github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-16 06:18:58 +00:00
Code Issues Projects Releases Wiki Activity

agent,runtime-rs: refactor process io using vsock fd passthrough feature

Browse Source 
Currently in the kata container, every io read/write operation requires
an RPC request from the runtime to the agent. This process involves
data copying into/from an RPC request/response, which are high overhead.

To solve this issue, this commit utilize the vsock fd passthrough, a
newly introduced feature in the Dragonball hypervisor. This feature
allows other host programs to pass a file descriptor to the Dragonball
process, directly as the backend of an ordinary hybrid vsock connection.

The runtime-rs now utilizes this feature for container process io. It
open the stdin/stdout/stderr fifo from containerd, and pass them to
Dragonball, then don't bother with process io any more, eliminating
the need for an RPC for each io read/write operation.

In passfd io mode, the agent uses the vsock connections as the child
process's stdin/stdout/stderr, eliminating the need for a pipe
to bump data (in non-tty mode).

Fixes: #6714

Signed-off-by: Zixuan Tan <tanzixuan.me@gmail.com>
This commit is contained in:
Zixuan Tan
2023-07-28 16:52:38 +08:00
parent eb6bb6fe0d
commit 442df71fe5
25 changed files with 603 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/libs/protocols/protos/agent.proto
View File

@@ -93,6 +93,14 @@ message CreateContainerRequest {
// This field is used to declare a set of shared mount points
// that support cross-container sharing of mount objects.
repeated SharedMount shared_mounts = 8;
// These fields are the host-side vport numbers of passfd streams
// pre-created by runtime-rs, and used as identifiers for the agent
// to select the right streams for init process's stdin/stdout/stderr.
// Disable the feature by setting the associated port to 0.
uint32 stdin_port = 9;
uint32 stdout_port = 10;
uint32 stderr_port = 11;
}
message StartContainerRequest {
@@ -115,6 +123,14 @@ message ExecProcessRequest {
string exec_id = 2;
StringUser string_user = 3;
Process process = 4;
// These fields are the host-side vport numbers of passfd streams
// pre-created by runtime-rs, and used as identifiers for the agent
// to select the right streams for process's stdin/stdout/stderr.
// Disable the feature by setting the associated port to 0.
uint32 stdin_port = 5;
uint32 stdout_port = 6;
uint32 stderr_port = 7;
}
message SignalProcessRequest {