From 40d33949185fde5fb8d92f1501214a8364b36235 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= <fabiano@fidencio.org>
Date: Thu, 10 Nov 2022 11:31:39 +0100
Subject: [PATCH] quickstart: Add a note about Enclave CC limitations with Kind
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Enclave CC requires the Kind cluster to be prepared with
`/opt/confidential-containers` to **not** be mounted on an overlayfs,
but rather being part of the `hostPath` mount.

Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
---
 quickstart.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/quickstart.md b/quickstart.md
index f971fb9..a8c1de4 100644
--- a/quickstart.md
+++ b/quickstart.md
@@ -36,6 +36,9 @@ get using `ansible-galaxy colection install community.docker`.
 > **Note** You can also use a Kind or Minikube cluster with containerd runtime to try out the CoCo stack
 for development purposes.  Make sure to use the `kata-clh` runtime class for your workloads when using Kind or
 Minikube, [as QEMU is known to **not** be working with Kind or Minikube](https://github.com/confidential-containers/operator/issues/124).
+Also, with the `enclave-cc` runtime class, the cluster must be prepared so that `/opt/confidential-containers`
+on the worker nodes is **not** on an overlayfs mount but the path is a `hostPath` mount (see
+[a sample configuration](https://github.com/confidential-containers/operator/blob/cf6a4f38114f7c5b71daec6cb666b1b40bcea140/tests/e2e/enclave-cc-kind-config.yaml#L6-L8))
 
 ## Prerequisites