From 47b2d21967d03bc60b7774b7141b1b33a28dac3c Mon Sep 17 00:00:00 2001
From: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Date: Mon, 2 Dec 2024 16:09:21 +0900
Subject: [PATCH] [WIP] website: enhance container examples

- Add Rootful mode
- Add Podman
- Add eStargz

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
---
 website/content/en/docs/examples/_index.md    |  34 +-----
 .../content/en/docs/examples/containers.md    | 108 ++++++++++++++++++
 2 files changed, 113 insertions(+), 29 deletions(-)
 create mode 100644 website/content/en/docs/examples/containers.md

diff --git a/website/content/en/docs/examples/_index.md b/website/content/en/docs/examples/_index.md
index b67916a7c97..8bb1966de82 100644
--- a/website/content/en/docs/examples/_index.md
+++ b/website/content/en/docs/examples/_index.md
@@ -22,40 +22,16 @@ Specifying `--mount-type=virtiofs` is not necessary here, but it is highly recom
 for the best performance and stability.
 
 ## Running containers
-{{< tabpane text=true >}}
 
-{{% tab header="containerd" %}}
-```bash
-nerdctl.lima run -d --name nginx -p 127.0.0.1:8080:80 nginx:alpine
-```
-{{% /tab %}}
-
-{{% tab header="Docker" %}}
-```bash
-limactl start template://docker
-export DOCKER_HOST=$(limactl list docker --format 'unix://{{.Dir}}/sock/docker.sock')
-docker run -d --name nginx -p 127.0.0.1:8080:80 nginx:alpine
-```
-{{% /tab %}}
+Lima comes with the built-in integration for [containerd](https://containerd.io) and
+[nerdctl](https://github.com/containerd/nerdctl) (contaiNERD CTL):
 
-{{% tab header="Kubernetes" %}}
 ```bash
-limactl start template://k8s
-export KUBECONFIG=$(limactl list k8s --format 'unix://{{.Dir}}/copied-from-guest/kubeconfig.yaml')
-kubectl apply -f ...
+nerdctl.lima run -d --name nginx -p 127.0.0.1:8080:80 nginx:alpine
 ```
-{{% /tab %}}
-
-{{< /tabpane >}}
-
-- <http://127.0.0.1:8080> is accessible from the host, as well as from the VM.
-
-- For the usage of containerd and nerdctl (contaiNERD ctl), visit <https://github.com/containerd/containerd>
-and <https://github.com/containerd/nerdctl>.
+<http://127.0.0.1:8080> is accessible from the host, as well as from the VM.
 
-- If you have installed Lima by `make install`, the `nerdctl.lima` command is also available as `nerdctl`.
-  If you have installed Lima by `brew install lima`, you may make an alias (or a symlink) by yourself:
-  `alias nerdctl=nerdctl.lima`
+See also the [Containers](./containers) page for other examples such as using Docker and Kubernetes.
 
 ## Advanced configuration
 
diff --git a/website/content/en/docs/examples/containers.md b/website/content/en/docs/examples/containers.md
new file mode 100644
index 00000000000..5c32b45a5d5
--- /dev/null
+++ b/website/content/en/docs/examples/containers.md
@@ -0,0 +1,108 @@
+---
+title: Containers
+weight: 5
+---
+
+## Running containers
+{{< tabpane text=true >}}
+
+{{% tab header="containerd" %}}
+{{< tabpane text=true >}}
+{{% tab header="Rootless" %}}
+```bash
+lima nerdctl run -d --name nginx -p 127.0.0.1:8080:80 nginx:alpine
+```
+
+or
+
+```bash
+nerdctl.lima run -d --name nginx -p 127.0.0.1:8080:80 nginx:alpine
+```
+{{% /tab %}}
+{{% tab header="Rootful" %}}
+```bash
+lima sudo systemctl enable --now containerd
+lima sudo nerdctl run -d --name nginx -p 127.0.0.1:8080:80 nginx:alpine
+```
+{{% /tab %}}
+{{< /tabpane >}}
+
+- For the usage of containerd and nerdctl (contaiNERD ctl), visit <https://github.com/containerd/containerd>
+and <https://github.com/containerd/nerdctl>.
+
+- If you have installed Lima by `make install`, the `nerdctl.lima` command is also available as `nerdctl`.
+  If you have installed Lima by `brew install lima`, you may make an alias (or a symlink) by yourself:
+  `alias nerdctl=nerdctl.lima`
+
+{{% /tab %}}
+
+{{% tab header="Docker" %}}
+{{< tabpane text=true >}}
+{{% tab header="Rootless" %}}
+```bash
+limactl start template://docker
+export DOCKER_HOST=$(limactl list docker --format 'unix://{{.Dir}}/sock/docker.sock')
+docker run -d --name nginx -p 127.0.0.1:8080:80 nginx:alpine
+```
+{{% /tab %}}
+{{% tab header="Rootful" %}}
+TBD
+{{% /tab %}}
+{{< /tabpane >}}
+{{% /tab %}}
+
+{{% tab header="Podman" %}}
+{{< tabpane text=true >}}
+{{% tab header="Rootless" %}}
+TBD
+{{% /tab %}}
+{{% tab header="Rootful" %}}
+TBD
+{{% /tab %}}
+{{< /tabpane >}}
+{{% /tab %}}
+
+
+{{% tab header="Kubernetes" %}}
+{{< tabpane text=true >}}
+{{% tab header="kubeadm" %}}
+```bash
+limactl start template://k8s
+export KUBECONFIG=$(limactl list k8s --format 'unix://{{.Dir}}/copied-from-guest/kubeconfig.yaml')
+kubectl apply -f ...
+```
+{{% /tab %}}
+{{% tab header="k3s" %}}
+TBD
+{{% /tab %}}
+{{< /tabpane >}}
+{{% /tab %}}
+
+{{< /tabpane >}}
+
+- <http://127.0.0.1:8080> is accessible from the host, as well as from the VM.
+
+## Accelerating pulls with eStargz
+
+WIP
+
+```console
+
+$ time nerdctl --snapshotter=overlayfs run -it --rm ghcr.io/stargz-containers/python:3.7-org python3 -c 'print("hi")'
+[...]
+hi
+
+real	0m33.505s
+user	0m2.962s
+sys	0m6.629s
+```
+
+```console
+$ time nerdctl --snapshotter=stargz run -it --rm ghcr.io/stargz-containers/python:3.7-esgz python3 -c 'print("hi")'
+[...]
+hi
+
+real	0m12.335s
+user	0m0.469s
+sys	0m0.522s
+```