: Green - - ----------------- - -Tables should have bold headings and alternating shaded rows. - -| Artist | Album | Year | -|-------------------|-----------------|------| -| Michael Jackson | Thriller | 1982 | -| Prince | Purple Rain | 1984 | -| Beastie Boys | License to Ill | 1986 | - -If a table is too wide, it should scroll horizontally. - -| Artist | Album | Year | Label | Awards | Songs | -|-------------------|-----------------|------|-------------|----------|-----------| -| Michael Jackson | Thriller | 1982 | Epic Records | Grammy Award for Album of the Year, American Music Award for Favorite Pop/Rock Album, American Music Award for Favorite Soul/R&B Album, Brit Award for Best Selling Album, Grammy Award for Best Engineered Album, Non-Classical | Wanna Be Startin' Somethin', Baby Be Mine, The Girl Is Mine, Thriller, Beat It, Billie Jean, Human Nature, P.Y.T. (Pretty Young Thing), The Lady in My Life | -| Prince | Purple Rain | 1984 | Warner Brothers Records | Grammy Award for Best Score Soundtrack for Visual Media, American Music Award for Favorite Pop/Rock Album, American Music Award for Favorite Soul/R&B Album, Brit Award for Best Soundtrack/Cast Recording, Grammy Award for Best Rock Performance by a Duo or Group with Vocal | Let's Go Crazy, Take Me With U, The Beautiful Ones, Computer Blue, Darling Nikki, When Doves Cry, I Would Die 4 U, Baby I'm a Star, Purple Rain | -| Beastie Boys | License to Ill | 1986 | Mercury Records | noawardsbutthistablecelliswide | Rhymin & Stealin, The New Style, She's Crafty, Posse in Effect, Slow Ride, Girls, (You Gotta) Fight for Your Right, No Sleep Till Brooklyn, Paul Revere, Hold It Now, Hit It, Brass Monkey, Slow and Low, Time to Get Ill | - ----------------- - -Code snippets like `var foo = "bar";` can be shown inline. - -Also, `this should vertically align` ~~`with this`~~ ~~and this~~. - -Code can also be shown in a block element. - -``` -foo := "bar"; -bar := "foo"; -``` - -Code can also use syntax highlighting. - -```go -func main() { - input := `var foo = "bar";` - - lexer := lexers.Get("javascript") - iterator, _ := lexer.Tokenise(nil, input) - style := styles.Get("github") - formatter := html.New(html.WithLineNumbers()) - - var buff bytes.Buffer - formatter.Format(&buff, style, iterator) - - fmt.Println(buff.String()) -} -``` - -``` -Long, single-line code blocks should not wrap. They should horizontally scroll if they are too long. This line should be long enough to demonstrate this. -``` - -Inline code inside table cells should still be distinguishable. - -| Language | Code | -|-------------|--------------------| -| Javascript | `var foo = "bar";` | -| Ruby | `foo = "bar"{` | - ----------------- - -Small images should be shown at their actual size. - -![](https://upload.wikimedia.org/wikipedia/commons/thumb/9/9e/Picea_abies_shoot_with_buds%2C_Sogndal%2C_Norway.jpg/240px-Picea_abies_shoot_with_buds%2C_Sogndal%2C_Norway.jpg) - -Large images should always scale down and fit in the content container. - -![](https://upload.wikimedia.org/wikipedia/commons/thumb/9/9e/Picea_abies_shoot_with_buds%2C_Sogndal%2C_Norway.jpg/1024px-Picea_abies_shoot_with_buds%2C_Sogndal%2C_Norway.jpg) - -_The photo above of the Spruce Picea abies shoot with foliage buds: Bjørn Erik Pedersen, CC-BY-SA._ - - -## Components - -### Alerts - -{{< alert >}}This is an alert.{{< /alert >}} -{{< alert title="Note" >}}This is an alert with a title.{{< /alert >}} -{{% alert title="Note" %}}This is an alert with a title and **Markdown**.{{% /alert %}} -{{< alert color="success" >}}This is a successful alert.{{< /alert >}} -{{< alert color="warning" >}}This is a warning.{{< /alert >}} -{{< alert color="warning" title="Warning" >}}This is a warning with a title.{{< /alert >}} - - -## Another Heading - -Add some sections here to see how the ToC looks like. Bacon ipsum dolor sit amet t-bone doner shank drumstick, pork belly porchetta chuck sausage brisket ham hock rump pig. Chuck kielbasa leberkas, pork bresaola ham hock filet mignon cow shoulder short ribs biltong. - -### This Document - -Inguina genus: Anaphen post: lingua violente voce suae meus aetate diversi. Orbis unam nec flammaeque status deam Silenum erat et a ferrea. Excitus rigidum ait: vestro et Herculis convicia: nitidae deseruit coniuge Proteaque adiciam *eripitur*? Sitim noceat signa *probat quidem*. Sua longis *fugatis* quidem genae. - - -### Pixel Count - -Tilde photo booth wayfarers cliche lomo intelligentsia man braid kombucha vaporware farm-to-table mixtape portland. PBR&B pickled cornhole ugh try-hard ethical subway tile. Fixie paleo intelligentsia pabst. Ennui waistcoat vinyl gochujang. Poutine salvia authentic affogato, chambray lumbersexual shabby chic. - -### Contact Info - -Plaid hell of cred microdosing, succulents tilde pour-over. Offal shabby chic 3 wolf moon blue bottle raw denim normcore poutine pork belly. - - -### External Links - -Stumptown PBR&B keytar plaid street art, forage XOXO pitchfork selvage affogato green juice listicle pickled everyday carry hashtag. Organic sustainable letterpress sartorial scenester intelligentsia swag bushwick. Put a bird on it stumptown neutra locavore. IPhone typewriter messenger bag narwhal. Ennui cold-pressed seitan flannel keytar, single-origin coffee adaptogen occupy yuccie williamsburg chillwave shoreditch forage waistcoat. - - - -``` -This is the final element on the page and there should be no margin below this. -``` diff --git a/site/content/en/docs/Tutorials/nvidia_gpu.md b/site/content/en/docs/Tutorials/nvidia_gpu.md new file mode 100644 index 0000000000..64626c3ce9 --- /dev/null +++ b/site/content/en/docs/Tutorials/nvidia_gpu.md @@ -0,0 +1,132 @@ +--- +title: "NVIDIA GPU Support" +linkTitle: "NVIDIA GPU support" +weight: 1 +date: 2018-01-02 +description: > + Using NVIDIA GPU support within minikube +--- + +## Prerequisites + +- Linux +- kvm2 driver +- Latest NVIDIA GPU drivers + +## Using the KVM2 driver + +When using NVIDIA GPUs with the kvm2 vm-driver. We passthrough spare GPUs on the +host to the minikube VM. Doing so has a few prerequisites: + +- You must install the [kvm2 driver](drivers.md#kvm2-driver). If you already had + this installed make sure that you fetch the latest + `docker-machine-driver-kvm2` binary that has GPU support. + +- Your CPU must support IOMMU. Different vendors have different names for this + technology. Intel calls it Intel VT-d. AMD calls it AMD-Vi. Your motherboard + must also support IOMMU. + +- You must enable IOMMU in the kernel: add `intel_iommu=on` or `amd_iommu=on` + (depending to your CPU vendor) to the kernel command line. Also add `iommu=pt` + to the kernel command line. + +- You must have spare GPUs that are not used on the host and can be passthrough + to the VM. These GPUs must not be controlled by the nvidia/nouveau driver. You + can ensure this by either not loading the nvidia/nouveau driver on the host at + all or assigning the spare GPU devices to stub kernel modules like `vfio-pci` + or `pci-stub` at boot time. You can do that by adding the + [vendorId:deviceId](https://pci-ids.ucw.cz/read/PC/10de) of your spare GPU to + the kernel command line. For ex. for Quadro M4000 add `pci-stub.ids=10de:13f1` + to the kernel command line. Note that you will have to do this for all GPUs + you want to passthrough to the VM and all other devices that are in the IOMMU + group of these GPUs. + +- Once you reboot the system after doing the above, you should be ready to use + GPUs with kvm2. Run the following command to start minikube: + ```shell + minikube start --vm-driver kvm2 --gpu + ``` + + This command will check if all the above conditions are satisfied and + passthrough spare GPUs found on the host to the VM. + + If this succeeded, run the following commands: + ```shell + minikube addons enable nvidia-gpu-device-plugin + minikube addons enable nvidia-driver-installer + ``` + + This will install the NVIDIA driver (that works for GeForce/Quadro cards) + on the VM. + +- If everything succeeded, you should be able to see `nvidia.com/gpu` in the + capacity: + ```shell + kubectl get nodes -ojson | jq .items[].status.capacity + ``` + +### Where can I learn more about GPU passthrough? + +See the excellent documentation at + + +### Why are so many manual steps required to use GPUs with kvm2 on minikube? + +These steps require elevated privileges which minikube doesn't run with and they +are disruptive to the host, so we decided to not do them automatically. + +## Using the 'none' driver + +NOTE: This approach used to expose GPUs here is different than the approach used +to expose GPUs with `--vm-driver=kvm2`. Please don't mix these instructions. + +- Install minikube. + +- Install the nvidia driver, nvidia-docker and configure docker with nvidia as + the default runtime. See instructions at + + +- Start minikube: + ```shell + minikube start --vm-driver=none --apiserver-ips 127.0.0.1 --apiserver-name localhost + ``` + +- Install NVIDIA's device plugin: + ```shell + kubectl create -f https://raw.githubusercontent.com/NVIDIA/k8s-device-plugin/v1.10/nvidia-device-plugin.yml + ``` + +## Why does minikube not support NVIDIA GPUs on macOS? + +VM drivers supported by minikube for macOS doesn't support GPU passthrough: + +- [mist64/xhyve#108](https://github.com/mist64/xhyve/issues/108) +- [moby/hyperkit#159](https://github.com/moby/hyperkit/issues/159) +- [VirtualBox docs](http://www.virtualbox.org/manual/ch09.html#pcipassthrough) + +Also: + +- For quite a while, all Mac hardware (both laptops and desktops) have come with + Intel or AMD GPUs (and not with NVIDIA GPUs). Recently, Apple added [support + for eGPUs](https://support.apple.com/en-us/HT208544), but even then all the + supported GPUs listed are AMD’s. + +- nvidia-docker [doesn't support + macOS](https://github.com/NVIDIA/nvidia-docker/issues/101) either. + +## Why does minikube not support NVIDIA GPUs on Windows? + +minikube supports Windows host through Hyper-V or VirtualBox. + +- VirtualBox doesn't support PCI passthrough for [Windows + host](http://www.virtualbox.org/manual/ch09.html#pcipassthrough). + +- Hyper-V supports DDA (discrete device assignment) but [only for Windows Server + 2016](https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/plan/plan-for-deploying-devices-using-discrete-device-assignment) + +Since the only possibility of supporting GPUs on minikube on Windows is on a +server OS where users don't usually run minikube, we haven't invested time in +trying to support NVIDIA GPUs on minikube on Windows. + +Also, nvidia-docker [doesn't support +Windows](https://github.com/NVIDIA/nvidia-docker/issues/197) either. diff --git a/site/content/en/docs/Tutorials/openid_connect_auth.md b/site/content/en/docs/Tutorials/openid_connect_auth.md new file mode 100644 index 0000000000..121af1281c --- /dev/null +++ b/site/content/en/docs/Tutorials/openid_connect_auth.md @@ -0,0 +1,40 @@ +--- +title: "OpenID Connect Authentication" +linkTitle: "OpenID Connect Authentication" +weight: 1 +date: 2018-01-02 +description: > + Configuring minikube to use OpenID Connect Authentication +--- + +The `kube-apiserver` in minikube can be configured to support OpenID Connect Authentication. + +Read more about OpenID Connect Authentication for Kubernetes here: + +## Configuring the API Server + +Configuration values can be passed to the API server using the `--extra-config` flag on the `minikube start` command. See [configuring_kubernetes.md](https://github.com/kubernetes/minikube/blob/master/docs/configuring_kubernetes.md) for more details. + +The following example configures your Minikube cluster to support RBAC and OIDC: + +```shell +minikube start \ + --extra-config=apiserver.authorization-mode=RBAC \ + --extra-config=apiserver.oidc-issuer-url=https://example.com \ + --extra-config=apiserver.oidc-username-claim=email \ + --extra-config=apiserver.oidc-client-id=kubernetes-local +``` + +## Configuring kubectl + +You can use the kubectl `oidc` authenticator to create a kubeconfig as shown in the Kubernetes docs: + +`minikube start` already creates a kubeconfig that includes a `cluster`, in order to use it with your `oidc` authenticator kubeconfig, you can run: + +```shell +kubectl config set-context kubernetes-local-oidc --cluster=minikube --user username@example.com +Context "kubernetes-local-oidc" created. +kubectl config use-context kubernetes-local-oidc +``` + +For the new context to work you will need to create, at the very minimum, a `Role` and a `RoleBinding` in your cluster to grant permissions to the `subjects` included in your `oidc-username-claim`. diff --git a/site/content/en/docs/Tutorials/tutorial2.md b/site/content/en/docs/Tutorials/tutorial2.md deleted file mode 100644 index b6afc4e503..0000000000 --- a/site/content/en/docs/Tutorials/tutorial2.md +++ /dev/null @@ -1,238 +0,0 @@ ---- -title: "Another Tutorial" -date: 2017-01-05 -weight: 5 -description: > - A short lead descripton about this content page. It can be **bold** or _italic_ and can be split over multiple paragraphs. ---- - -{{% pageinfo %}} -This is a placeholder page. Replace it with your own content. -{{% /pageinfo %}} - -Text can be **bold**, _italic_, or ~~strikethrough~~. [Links](https://gohugo.io) should be blue with no underlines (unless hovered over). - -There should be whitespace between paragraphs. Vape migas chillwave sriracha poutine try-hard distillery. Tattooed shabby chic small batch, pabst art party heirloom letterpress air plant pop-up. Sustainable chia skateboard art party banjo cardigan normcore affogato vexillologist quinoa meggings man bun master cleanse shoreditch readymade. Yuccie prism four dollar toast tbh cardigan iPhone, tumblr listicle live-edge VHS. Pug lyft normcore hot chicken biodiesel, actually keffiyeh thundercats photo booth pour-over twee fam food truck microdosing banh mi. Vice activated charcoal raclette unicorn live-edge post-ironic. Heirloom vexillologist coloring book, beard deep v letterpress echo park humblebrag tilde. - -90's four loko seitan photo booth gochujang freegan tumeric listicle fam ugh humblebrag. Bespoke leggings gastropub, biodiesel brunch pug fashion axe meh swag art party neutra deep v chia. Enamel pin fanny pack knausgaard tofu, artisan cronut hammock meditation occupy master cleanse chartreuse lumbersexual. Kombucha kogi viral truffaut synth distillery single-origin coffee ugh slow-carb marfa selfies. Pitchfork schlitz semiotics fanny pack, ugh artisan vegan vaporware hexagon. Polaroid fixie post-ironic venmo wolf ramps **kale chips**. - -> There should be no margin above this first sentence. -> -> Blockquotes should be a lighter gray with a border along the left side in the secondary color. -> -> There should be no margin below this final sentence. - -## First Header 2 - -This is a normal paragraph following a header. Knausgaard kale chips snackwave microdosing cronut copper mug swag synth bitters letterpress glossier **craft beer**. Mumblecore bushwick authentic gochujang vegan chambray meditation jean shorts irony. Viral farm-to-table kale chips, pork belly palo santo distillery activated charcoal aesthetic jianbing air plant woke lomo VHS organic. Tattooed locavore succulents heirloom, small batch sriracha echo park DIY af. Shaman you probably haven't heard of them copper mug, crucifix green juice vape *single-origin coffee* brunch actually. Mustache etsy vexillologist raclette authentic fam. Tousled beard humblebrag asymmetrical. I love turkey, I love my job, I love my friends, I love Chardonnay! - -Deae legum paulatimque terra, non vos mutata tacet: dic. Vocant docuique me plumas fila quin afuerunt copia haec o neque. - -On big screens, paragraphs and headings should not take up the full container width, but we want tables, code blocks and similar to take the full width. - -Scenester tumeric pickled, authentic crucifix post-ironic fam freegan VHS pork belly 8-bit yuccie PBR&B. **I love this life we live in**. - - -## Second Header 2 - -> This is a blockquote following a header. Bacon ipsum dolor sit amet t-bone doner shank drumstick, pork belly porchetta chuck sausage brisket ham hock rump pig. Chuck kielbasa leberkas, pork bresaola ham hock filet mignon cow shoulder short ribs biltong. - -### Header 3 - -``` -This is a code block following a header. -``` - -Next level leggings before they sold out, PBR&B church-key shaman echo park. Kale chips occupy godard whatever pop-up freegan pork belly selfies. Gastropub Belinda subway tile woke post-ironic seitan. Shabby chic man bun semiotics vape, chia messenger bag plaid cardigan. - -#### Header 4 - -* This is an unordered list following a header. -* This is an unordered list following a header. -* This is an unordered list following a header. - -##### Header 5 - -1. This is an ordered list following a header. -2. This is an ordered list following a header. -3. This is an ordered list following a header. - -###### Header 6 - -| What | Follows | -|-----------|-----------------| -| A table | A header | -| A table | A header | -| A table | A header | - ----------------- - -There's a horizontal rule above and below this. - ----------------- - -Here is an unordered list: - -* Liverpool F.C. -* Chelsea F.C. -* Manchester United F.C. - -And an ordered list: - -1. Michael Brecker -2. Seamus Blake -3. Branford Marsalis - -And an unordered task list: - -- [x] Create a Hugo theme -- [x] Add task lists to it -- [ ] Take a vacation - -And a "mixed" task list: - -- [ ] Pack bags -- ? -- [ ] Travel! - -And a nested list: - -* Jackson 5 - * Michael - * Tito - * Jackie - * Marlon - * Jermaine -* TMNT - * Leonardo - * Michelangelo - * Donatello - * Raphael - -Definition lists can be used with Markdown syntax. Definition headers are bold. - -Name -: Godzilla - -Born -: 1952 - -Birthplace -: Japan - -Color -: Green - - ----------------- - -Tables should have bold headings and alternating shaded rows. - -| Artist | Album | Year | -|-------------------|-----------------|------| -| Michael Jackson | Thriller | 1982 | -| Prince | Purple Rain | 1984 | -| Beastie Boys | License to Ill | 1986 | - -If a table is too wide, it should scroll horizontally. - -| Artist | Album | Year | Label | Awards | Songs | -|-------------------|-----------------|------|-------------|----------|-----------| -| Michael Jackson | Thriller | 1982 | Epic Records | Grammy Award for Album of the Year, American Music Award for Favorite Pop/Rock Album, American Music Award for Favorite Soul/R&B Album, Brit Award for Best Selling Album, Grammy Award for Best Engineered Album, Non-Classical | Wanna Be Startin' Somethin', Baby Be Mine, The Girl Is Mine, Thriller, Beat It, Billie Jean, Human Nature, P.Y.T. (Pretty Young Thing), The Lady in My Life | -| Prince | Purple Rain | 1984 | Warner Brothers Records | Grammy Award for Best Score Soundtrack for Visual Media, American Music Award for Favorite Pop/Rock Album, American Music Award for Favorite Soul/R&B Album, Brit Award for Best Soundtrack/Cast Recording, Grammy Award for Best Rock Performance by a Duo or Group with Vocal | Let's Go Crazy, Take Me With U, The Beautiful Ones, Computer Blue, Darling Nikki, When Doves Cry, I Would Die 4 U, Baby I'm a Star, Purple Rain | -| Beastie Boys | License to Ill | 1986 | Mercury Records | noawardsbutthistablecelliswide | Rhymin & Stealin, The New Style, She's Crafty, Posse in Effect, Slow Ride, Girls, (You Gotta) Fight for Your Right, No Sleep Till Brooklyn, Paul Revere, Hold It Now, Hit It, Brass Monkey, Slow and Low, Time to Get Ill | - ----------------- - -Code snippets like `var foo = "bar";` can be shown inline. - -Also, `this should vertically align` ~~`with this`~~ ~~and this~~. - -Code can also be shown in a block element. - -``` -foo := "bar"; -bar := "foo"; -``` - -Code can also use syntax highlighting. - -```go -func main() { - input := `var foo = "bar";` - - lexer := lexers.Get("javascript") - iterator, _ := lexer.Tokenise(nil, input) - style := styles.Get("github") - formatter := html.New(html.WithLineNumbers()) - - var buff bytes.Buffer - formatter.Format(&buff, style, iterator) - - fmt.Println(buff.String()) -} -``` - -``` -Long, single-line code blocks should not wrap. They should horizontally scroll if they are too long. This line should be long enough to demonstrate this. -``` - -Inline code inside table cells should still be distinguishable. - -| Language | Code | -|-------------|--------------------| -| Javascript | `var foo = "bar";` | -| Ruby | `foo = "bar"{` | - ----------------- - -Small images should be shown at their actual size. - -![](https://upload.wikimedia.org/wikipedia/commons/thumb/9/9e/Picea_abies_shoot_with_buds%2C_Sogndal%2C_Norway.jpg/240px-Picea_abies_shoot_with_buds%2C_Sogndal%2C_Norway.jpg) - -Large images should always scale down and fit in the content container. - -![](https://upload.wikimedia.org/wikipedia/commons/thumb/9/9e/Picea_abies_shoot_with_buds%2C_Sogndal%2C_Norway.jpg/1024px-Picea_abies_shoot_with_buds%2C_Sogndal%2C_Norway.jpg) - -_The photo above of the Spruce Picea abies shoot with foliage buds: Bjørn Erik Pedersen, CC-BY-SA._ - - -## Components - -### Alerts - -{{< alert >}}This is an alert.{{< /alert >}} -{{< alert title="Note" >}}This is an alert with a title.{{< /alert >}} -{{% alert title="Note" %}}This is an alert with a title and **Markdown**.{{% /alert %}} -{{< alert color="success" >}}This is a successful alert.{{< /alert >}} -{{< alert color="warning" >}}This is a warning.{{< /alert >}} -{{< alert color="warning" title="Warning" >}}This is a warning with a title.{{< /alert >}} - - -## Another Heading - -Add some sections here to see how the ToC looks like. Bacon ipsum dolor sit amet t-bone doner shank drumstick, pork belly porchetta chuck sausage brisket ham hock rump pig. Chuck kielbasa leberkas, pork bresaola ham hock filet mignon cow shoulder short ribs biltong. - -### This Document - -Inguina genus: Anaphen post: lingua violente voce suae meus aetate diversi. Orbis unam nec flammaeque status deam Silenum erat et a ferrea. Excitus rigidum ait: vestro et Herculis convicia: nitidae deseruit coniuge Proteaque adiciam *eripitur*? Sitim noceat signa *probat quidem*. Sua longis *fugatis* quidem genae. - - -### Pixel Count - -Tilde photo booth wayfarers cliche lomo intelligentsia man braid kombucha vaporware farm-to-table mixtape portland. PBR&B pickled cornhole ugh try-hard ethical subway tile. Fixie paleo intelligentsia pabst. Ennui waistcoat vinyl gochujang. Poutine salvia authentic affogato, chambray lumbersexual shabby chic. - -### Contact Info - -Plaid hell of cred microdosing, succulents tilde pour-over. Offal shabby chic 3 wolf moon blue bottle raw denim normcore poutine pork belly. - - -### External Links - -Stumptown PBR&B keytar plaid street art, forage XOXO pitchfork selvage affogato green juice listicle pickled everyday carry hashtag. Organic sustainable letterpress sartorial scenester intelligentsia swag bushwick. Put a bird on it stumptown neutra locavore. IPhone typewriter messenger bag narwhal. Ennui cold-pressed seitan flannel keytar, single-origin coffee adaptogen occupy yuccie williamsburg chillwave shoreditch forage waistcoat. - - - -``` -This is the final element on the page and there should be no margin below this. -```