iSulad/0049-add-runc-doc.patch

From eb3e8dd9e87e926a121715d103cc6c3cb20388a7 Mon Sep 17 00:00:00 2001
From: zhongtao <zhongtao17@huawei.com>
Date: Fri, 17 Feb 2023 14:33:15 +0800
Subject: [PATCH 49/53] add runc doc

Signed-off-by: zhongtao <zhongtao17@huawei.com>
---
 docs/design/README_zh.md                      |   1 +
 .../design/detailed/Runtime/runc_design_zh.md | 264 ++++++++++++++++++
 docs/images/isulad_shim_flow_chart.svg        |  16 ++
 docs/images/k8s_isulad_flow_chart.svg         |  16 ++
 docs/manual/README_zh.md                      |   6 +-
 docs/manual/runc_config_zh.md                 | 134 +++++++++
 6 files changed, 436 insertions(+), 1 deletion(-)
 create mode 100644 docs/design/detailed/Runtime/runc_design_zh.md
 create mode 100755 docs/images/isulad_shim_flow_chart.svg
 create mode 100644 docs/images/k8s_isulad_flow_chart.svg
 create mode 100644 docs/manual/runc_config_zh.md

diff --git a/docs/design/README_zh.md b/docs/design/README_zh.md
index 1f1c94b5..e7763a42 100644
--- a/docs/design/README_zh.md
+++ b/docs/design/README_zh.md
@@ -49,6 +49,7 @@
 ## Runtime
 
 - 查看 runtime 模块的设计文档： [runtime_design](./detailed/Runtime/runtime_design_zh.md) 。
+- 查看 isulad 支持runc 的设计文档：[runc_design](./detailed/Runtime/runc_design_zh.md)。
 
 ## Security
 
diff --git a/docs/design/detailed/Runtime/runc_design_zh.md b/docs/design/detailed/Runtime/runc_design_zh.md
new file mode 100644
index 00000000..3af3ea02
--- /dev/null
+++ b/docs/design/detailed/Runtime/runc_design_zh.md
@@ -0,0 +1,264 @@
+| Author | zhongtao              |
+| ------ | --------------------- |
+| Date   | 2023-03-21            |
+| Email  | zhongtao17@huawei.com |
+
+# 方案目标
+
+isulad 支持使用runc作为容器runtime。用户可以在启动容器时配置`--runtime=runc`创建runtime为runc的容器：
+```bash
+$ isula run -tid -n test --runtime=runc busybox sh
+eb77c672a148cc4cefa0d6e7c5847f5a87d0c5353e245461b68820bd9af90c67
+$ isula inspect eb77 | grep -i runc
+        "ResolvConfPath": "/var/lib/isulad/engines/runc/eb77c672a148cc4cefa0d6e7c5847f5a87d0c5353e245461b68820bd9af90c67/resolv.conf",
+        "HostsPath": "/var/lib/isulad/engines/runc/eb77c672a148cc4cefa0d6e7c5847f5a87d0c5353e245461b68820bd9af90c67/hosts",
+        "LogPath": "/var/lib/isulad/engines/runc/eb77c672a148cc4cefa0d6e7c5847f5a87d0c5353e245461b68820bd9af90c67/console.log",
+            "Runtime": "runc",
+                "log.console.file": "/var/lib/isulad/engines/runc/eb77c672a148cc4cefa0d6e7c5847f5a87d0c5353e245461b68820bd9af90c67/console.log",
+```
+
+同时，也可以在`/etc/isulad/daemon.json`中配置`default-runtime`为runc并重启isulad，修改isulad创建容器时默认使用的runtime。
+```sh
+$ vim /etc/isulad/daemon.json
+	...
+   "default-runtime": "runc"
+    ...
+$ sudo isulad
+```
+
+# 总体设计
+
+由于isulad与runc之间的交互存在gap，且将容器创建成功之后，容器进程的生命周期与isulad进程的生命周期没有必然联系，因此我们设计了一个isulad-shim进程，用于isulad与runc的交互并将isulad与容器实例解耦。同时，由于只有create以及exec涉及到在容器中新建进程，因此只有这两个子命令需要创建isulad-shim。其他的子命令直接通过调用runc二进制实现。
+
+## 时序图
+
+```mermaid
+sequenceDiagram
+  participant isula
+  participant kubelet
+  participant isulad
+  participant supervisor
+  participant shim
+  participant runc
+  participant container
+  
+  isula->>isulad: request
+  kubelet->>isulad:request
+  alt create
+  	isulad->>shim:shim_creat()
+  	shim->>runc: execvp(runc, params)
+  	runc ->> container:create request
+  	container ->> runc:success
+  	runc ->> shim:get process pid
+  	isulad ->> isulad:get process pid
+  	isulad ->> supervisor:add monitor
+  	loop epoll exit_fd
+  		supervisor ->> shim:if exit?
+  	end
+  else exec
+  	isulad->>shim:shim_creat()
+  	par
+  	shim->>runc: execvp(runc, params)
+  	runc ->> container:exec request
+  	container ->> runc:success
+  	runc ->> shim:get process pid
+  	shim ->> container:wait process pid
+  	shim ->> shim:exit
+  	and
+  	isulad ->> isulad: wait isulad-shim pid
+  	end
+	else others container cmd
+		isulad->>runc: runtime_call_simple()
+		runc ->> container:cmd
+		container ->>runc:success
+		runc ->>isulad:success
+	end
+	 isulad ->> isula:response
+	 isulad ->> kubelet:response
+```
+
+# 接口描述 
+
+## cri接口
+
+### PodSandboxManagerService
+
+```h
+auto RunPodSandbox(const runtime::v1alpha2::PodSandboxConfig &config, const std::string &runtimeHandler,Errors &error) -> std::string;
+
+void StopPodSandbox(const std::string &podSandboxID, Errors &error);
+
+void RemovePodSandbox(const std::string &podSandboxID, Errors &error);
+
+auto PodSandboxStatus(const std::string &podSandboxID, Errors &error)
+    -> std::unique_ptr<runtime::v1alpha2::PodSandboxStatus>;
+
+void ListPodSandbox(const runtime::v1alpha2::PodSandboxFilter *filter,std::vector<std::unique_ptr<runtime::v1alpha2::PodSandbox>> *pods, Errors &error);
+
+// This feature is temporarily not supported
+void PortForward(const runtime::v1alpha2::PortForwardRequest &req,runtime::v1alpha2::PortForwardResponse *resp,Errors &error);
+    ... ...
+};
+} // namespace CRI
+```
+
+### ContainerManagerService
+
+```c
+auto CreateContainer(const std::string &podSandboxID, const runtime::v1alpha2::ContainerConfig &containerConfig,const runtime::v1alpha2::PodSandboxConfig &podSandboxConfig, Errors &error)-> std::string override;
+
+void StartContainer(const std::string &containerID, Errors &error) override;
+
+void StopContainer(const std::string &containerID, int64_t timeout, Errors &error) override;
+
+void RemoveContainer(const std::string &containerID, Errors &error) override;
+
+void ListContainers(const runtime::v1alpha2::ContainerFilter *filter,
+                        std::vector<std::unique_ptr<runtime::v1alpha2::Container>> *containers, Errors &error) override;
+
+void ListContainerStats(const runtime::v1alpha2::ContainerStatsFilter *filter,std::vector<std::unique_ptr<runtime::v1alpha2::ContainerStats>> *containerstats,Errors &error) override;
+
+auto ContainerStats(const std::string &containerID, Errors &error)
+    -> std::unique_ptr<runtime::v1alpha2::ContainerStats> override;
+
+auto ContainerStatus(const std::string &containerID, Errors &error) -> std::unique_ptr<runtime::v1alpha2::ContainerStatus> override;
+
+void ExecSync(const std::string &containerID, const google::protobuf::RepeatedPtrField<std::string> &cmd, int64_t timeout, runtime::v1alpha2::ExecSyncResponse *reply, Errors &error) override;
+
+void Exec(const runtime::v1alpha2::ExecRequest &req, runtime::v1alpha2::ExecResponse *resp, Errors &error) override;
+
+void Attach(const runtime::v1alpha2::AttachRequest &req, runtime::v1alpha2::AttachResponse *resp, Errors &error) override;
+
+void UpdateContainerResources(const std::string &containerID,
+                                  const runtime::v1alpha2::LinuxContainerResources &resources, Errors &error) override;
+```
+
+### RuntimeManagerService
+
+```c
+void UpdateRuntimeConfig(const runtime::v1alpha2::RuntimeConfig &config, Errors &error) override;
+
+// 对应crictl info
+auto Status(Errors &error) -> std::unique_ptr<runtime::v1alpha2::RuntimeStatus> override;
+```
+
+### ImageManagerService
+
+```c
+void ListImages(const runtime::v1alpha2::ImageFilter &filter, std::vector<std::unique_ptr<runtime::v1alpha2::Image>> *images, Errors &error) override; std::unique_ptr<runtime::v1alpha2::Image> ImageStatus(const runtime::v1alpha2::ImageSpec &image, Errors &error) override;
+
+std::string PullImage(const runtime::v1alpha2::ImageSpec &image, const runtime::v1alpha2::AuthConfig &auth, Errors &error) override;
+
+void RemoveImage(const runtime::v1alpha2::ImageSpec &image, Errors &error) override;
+
+void ImageFsInfo(std::vector<std::unique_ptr<runtime::v1alpha2::FilesystemUsage>> *usages, Errors &error) override
+```
+
+
+
+## isula_rt_ops模块
+
+```c
+// 检测runtime是否为isula_rt_ops模块处理的目标runtime
+bool rt_isula_detect(const char *runtime);
+
+int rt_isula_create(const char *name, const char *runtime, const rt_create_params_t *params);
+
+int rt_isula_start(const char *name, const char *runtime, const rt_start_params_t *params, pid_ppid_info_t *pid_info);
+
+// restart not implemented
+int rt_isula_restart(const char *name, const char *runtime, const rt_restart_params_t *params);
+
+int rt_isula_clean_resource(const char *name, const char *runtime, const rt_clean_params_t *params);
+
+int rt_isula_rm(const char *name, const char *runtime, const rt_rm_params_t *params);
+
+int rt_isula_exec(const char *id, const char *runtime, const rt_exec_params_t *params, int *exit_code);
+
+int rt_isula_status(const char *name, const char *runtime, const rt_status_params_t *params,
+                    struct runtime_container_status_info *status);
+
+// isula attach not support on isulad-shim
+int rt_isula_attach(const char *id, const char *runtime, const rt_attach_params_t *params);
+
+int rt_isula_update(const char *id, const char *runtime, const rt_update_params_t *params);
+
+int rt_isula_pause(const char *id, const char *runtime, const rt_pause_params_t *params);
+
+int rt_isula_resume(const char *id, const char *runtime, const rt_resume_params_t *params);
+
+// isula top/listpids not support on isulad-shim
+int rt_isula_listpids(const char *name, const char *runtime, const rt_listpids_params_t *params,
+                      rt_listpids_out_t *out);
+
+int rt_isula_resources_stats(const char *name, const char *runtime, const rt_stats_params_t *params,
+                             struct runtime_container_resources_stats_info *rs_stats);
+// rt_isula_resize not impl
+int rt_isula_resize(const char *id, const char *runtime, const rt_resize_params_t *params);
+
+int rt_isula_exec_resize(const char *id, const char *runtime, const rt_exec_resize_params_t *params);
+
+int rt_isula_kill(const char *id, const char *runtime, const rt_kill_params_t *params);
+
+```
+
+
+
+# 详细设计
+
+## create 实现流程
+
+isulad端：
+
+1. 创建process文件：create_process_json_file();
+2. 获得runtime二进制：get_runtime_cmd(runtime, &cmd);
+3. 利用两次fork()创建isulad-shim进程， 此时的isulad-shim进程是1号进程的子进程，与isulad无父子关系:shim_create();
+4. 若shim创建成功则直接返回成功，若失败则调用runtime_call_delete_force()将容器进程都force delete。
+
+isulad-shim端：
+
+1. 根据解析process文件新建一个process，new_process()；
+2. 开启exit_fifo：open_no_inherit("exit_fifo", O_WRONLY, -1);
+3. 为io_copy创建io_epoll_loop线程：process_io_init();
+4. 创建进行io copy的线程，并将isulad的console与runtime的console连接起来:open_io();
+5. 创建运行runtime的子进程，获得容器中进程的pid，create_process();
+6. 循环wait子进程，直到wait到的子进程为容器进程pid则退出shim进程，process_signal_handle_routine();
+
+## exec 实现流程
+
+isulad端：
+
+1. 创建process文件：create_process_json_file();
+2. 获得runtime二进制：get_runtime_cmd(runtime, &cmd);
+3. 若`--detach=false`，直接fork()创建isulad-shim进程，此时的isulad-shim进程是isulad进程的子进程，isulad进程wait等待isulad-shim进程退出；若-`-detach=true`，则与create一样，创建独立的isulad-shim进程:shim_create();
+4. 循环读取pid文件获得容器进程id说明exec命令成功，get_container_process_pid。
+
+isulad-shim端：
+
+1. 根据解析process文件新建一个process，new_process()；
+2. 为io_copy创建io_epoll_loop线程：process_io_init();
+3. 创建进行io copy的线程，并将isulad的console与runtime的console连接起来:open_io();
+4. 创建运行runtime的子进程，获得容器中进程的pid，create_process();
+5. 循环wait子进程，直到wait到的子进程为容器进程pid则退出shim进程，process_signal_handle_routine();
+
+
+
+## start 实现流程
+
+isulad端：
+
+1. 分别读取pid以及shim-pid文件获得容器进程pid以及isulad-shim pid；
+2. 依次获得容器进程以及isulad-shim进程的proc信息：util_get_process_proc_info();
+3. 根据proc信息为pid_ppid_info_t结构体赋值；
+4. 直接调用runc二进制start容器：runtime_call_simple();
+5. 之后isulad根据监听exit_fifo_fd，感知容器是否退出，从而更新容器状态。
+
+其他子命令与satrt类似，均是调用runtime_call_simple()函数直接调用runc二进制，此处不再赘述。
+
+
+
+## 流程图
+
+### isulad与isulad-shim交互流程图
+
+![isulad_shim_flow_chart](../../../images/isulad_shim_flow_chart.svg)
diff --git a/docs/images/isulad_shim_flow_chart.svg b/docs/images/isulad_shim_flow_chart.svg
new file mode 100755
index 00000000..9a509b80
--- /dev/null
+++ b/docs/images/isulad_shim_flow_chart.svg
@@ -0,0 +1,16 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 2639.476104494126 3305.9641492328947" width="2639.476104494126" height="3305.9641492328947">
+  <!-- svg-source:excalidraw -->
+  
+  <defs>
+    <style class="style-fonts">
+      @font-face {
+        font-family: "Virgil";
+        src: url("https://excalidraw.com/Virgil.woff2");
+      }
+      @font-face {
+        font-family: "Cascadia";
+        src: url("https://excalidraw.com/Cascadia.woff2");
+      }
+    </style>
+  </defs>
+  <rect x="0" y="0" width="2639.476104494126" height="3305.9641492328947" fill="#ffffff"></rect><g stroke-linecap="round" transform="translate(1275.9641960991746 11.21154906257766) rotate(0 120.37038167317712 60.37036471896701)"><path d="M6.04 41.03 C6.04 41.03, 6.04 41.03, 6.04 41.03 M6.04 41.03 C6.04 41.03, 6.04 41.03, 6.04 41.03 M1.89 50.28 C10.86 41.95, 17.89 34.75, 23.14 27.57 M3.36 49.86 C9.94 41.26, 16.81 33.63, 23.19 26.46 M2.54 56.73 C12.6 45.58, 26.28 30.71, 31.39 24.81 M1.92 56.91 C8.58 49.78, 15.58 42.06, 31.04 24.48 M1.23 65.98 C11.64 51.97, 21.31 39.65, 40.11 19.77 M2.19 65.46 C8.16 55.41, 16.46 46.9, 40.01 19.8 M4 68.85 C20.81 48.94, 38.12 29.76, 47.91 16.27 M2.31 69.06 C12.43 57.87, 21.63 46.91, 48.45 16.81 M6.97 71.12 C24.21 49.61, 42.44 27.46, 57.14 13.91 M5.77 71.54 C20.4 56.65, 34.51 40.03, 55.67 14.45 M7.16 77.05 C21.69 59.96, 33.11 46.63, 66.65 9.53 M7.44 76.75 C26.03 53, 46.55 30.86, 66.95 7.03 M7.98 78.68 C24.92 62.79, 38.95 46.19, 73.6 4.93 M9.28 81.19 C34.63 50.29, 60.3 21.48, 72.53 6.18 M10.8 83.67 C33.46 59.32, 53.79 33.88, 77.26 6.49 M11.09 84.09 C24.41 68.62, 37.8 52.56, 79.62 5.78 M11.75 89.35 C33.51 64.11, 55.5 35.61, 86.75 6.6 M11.64 88.79 C34.48 63.32, 55.42 39.62, 85.43 5.67 M13.96 89.29 C33.55 69.98, 48.72 50.45, 89.23 6.47 M15.99 91.52 C43.46 58.24, 74.65 23.12, 91.5 3.71 M17.75 90.86 C34 73.63, 50.54 52.08, 97.35 2.88 M19.98 92.32 C49.65 59.37, 77.28 24.76, 96.42 2.88 M24.14 94.04 C52.6 58.44, 83.42 22.22, 104.83 0.34 M22.96 96.1 C39.82 74, 58.18 55.87, 103.62 2.62 M27.64 97.48 C55.75 63.72, 82.18 33.9, 110.64 1.56 M26.76 97.94 C57.02 61.68, 87.45 28.54, 108.72 1.67 M30.54 99.84 C49.38 78.06, 67.01 54.13, 115.15 2.31 M29.24 98.75 C51.87 72.51, 74.69 47.07, 113.97 2.17 M33.05 100.29 C56.49 73.75, 84.94 43.48, 117.61 4.46 M32.6 101.09 C50.74 79.46, 69.05 58.35, 118.92 3 M37.44 105.13 C64.33 72.28, 88.06 42.13, 124.51 3.82 M36.8 104 C68.28 66.77, 100.85 28.2, 122.98 2.88 M39.67 107.84 C63.82 78.55, 88.08 51.23, 126.91 2.67 M39.34 106.36 C62.68 81.54, 83.94 55.45, 127.99 3.2 M44.79 107.88 C72.42 75.48, 102.65 42.25, 133.41 4.35 M43.94 107.98 C77.9 68.06, 111.98 28.09, 133.39 3.87 M47.22 110 C71.18 81.78, 90.35 54.78, 137.59 4.55 M47.02 108.19 C82.35 67.85, 118.38 28.09, 138.94 2.93 M53.59 108.33 C78.84 80.12, 105.77 48.44, 143.65 5.16 M51.71 110.19 C88.06 68.63, 121.49 28.5, 144.46 3.62 M56.19 111.66 C92.14 71.79, 124.59 32.47, 148.45 2.53 M55.62 111.63 C84.46 80.8, 111.43 49.27, 149.22 5 M62.6 113.02 C80.86 88.25, 101.34 63.36, 155.8 4.57 M61.57 112.48 C89.81 79.16, 120.8 44.76, 154.35 4.24 M63.77 112.5 C85.9 90.21, 102.66 66.37, 160.64 5.8 M64 113.09 C93.7 80.53, 120.73 46.21, 160.29 4.05 M67.63 114.79 C104.16 75.61, 137.91 35.07, 164.51 6.41 M67.71 116.07 C99.48 80.37, 130.97 45.3, 164.47 4.94 M73.86 116.99 C100.06 85.73, 128.6 52.73, 169.08 5.82 M72.9 117.34 C96.05 90.02, 118.78 64.02, 168.07 7.11 M76.16 117.95 C99.06 91.99, 120.48 65.46, 175.07 7.03 M76.66 117.78 C98.72 93.57, 122.31 67.65, 173.1 8.03 M81.06 118.09 C116.48 76.4, 154.63 33.96, 176.37 9.36 M81.95 118.26 C118.09 77.25, 154.15 35.09, 175.81 9.54 M84.79 121.66 C119.09 78.46, 154.74 38.54, 182.88 12.33 M85.73 120.29 C108.94 95.16, 131.76 67.99, 181.73 10.93 M88.73 119.83 C125.67 81.58, 160.3 41, 186.79 12.94 M90.66 120.33 C124.97 81.45, 158.6 41.8, 185.13 10.56 M95.74 122.3 C128.89 87.13, 156.7 48.83, 188.69 14.23 M94.57 121.64 C119.41 93.74, 144.62 64.83, 189.4 13.68 M99.56 122.01 C135.61 81.43, 172.6 40.5, 193.75 15.87 M100.1 120.39 C121.23 97.7, 141.09 74.55, 194.43 15.27 M107.05 120.56 C140.95 80.2, 174.41 42.64, 195.97 17.44 M106.24 121.23 C139.23 82.3, 173.91 42.41, 197.07 14.66 M110.36 122.46 C136.63 89.96, 163.86 57.31, 202.33 17.01 M110.6 120.91 C143.24 85.42, 172.75 50.83, 200.48 18.35 M114.45 122.94 C143.04 90.12, 172.68 60.99, 206.29 20.44 M116.24 122.33 C146.51 86.65, 175.64 52.27, 205.92 18.63 M121.95 122.04 C142.43 101.06, 163.15 75.65, 207.37 21.23 M120.69 121.95 C150.5 87.02, 182.66 51.18, 207.46 21.64 M127.36 121.42 C149.23 96.83, 170.69 72.3, 210.57 23.51 M125.39 122.81 C152.53 93.76, 180.49 62.15, 21
\ No newline at end of file
diff --git a/docs/images/k8s_isulad_flow_chart.svg b/docs/images/k8s_isulad_flow_chart.svg
new file mode 100644
index 00000000..700b5b6d
--- /dev/null
+++ b/docs/images/k8s_isulad_flow_chart.svg
@@ -0,0 +1,16 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 3462.3616612952683 2251.06399129264" width="3462.3616612952683" height="2251.06399129264">
+  <!-- svg-source:excalidraw -->
+  
+  <defs>
+    <style class="style-fonts">
+      @font-face {
+        font-family: "Virgil";
+        src: url("https://excalidraw.com/Virgil.woff2");
+      }
+      @font-face {
+        font-family: "Cascadia";
+        src: url("https://excalidraw.com/Cascadia.woff2");
+      }
+    </style>
+  </defs>
+  <rect x="0" y="0" width="3462.3616612952683" height="2251.06399129264" fill="#ffffff"></rect><g stroke-linecap="round" transform="translate(10 426.72821970161084) rotate(0 114.66664632161451 28.444442749023438)"><path d="M14.22 0 M14.22 0 C79.83 -1.12, 143.72 1.4, 215.11 0 M14.22 0 C77.56 -0.01, 143.17 0.24, 215.11 0 M215.11 0 C222.69 -0.84, 227.86 3.71, 229.33 14.22 M215.11 0 C223.07 -1.37, 229.04 3.28, 229.33 14.22 M229.33 14.22 C228.93 22.26, 229.24 31.61, 229.33 42.67 M229.33 14.22 C228.2 22.06, 228.6 30.74, 229.33 42.67 M229.33 42.67 C228.13 52.02, 226.01 57.31, 215.11 56.89 M229.33 42.67 C229.34 51.47, 225.64 54.98, 215.11 56.89 M215.11 56.89 C163.47 53.75, 111.67 56.61, 14.22 56.89 M215.11 56.89 C142.48 58.69, 70.15 59.07, 14.22 56.89 M14.22 56.89 C3.3 56.27, -0.37 52.87, 0 42.67 M14.22 56.89 C2.98 56.38, 1.33 50.08, 0 42.67 M0 42.67 C1.38 37.02, -0.48 28.91, 0 14.22 M0 42.67 C0.19 33.27, -0.48 21.49, 0 14.22 M0 14.22 C-1.79 3.31, 4.07 1.46, 14.22 0 M0 14.22 C-1.81 3.23, 4.71 0.84, 14.22 0" stroke="#000000" stroke-width="1" fill="none"></path></g><g transform="translate(89.81668599446584 443.1726624506343) rotate(0 34.84996032714844 12)"><text x="34.84996032714844" y="0" font-family="Virgil, Segoe UI Emoji" font-size="20px" fill="#000000" text-anchor="middle" style="white-space: pre;" direction="ltr" dominant-baseline="text-before-edge">kubelet</text></g><g stroke-linecap="round" transform="translate(45.64646402994822 289.77870671900155) rotate(0 88.5 30)"><path d="M-0.17 27.68 C-0.17 27.68, -0.17 27.68, -0.17 27.68 M-0.17 27.68 C-0.17 27.68, -0.17 27.68, -0.17 27.68 M1.49 30.75 C8.04 27.97, 8.62 21.39, 17.32 14.82 M2.17 30.3 C5.32 25.8, 9.86 22.15, 16.05 14.84 M3.7 33.81 C7.62 27.65, 13.9 21.78, 23.55 11.17 M4.57 36.1 C10 29.05, 14.1 21.72, 23.86 12.79 M5.78 40.8 C11.64 32.98, 20.16 23.51, 30.81 9.5 M5.4 38.34 C13.66 31.12, 19.56 22.21, 29.98 9.66 M10.08 43.49 C19.08 28.74, 31.27 18.28, 38.37 8.85 M8.15 42.88 C17.24 33.01, 25.22 22.23, 37.98 7.67 M12.19 45.4 C22.73 33.84, 30.89 21.63, 48.26 4.38 M12.02 44.34 C21.59 33.29, 32.01 22.67, 46.35 5.41 M16.75 47.66 C21.54 37.62, 32.64 27.04, 53.16 5.76 M15.94 44.72 C26.45 34.09, 36.55 24.37, 52.61 5.15 M20.03 48.39 C26.48 38.09, 35.5 30.52, 59.52 2.72 M19.33 47.63 C32.89 33.26, 43.22 19.83, 58.53 3.11 M23.1 47.55 C32.91 36.21, 45.43 22.35, 64.83 3.02 M23.46 49.98 C34.26 37.53, 45.29 24.27, 63.73 4.28 M26.41 50.37 C39.19 35.44, 55.17 22.36, 70.16 1.51 M28.2 50.12 C36.49 39.27, 44.32 30.4, 68.3 2.3 M33 50.42 C40 42, 50.15 30.4, 74.04 4.3 M31.44 51.86 C39.82 42.76, 49.46 32.67, 74.88 2.41 M34.33 53.29 C48.04 37.86, 58.88 25.26, 78.32 0.84 M35.08 54.82 C51.01 37.23, 66.64 18.93, 80.74 2.4 M38.19 54.88 C58.16 33.77, 76.23 14.32, 86.04 0.08 M39.17 55.66 C51.16 41.6, 63.44 27.58, 85.83 1.51 M45.91 54.37 C56.94 40.46, 72.43 24.25, 90.68 3.35 M45.26 55.79 C55.53 43.8, 66.23 30.08, 90.2 2.17 M49.57 55.04 C62.04 39.93, 78.46 21.62, 96.61 1.43 M47.85 57.01 C62.35 42, 73.35 27.83, 96.64 1.88 M53.19 56.68 C66.64 44.97, 77.61 28.82, 100.42 4.01 M53.69 58.73 C72.17 36.28, 89.64 16.95, 102.23 1.46 M55.94 58.66 C77.16 38.94, 93.12 18.3, 105.35 2.47 M57.28 59.89 C72.08 42.29, 87.36 23.27, 106.91 2.68 M63.35 58.59 C75.17 42.18, 91.07 26.89, 112.59 1.09 M62.16 60.41 C73.77 47.67, 83.02 35.02, 110.99 2.24 M66.57 59.48 C81.85 43.91, 98.54 23.54, 115.74 4.37 M66.45 61.13 C84.6 40, 102.96 20.29, 115.81 3.91 M72.8 60.53 C84.53 44.07, 102.22 28.07, 122.74 5.18 M71.41 61.47 C90.19 40.01, 109.41 18.36, 121.84 3.53 M75.27 61.84 C90.4 48.02, 101.31 34.1, 126.4 4.12 M77.63 60.89 C87.76 49.34, 99.22 35.06, 127.41 3.14 M83.09 60.49 C92.96 49.43, 101.25 36.54, 130.31 6.18 M83.04 61.84 C93.39 48.48, 103.14 36.3, 130.77 4.47 M87.06 62.15 C103.74 42.92, 116.69 26.57, 135.26 7.05 M86.98 60.18 C105.44 40.57, 122.48 19.7, 134.75 6.08 M92.98 58.52 C106.42 42.92, 123.81 25.56, 140.57 7.06 M93.59 59.35 C105.07 47.08, 117.35 33.23, 140.28 8.05 M97.46 61.13 C116.16 38.17, 133.07 17.87, 141.94 6.76 M97.91 61.11 C114.18 42.67, 127.88 25.6, 144.36 8.48 M103.79 59.25 C117 47.62, 128.74 30.19, 148.63 7.83 M103.86 60
\ No newline at end of file
diff --git a/docs/manual/README_zh.md b/docs/manual/README_zh.md
index 8de5604b..1f3f37f8 100644
--- a/docs/manual/README_zh.md
+++ b/docs/manual/README_zh.md
@@ -22,4 +22,8 @@ Device Mapper 是一个基于内核的框架，它支持 Linux 上的许多高
 
 ## isula search使用指南
 
-关于如何使用isula search请参考[isula_search](isula_search_zh.md)
\ No newline at end of file
+关于如何使用isula search请参考[isula_search](isula_search_zh.md)
+
+## runc使用指南
+
+关于如何在isulad中使用runc请参考[runc_config](runc_config_zh.md)
\ No newline at end of file
diff --git a/docs/manual/runc_config_zh.md b/docs/manual/runc_config_zh.md
new file mode 100644
index 00000000..003cd2c5
--- /dev/null
+++ b/docs/manual/runc_config_zh.md
@@ -0,0 +1,134 @@
+# runc使用指南
+本文主要是指导iSulad社区开发者和使用者，如何配置isulad使用runc作为runtime创建容器。
+
+## 一、runc的安装
+
+`tips`: 在安装runc之前需要安装好go环境。
+
+isulad当前推荐的runc验证版本为v1.0.0-rc5。
+
+runc可以使用以下两种安装方式：
+
+1. 直接使用包管理器安装runc:
+
+```sh
+# centOS
+sudo yum install runc
+# Ubuntu
+sudo apt-get install runc
+```
+
+2. 源码编译安装runc（注意建议切换成isulad推荐的runc版本：`git checkout v1.0.0-rc5`）
+
+```sh
+# 在GOPATH/src下创建 'github.com/opencontainers' 文件夹 
+cd github.com/opencontainers
+git clone https://github.com/opencontainers/runc
+cd runc
+
+make
+sudo make install
+```
+
+还可以使用go get安装到`GOPATH`路径下（需要在GOPATH/src下创建github.com父文件夹）：
+
+```sh
+go get github.com/opencontainers/runc
+cd $GOPATH/src/github.com/opencontainers/runc
+make
+sudo make install
+```
+
+最终安装好的runc会在`/usr/local/sbin/runc`目录下。
+
+##   二、配置iSulad使用runc
+
+### 配置文件配置
+
+1. 修改isulad的daemon.json，配置isulad默认使用的runtime。
+
+```sh
+$ vim /etc/isulad/daemon.json
+	...
+   "default-runtime": "runc"
+    ...
+```
+
+2. 也可以在配置文件中配置runtimes，在其中指定使用的`path`(用于修改isulad使用的runc路径)以及`runtime-args`(对runtime所有命令配置的参数)。
+
+```sh
+"runtimes": {
+            "runc": {
+                    "path": "/usr/local/sbin/runc",
+                    "runtime-args": [
+                    ]
+            }
+    },
+```
+
+之后使用root权限启动isulad服务，使修改后的配置生效即可：
+
+```sh
+$ sudo isulad
+```
+
+### 单个容器配置
+
+使用`--runtime=runc`启动一个runtime为runc的容器。
+
+```sh
+isula run -tid -n test --runtime=runc busybox sh
+```
+
+## 三、K8s中配置pod的runtime为runc
+
+如何与kubernetes集成请参考[k8s_integration](https://gitee.com/openeuler/iSulad/blob/master/docs/manual/k8s_integration_zh.md)。
+
+### 全局配置
+
+直接参照第二节中配置文件配置的方式修改isulad默认使用的runtime为runc，则后续使用k8s启动容器时会默认使用的runtime即为runc。
+
+### 使用RuntimeClass配置
+
+RuntimeClass 是K8s的一种内置集群资源，是一种容器运行时配置，用于运行pod中的容器。
+
+1. 在`/etc/isulad/daemon.json`中配置`isulad`：
+
+   ```json
+   "runtimes": {
+               "runc-runtime": {
+                       "path": "/usr/local/sbin/runc",
+                       "runtime-args": [
+                       ]
+               }
+       },
+   ```
+
+2. 定义 `runc-runtime.yaml`，例如创建一个`runc-runtime.yaml`内容如下：(注意handler需要与daemon.json中的名称一致)
+
+   ```yamlapiVersion: v1
+   apiVersion: node.k8s.io/v1beta1
+   kind: RuntimeClass
+   metadata:
+     name: runc-runtime
+   handler: runc-runtime
+   ```
+
+   之后运行`kubectl apply -f runc-runtime.yaml`命令在kubectl中让这个配置生效。
+
+3. 之后在创建pod时，可以在其定义的yaml文件中的`spec.runtimeClassName`中设置pod使用的runtime：
+
+```yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  name: runc-pod-example
+spec:
+  runtimeClassName: runc-runtime
+  containers:
+  - name: runc-pod
+    image: busybox:latest
+    command: ["/bin/sh"]
+    args: ["-c", "sleep 1000"]
+```
+
-- 
2.25.1