docs, probes: update the probe documentation

- The cloud-init is modified to assign the virt_qemu_ga_exec_t SELinux context to the /tmp/healthy.txt file. - The documentation is modified to explain why the context is required. - Additional steps are added to help readers better understand the readiness probes process. - Removed the livecycle steps to help readers focus on the content of the example, i.e. readiness probes. - The container disk image is replaced by quay.io/containerdisks/fedora. These changes allows to user run the readiness probes out of the box and help them to better understad how this process works. Signed-off-by: Javier Cano Cano <[email protected]>
rayees0012 · Sep 12, 2022 · 16cf7c8 · 16cf7c8
1 parent 30d8ed3
commit 16cf7c8
Showing 1 changed file with 44 additions and 54 deletions.
diff --git a/docs/probes.md b/docs/probes.md
@@ -26,105 +26,95 @@ Make sure to provide enough delay and failureThreshold for the VM and the agent
 
 ### Example
 
-**Note**: The Fedora image used in this example does not have qemu-guest-agent available by default.
-We need to install and enable it via cloud-init as shown in the example below.
+The Fedora image used in this example does have qemu-guest-agent available by default. Nevertheless, in
+case qemu-guest-agent is not installed, it will be installed and enabled via cloud-init as shown in the example below. 
+Also, cloud-init assigns the proper SELinux context, i.e. virt_qemu_ga_exec_t, to the `/tmp/healthy.txt` file. 
+Otherwise, SELinux will deny the attempts to open the `/tmp/healthy.txt` file causing the probe to fail.
 
-1. Create VM manifest
+> Note:  If SELinux is not installed in your container disk image, the command `chcon` should be removed from the VM
+> manifest shown below. Otherwise, the `chcon`  command will fail.
+
+1. Create the VM 
 
 ```yaml
-# /tmp/probe-test.vm.yaml
-apiVersion: kubevirt.io/v1alpha3
+$ cat <<EOF | kubectl apply -f -
+apiVersion: kubevirt.io/v1
 kind: VirtualMachine
 metadata:
-  name: probe-test
-  namespace: default
   labels:
-    app: probe-test
-    vm.kubevirt.io/name: probe-test
-    kubevirt.io/domain: probe-test
+    kubevirt.io/vm: readiness-probe-vm
+  name: readiness-probe
 spec:
-  running: false
+  running: true 
   template:
     metadata:
       labels:
-        vm.kubevirt.io/name: probe-test
-        kubevirt.io/domain: probe-test
+        kubevirt.io/domain: readiness-probe
+        kubevirt.io/vm: readiness-probe
     spec:
-      readinessProbe:
-        exec:
-          command:
-          - cat
-          - /tmp/ready.txt
-        failureThreshold: 10
-        initialDelaySeconds: 120
-        periodSeconds: 10
-        # Note that timeoutSeconds value does not have any impact before K8s v1.20.
-        timeoutSeconds: 5
       domain:
         cpu:
           cores: 1
           sockets: 1
           threads: 1
         devices:
           disks:
-            - disk:
+            - name: containerdisk
+              disk:
                 bus: virtio
-              name: cloudinitdisk
-            - bootOrder: 1
+            - name: cloudinitdisk
               disk:
                 bus: virtio
-              name: rootdisk
-          interfaces:
-            - masquerade: {}
-              model: virtio
-              name: nic-0
-          networkInterfaceMultiqueue: true
           rng: {}
-        machine:
-          type: pc-q35-rhel8.2.0
         resources:
           requests:
             memory: 1Gi
-      hostname: probe-test
-      networks:
-        - name: nic-0
-          pod: {}
+      readinessProbe:
+        exec:
+          command: ["cat", "/tmp/healthy.txt"]
+        failureThreshold: 10
+        initialDelaySeconds: 120
+        periodSeconds: 10
+        # Note that timeoutSeconds value does not have any impact before K8s v1.20.
+        timeoutSeconds: 5
       terminationGracePeriodSeconds: 180
       volumes:
+        - containerDisk:
+            image: quay.io/containerdisks/fedora
+          name: containerdisk
         - cloudInitNoCloud:
             userData: |
               #cloud-config
-              user: fedora
-              password: fedora
               chpasswd:
                 expire: false
+              password: password
+              user: fedora
               packages:
                 qemu-guest-agent
               runcmd:
-                - [ "systemctl", "enable", "--now", "qemu-guest-agent" ]
-                - [ "touch" "/tmp/ready.txt" ]
+                - ["touch", "/tmp/healthy.txt"]
+                - ["sudo", "chcon", "--type", "virt_qemu_ga_exec_t", "/tmp/healthy.txt"]
+                - ["sudo", "systemctl", "enable", "--now", "qemu-guest-agent"]
           name: cloudinitdisk
-        - containerDisk:
-            image: kubevirt/fedora-cloud-container-disk-demo
-          name: rootdisk
+EOF
 ```
-2. Apply the VM manifest
+2. (optional) Watch the VM events in a separate shell
 
 ```sh
-kubectl apply -f /tmp/probe-test.yaml
+# This will stream the events including any probe failures.
+# Observe the guest-agent becoming available here.
+kubectl get events --watch
 ```
 
-3. Start the VM
+3. Wait for the `.status.ready` field to be `true`, it may take a bit
 
 ```sh
-kubectl virt start probe-test
+kubectl wait vms/readiness-probe --for=condition=Ready --timeout=5m
 ```
 
-4. (optional) Watch the VM events in a separate shell
+4. (optional) Log in to the VM and watch the incoming qemu-ga commands
 
 ```sh
-# This will stream the events including any probe failures.
-# Observe the guest-agent becomming available here.
-kubectl get events --watch
+virtctl console readiness-probe
+journalctl --follow
 ```
-