github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-11-03 11:00:05 +00:00
Code Issues Projects Releases Wiki Activity

Kata-deploy: Add kata-deploy set up for qemu-cca

Browse Source 
Support launch qemu-cca in Kata-deploy.

Signed-off-by: Kevin Zhao <kevin.zhao@linaro.org>
This commit is contained in:
Kevin Zhao
2025-08-25 03:10:53 +00:00
parent af919686ab
commit 141070b388
8 changed files with 44 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/runtime/Makefile
View File

@@ -182,6 +182,9 @@ QEMUTDXVALIDHYPERVISORPATHS := [\"$(QEMUTDXPATH)\"]
QEMUTDXEXPERIMENTALPATH := $(QEMUBINDIR)/$(QEMUTDXEXPERIMENTALCMD) QEMUTDXEXPERIMENTALPATH := $(QEMUBINDIR)/$(QEMUTDXEXPERIMENTALCMD)
QEMUTDXEXPERIMENTALVALIDHYPERVISORPATHS := [\"$(QEMUTDXEXPERIMENTALPATH)\"] QEMUTDXEXPERIMENTALVALIDHYPERVISORPATHS := [\"$(QEMUTDXEXPERIMENTALPATH)\"]
QEMUCCAEXPERIMENTALPATH := $(QEMUBINDIR)/$(QEMUCCAEXPERIMENTALCMD)
QEMUCCAEXPERIMENTALVALIDHYPERVISORPATHS := [\"$(QEMUCCAEXPERIMENTALPATH)\"]
QEMUTDXQUOTEGENERATIONSERVICESOCKETPORT := 4050 QEMUTDXQUOTEGENERATIONSERVICESOCKETPORT := 4050
QEMUSNPPATH := $(QEMUBINDIR)/$(QEMUSNPCMD) QEMUSNPPATH := $(QEMUBINDIR)/$(QEMUSNPCMD)
@@ -697,15 +700,19 @@ USER_VARS += QEMUBINDIR
USER_VARS += QEMUCMD USER_VARS += QEMUCMD
USER_VARS += QEMUTDXCMD USER_VARS += QEMUTDXCMD
USER_VARS += QEMUTDXEXPERIMENTALCMD USER_VARS += QEMUTDXEXPERIMENTALCMD
USER_VARS += QEMUCCAEXPERIMENTALCMD
USER_VARS += QEMUSNPCMD USER_VARS += QEMUSNPCMD
USER_VARS += QEMUPATH USER_VARS += QEMUPATH
USER_VARS += QEMUTDXPATH USER_VARS += QEMUTDXPATH
USER_VARS += QEMUTDXEXPERIMENTALPATH USER_VARS += QEMUTDXEXPERIMENTALPATH
USER_VARS += QEMUTDXQUOTEGENERATIONSERVICESOCKETPORT USER_VARS += QEMUTDXQUOTEGENERATIONSERVICESOCKETPORT
USER_VARS += QEMUSNPPATH USER_VARS += QEMUSNPPATH
USER_VARS += QEMUCCAEXPERIMENTALPATH
USER_VARS += QEMUVALIDHYPERVISORPATHS USER_VARS += QEMUVALIDHYPERVISORPATHS
USER_VARS += QEMUTDXVALIDHYPERVISORPATHS USER_VARS += QEMUTDXVALIDHYPERVISORPATHS
USER_VARS += QEMUTDXEXPERIMENTALVALIDHYPERVISORPATHS USER_VARS += QEMUTDXEXPERIMENTALVALIDHYPERVISORPATHS
USER_VARS += QEMUCCAVALIDHYPERVISORPATHS
USER_VARS += QEMUCCAEXPERIMENTALVALIDHYPERVISORPATHS
USER_VARS += QEMUSNPVALIDHYPERVISORPATHS USER_VARS += QEMUSNPVALIDHYPERVISORPATHS
USER_VARS += QEMUVIRTIOFSCMD USER_VARS += QEMUVIRTIOFSCMD
USER_VARS += QEMUVIRTIOFSPATH USER_VARS += QEMUVIRTIOFSPATH

1
src/runtime/arch/arm64-options.mk
View File

@@ -11,6 +11,7 @@ MACHINEACCELERATORS :=
CPUFEATURES := pmu=off CPUFEATURES := pmu=off
QEMUCMD := qemu-system-aarch64 QEMUCMD := qemu-system-aarch64
QEMUCCAEXPERIMENTALCMD := qemu-system-aarch64-cca-experimental
QEMUFW := AAVMF_CODE.fd QEMUFW := AAVMF_CODE.fd
QEMUFWVOL := AAVMF_VARS.fd QEMUFWVOL := AAVMF_VARS.fd

7
src/runtime/config/configuration-qemu-cca.toml.in
View File

@@ -11,9 +11,10 @@
# XXX: Type: @PROJECT_TYPE@ # XXX: Type: @PROJECT_TYPE@
[hypervisor.qemu] [hypervisor.qemu]
path = "@QEMUPATH@" path = "@QEMUCCAEXPERIMENTALPATH@"
kernel = "@KERNELCONFIDENTIALPATH@" kernel = "@KERNELCONFIDENTIALPATH@"
initrd = "@INITRDCONFIDENTIALPATH@" image = "@IMAGECONFIDENTIALPATH@"
# initrd = "@INITRDCONFIDENTIALPATH@"
machine_type = "@MACHINETYPE@" machine_type = "@MACHINETYPE@"
# rootfs filesystem type: # rootfs filesystem type:
@@ -52,7 +53,7 @@ enable_annotations = @DEFENABLEANNOTATIONS@
# Each member of the list is a path pattern as described by glob(3). # Each member of the list is a path pattern as described by glob(3).
# The default if not set is empty (all annotations rejected.) # The default if not set is empty (all annotations rejected.)
# Your distribution recommends: @QEMUVALIDHYPERVISORPATHS@ # Your distribution recommends: @QEMUVALIDHYPERVISORPATHS@
valid_hypervisor_paths = @QEMUVALIDHYPERVISORPATHS@ valid_hypervisor_paths = @QEMUCCAEXPERIMENTALVALIDHYPERVISORPATHS@
# Optional space-separated list of options to pass to the guest kernel. # Optional space-separated list of options to pass to the guest kernel.
# For example, use `kernel_params = "vsyscall=emulate"` if you are having # For example, use `kernel_params = "vsyscall=emulate"` if you are having

2
tools/packaging/kata-deploy/helm-chart/README.md
View File

@@ -127,7 +127,7 @@ All values can be overridden with --set key=value or a custom `-f myvalues.yaml`
| `k8sDistribution` | Set the k8s distribution to use: `k8s`, `k0s`, `k3s`, `rke2`, `microk8s` | `k8s` | | `k8sDistribution` | Set the k8s distribution to use: `k8s`, `k0s`, `k3s`, `rke2`, `microk8s` | `k8s` |
| `nodeSelector` | Node labels for pod assignment. Allows restricting deployment to specific nodes | `{}` | | `nodeSelector` | Node labels for pod assignment. Allows restricting deployment to specific nodes | `{}` |
| `env.debug` | Enable debugging in the `configuration.toml` | `false` | | `env.debug` | Enable debugging in the `configuration.toml` | `false` |
| `env.shims` | List of shims to deploy | `clh cloud-hypervisor dragonball fc qemu qemu-coco-dev qemu-runtime-rs qemu-se-runtime-rs qemu-snp qemu-tdx stratovirt qemu-nvidia-gpu qemu-nvidia-gpu-snp qemu-nvidia-gpu-tdx` | | `env.shims` | List of shims to deploy | `clh cloud-hypervisor dragonball fc qemu qemu-coco-dev qemu-runtime-rs qemu-se-runtime-rs qemu-snp qemu-tdx stratovirt qemu-nvidia-gpu qemu-nvidia-gpu-snp qemu-nvidia-gpu-tdx qemu-cca` |
| `env.defaultShim` | The default shim to use if none specified | `qemu` | | `env.defaultShim` | The default shim to use if none specified | `qemu` |
| `env.createRuntimeClasses` | Create the k8s `runtimeClasses` | `true` | | `env.createRuntimeClasses` | Create the k8s `runtimeClasses` | `true` |
| `env.createDefaultRuntimeClass` | Create the default k8s `runtimeClass` | `false` | | `env.createDefaultRuntimeClass` | Create the default k8s `runtimeClass` | `false` |

2
tools/packaging/kata-deploy/helm-chart/kata-deploy/values.yaml
View File

@@ -13,7 +13,7 @@ k8sDistribution: "k8s"
nodeSelector: {} nodeSelector: {}
env: env:
debug: "false" debug: "false"
shims: "clh cloud-hypervisor dragonball fc qemu qemu-coco-dev qemu-runtime-rs qemu-se-runtime-rs qemu-snp qemu-tdx stratovirt qemu-nvidia-gpu qemu-nvidia-gpu-snp qemu-nvidia-gpu-tdx" shims: "clh cloud-hypervisor dragonball fc qemu qemu-coco-dev qemu-runtime-rs qemu-se-runtime-rs qemu-snp qemu-tdx stratovirt qemu-nvidia-gpu qemu-nvidia-gpu-snp qemu-nvidia-gpu-tdx qemu-cca"
defaultShim: "qemu" defaultShim: "qemu"
createRuntimeClasses: "true" createRuntimeClasses: "true"
createDefaultRuntimeClass: "false" createDefaultRuntimeClass: "false"

13
tools/packaging/kata-deploy/runtimeclasses/kata-qemu-cca.yaml Normal file
View File

@@ -0,0 +1,13 @@
---
kind: RuntimeClass
apiVersion: node.k8s.io/v1
metadata:
name: kata-qemu-cca
handler: kata-qemu-cca
overhead:
podFixed:
memory: "2048Mi"
cpu: "1"
scheduling:
nodeSelector:
katacontainers.io/kata-runtime: "true"

13
tools/packaging/kata-deploy/runtimeclasses/kata-runtimeClasses.yaml
View File

@@ -53,6 +53,19 @@ scheduling:
--- ---
kind: RuntimeClass kind: RuntimeClass
apiVersion: node.k8s.io/v1 apiVersion: node.k8s.io/v1
metadata:
name: kata-qemu-cca
handler: kata-qemu-cca
overhead:
podFixed:
memory: "2048Mi"
cpu: "1"
scheduling:
nodeSelector:
katacontainers.io/kata-runtime: "true"
---
kind: RuntimeClass
apiVersion: node.k8s.io/v1
metadata: metadata:
name: kata-qemu-coco-dev name: kata-qemu-coco-dev
handler: kata-qemu-coco-dev handler: kata-qemu-coco-dev

7
tools/packaging/kata-deploy/scripts/kata-deploy.sh
View File

@@ -35,7 +35,7 @@ info() {
DEBUG="${DEBUG:-"false"}" DEBUG="${DEBUG:-"false"}"
SHIMS="${SHIMS:-"clh cloud-hypervisor dragonball fc qemu qemu-coco-dev qemu-runtime-rs qemu-se-runtime-rs qemu-snp qemu-tdx stratovirt qemu-nvidia-gpu qemu-nvidia-gpu-snp qemu-nvidia-gpu-tdx"}" SHIMS="${SHIMS:-"clh cloud-hypervisor dragonball fc qemu qemu-coco-dev qemu-runtime-rs qemu-se-runtime-rs qemu-snp qemu-tdx stratovirt qemu-nvidia-gpu qemu-nvidia-gpu-snp qemu-nvidia-gpu-tdx qemu-cca"}"
IFS=' ' read -a shims <<< "$SHIMS" IFS=' ' read -a shims <<< "$SHIMS"
DEFAULT_SHIM="${DEFAULT_SHIM:-"qemu"}" DEFAULT_SHIM="${DEFAULT_SHIM:-"qemu"}"
default_shim="$DEFAULT_SHIM" default_shim="$DEFAULT_SHIM"
@@ -358,7 +358,8 @@ function adjust_qemu_cmdline() {
# The paths on the kata-containers tarball side look like: # The paths on the kata-containers tarball side look like:
# ${dest_dir}/opt/kata/share/kata-qemu/qemu # ${dest_dir}/opt/kata/share/kata-qemu/qemu
# ${dest_dir}/opt/kata/share/kata-qemu-snp-experimnental/qemu # ${dest_dir}/opt/kata/share/kata-qemu-snp-experimnental/qemu
[[ "${shim}" =~ ^(qemu-nvidia-gpu-snp|qemu-nvidia-gpu-tdx)$ ]] && qemu_share=${shim}-experimental # ${dest_dir}/opt/kata/share/kata-qemu-cca-experimental/qemu
[[ "${shim}" =~ ^(qemu-nvidia-gpu-snp|qemu-nvidia-gpu-tdx|qemu-cca)$ ]] && qemu_share=${shim}-experimental
# Both qemu and qemu-coco-dev use exactly the same QEMU, so we can adjust # Both qemu and qemu-coco-dev use exactly the same QEMU, so we can adjust
# the shim on the qemu-coco-dev case to qemu # the shim on the qemu-coco-dev case to qemu
@@ -476,7 +477,7 @@ function install_artifacts() {
sed -i -e "s|${default_dest_dir}|${dest_dir}|g" "${kata_config_file}" sed -i -e "s|${default_dest_dir}|${dest_dir}|g" "${kata_config_file}"
# Let's only adjust qemu_cmdline for the QEMUs that we build and ship ourselves # Let's only adjust qemu_cmdline for the QEMUs that we build and ship ourselves
[[ "${shim}" =~ ^(qemu|qemu-snp|qemu-nvidia-gpu|qemu-nvidia-gpu-snp|qemu-nvidia-gpu-tdx|qemu-se|qemu-coco-dev)$ ]] && \ [[ "${shim}" =~ ^(qemu|qemu-snp|qemu-nvidia-gpu|qemu-nvidia-gpu-snp|qemu-nvidia-gpu-tdx|qemu-se|qemu-coco-dev|qemu-cca)$ ]] && \
adjust_qemu_cmdline "${shim}" "${kata_config_file}" adjust_qemu_cmdline "${shim}" "${kata_config_file}"
fi fi
fi fi