github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-28 00:07:16 +00:00
Code Issues Projects Releases Wiki Activity

kata-deploy: add support for Cloud Hypervisor

Browse Source 
Add Cloud Hypervisor to kata-deploy.

Fixes: #808.

Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
This commit is contained in:
Salvador Fuentes 2019-11-15 16:05:29 -06:00 committed by Archana Shinde
parent c22fba934b
commit 5431096f13
6 changed files with 134 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
kata-deploy/examples/nginx-deployment-clh.yaml Normal file
View File

@ -0,0 +1,20 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment-clh
spec:
selector:
matchLabels:
app: nginx
replicas: 2
template:
metadata:
labels:
app: nginx
spec:
runtimeClassName: kata-clh
containers:
- name: nginx
image: nginx:1.14
ports:
- containerPort: 80

42
kata-deploy/examples/test-deploy-kata-clh.yaml Normal file
View File

@ -0,0 +1,42 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
run: php-apache-kata-clh
name: php-apache-kata-clh
spec:
replicas: 1
selector:
matchLabels:
run: php-apache-kata-clh
template:
metadata:
labels:
run: php-apache-kata-clh
spec:
runtimeClassName: kata-clh
containers:
- image: k8s.gcr.io/hpa-example
imagePullPolicy: Always
name: php-apache
ports:
- containerPort: 80
protocol: TCP
resources:
requests:
cpu: 200m
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
name: php-apache-kata-clh
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
run: php-apache-kata-clh
sessionAffinity: None
type: ClusterIP

7
kata-deploy/k8s-1.13/kata-clh-runtimeClass.yaml Normal file
View File

@ -0,0 +1,7 @@
---
kind: RuntimeClass
apiVersion: node.k8s.io/v1alpha1
metadata:
name: kata-clh
spec:
runtimeHandler: kata-clh

6
kata-deploy/k8s-1.14/kata-clh-runtimeClass.yaml Normal file
View File

@ -0,0 +1,6 @@
---
kind: RuntimeClass
apiVersion: node.k8s.io/v1beta1
metadata:
name: kata-clh
handler: kata-clh

4
kata-deploy/scripts/kata-deploy-docker.sh
View File

@ -51,6 +51,10 @@ function configure_docker() {
"kata-fc": { "kata-fc": {
"path": "/opt/kata/bin/kata-runtime", "path": "/opt/kata/bin/kata-runtime",
"runtimeArgs": [ "--kata-config", "/opt/kata/share/defaults/kata-containers/configuration-fc.toml" ] "runtimeArgs": [ "--kata-config", "/opt/kata/share/defaults/kata-containers/configuration-fc.toml" ]
},
"kata-clh": {
"path": "/opt/kata/bin/kata-runtime",
"runtimeArgs": [ "--kata-config", "/opt/kata/share/defaults/kata-containers/configuration-clh.toml" ]
} }
} }
} }

78
kata-deploy/scripts/kata-deploy.sh
View File

@ -18,6 +18,7 @@ shims=(
"nemu" "nemu"
"qemu" "qemu"
"qemu-virtiofs" "qemu-virtiofs"
"cloud-hypervisor"
) )
# If we fail for any reason a message will be displayed # If we fail for any reason a message will be displayed
@ -32,7 +33,7 @@ function print_usage() {
} }
function get_container_runtime() { function get_container_runtime() {
local runtime=$(kubectl describe node $NODE_NAME) local runtime="$(kubectl describe node $NODE_NAME)"
if [ "$?" -ne 0 ]; then if [ "$?" -ne 0 ]; then
die "invalid node name" die "invalid node name"
fi fi
@ -55,7 +56,7 @@ function configure_cri_runtime() {
;; ;;
esac esac
systemctl daemon-reload systemctl daemon-reload
systemctl restart $1 systemctl restart "$1"
} }
function configure_crio() { function configure_crio() {
@ -65,15 +66,21 @@ function configure_crio() {
# backup the CRIO.conf only if a backup doesn't already exist (don't override original) # backup the CRIO.conf only if a backup doesn't already exist (don't override original)
cp -n "$crio_conf_file" "$crio_conf_file_backup" cp -n "$crio_conf_file" "$crio_conf_file_backup"
local kata_qemu_path="/opt/kata/bin/kata-qemu" local kata_clh_path="/opt/kata/bin/kata-clh"
local kata_qemu_virtiofs_path="/opt/kata/bin/kata-qemu-virtiofs" local kata_clh_conf="crio.runtime.runtimes.kata-clh"
local kata_nemu_path="/opt/kata/bin/kata-nemu"
local kata_fc_path="/opt/kata/bin/kata-fc" local kata_fc_path="/opt/kata/bin/kata-fc"
local kata_qemu_conf="crio.runtime.runtimes.kata-qemu"
local kata_qemu_virtiofs_conf="crio.runtime.runtimes.kata-qemu-virtiofs"
local kata_nemu_conf="crio.runtime.runtimes.kata-nemu"
local kata_fc_conf="crio.runtime.runtimes.kata-fc" local kata_fc_conf="crio.runtime.runtimes.kata-fc"
local kata_nemu_path="/opt/kata/bin/kata-nemu"
local kata_nemu_conf="crio.runtime.runtimes.kata-nemu"
local kata_qemu_path="/opt/kata/bin/kata-qemu"
local kata_qemu_conf="crio.runtime.runtimes.kata-qemu"
local kata_qemu_virtiofs_path="/opt/kata/bin/kata-qemu-virtiofs"
local kata_qemu_virtiofs_conf="crio.runtime.runtimes.kata-qemu-virtiofs"
# add kata-qemu config # add kata-qemu config
if grep -q "^\[$kata_qemu_conf\]" $crio_conf_file; then if grep -q "^\[$kata_qemu_conf\]" $crio_conf_file; then
echo "Configuration exists $kata_qemu_conf, overwriting" echo "Configuration exists $kata_qemu_conf, overwriting"
@ -126,6 +133,19 @@ EOT
EOT EOT
fi fi
# add kata-clh config
if grep -q "^\[$kata_clh_conf\]" $crio_conf_file; then
echo "Configuration exists $kata_clh_conf, overwriting"
sed -i "/^\[$kata_clh_conf\]/,+1s#runtime_path.*#runtime_path = \"${kata_clh_path}\"#" $crio_conf_file
else
cat <<EOT | tee -a "$crio_conf_file"
# Path to the Kata Containers runtime binary that uses the Cloud Hypervisor.
[$kata_clh_conf]
runtime_path = "${kata_clh_path}"
EOT
fi
# Replace if exists, insert otherwise # Replace if exists, insert otherwise
grep -Fq 'manage_network_ns_lifecycle =' $crio_conf_file \ grep -Fq 'manage_network_ns_lifecycle =' $crio_conf_file \
&& sed -i '/manage_network_ns_lifecycle =/c manage_network_ns_lifecycle = true' $crio_conf_file \ && sed -i '/manage_network_ns_lifecycle =/c manage_network_ns_lifecycle = true' $crio_conf_file \
@ -165,6 +185,10 @@ function configure_containerd() {
runtime_type = "io.containerd.kata-nemu.v2" runtime_type = "io.containerd.kata-nemu.v2"
[plugins.cri.containerd.runtimes.kata-nemu.options] [plugins.cri.containerd.runtimes.kata-nemu.options]
ConfigPath = "/opt/kata/share/defaults/kata-containers/configuration-nemu.toml" ConfigPath = "/opt/kata/share/defaults/kata-containers/configuration-nemu.toml"
[plugins.cri.containerd.runtimes.kata-clh]
runtime_type = "io.containerd.kata-clh.v2"
[plugins.cri.containerd.runtimes.kata-clh.options]
ConfigPath = "/opt/kata/share/defaults/kata-containers/configuration-clh.toml"
EOT EOT
#Currently containerd has an assumption on the location of the shimv2 implementation #Currently containerd has an assumption on the location of the shimv2 implementation
#Until support is added (see https://github.com/containerd/containerd/issues/3073), #Until support is added (see https://github.com/containerd/containerd/issues/3073),
@ -172,24 +196,24 @@ EOT
mkdir -p /usr/local/bin mkdir -p /usr/local/bin
for shim in ${shims[@]}; do for shim in "${shims[@]}"; do
local shim_binary="containerd-shim-kata-${shim}-v2" local shim_binary="containerd-shim-kata-${shim}-v2"
local shim_file="/usr/local/bin/${shim_binary}" local shim_file="/usr/local/bin/${shim_binary}"
local shim_backup="/usr/local/bin/${shim_binary}.bak" local shim_backup="/usr/local/bin/${shim_binary}.bak"
if [ -f ${shim_file} ]; then if [ -f "${shim_file}" ]; then
echo "warning: ${shim_binary} already exists" >&2 echo "warning: ${shim_binary} already exists" >&2
if [ ! -f ${shim_backup} ]; then if [ ! -f "${shim_backup}" ]; then
mv ${shim_file} ${shim_backup} mv "${shim_file}" "${shim_backup}"
else else
rm ${shim_file} rm "${shim_file}"
fi fi
fi fi
cat << EOT | tee "$shim_file" cat << EOT | tee "$shim_file"
#!/bin/bash #!/bin/bash
KATA_CONF_FILE=/opt/kata/share/defaults/kata-containers/configuration-${shim}.toml /opt/kata/bin/containerd-shim-kata-v2 \$@ KATA_CONF_FILE=/opt/kata/share/defaults/kata-containers/configuration-${shim}.toml /opt/kata/bin/containerd-shim-kata-v2 \$@
EOT EOT
chmod +x $shim_file chmod +x "$shim_file"
done done
} }
@ -225,14 +249,14 @@ function cleanup_containerd() {
#Until support is added (see https://github.com/containerd/containerd/issues/3073), we manage #Until support is added (see https://github.com/containerd/containerd/issues/3073), we manage
# a reference to the v2-shim implementation # a reference to the v2-shim implementation
for shim in ${shims[@]}; do for shim in "${shims[@]}"; do
local shim_binary="containerd-shim-kata-${shim}-v2" local shim_binary="containerd-shim-kata-${shim}-v2"
local shim_file="/usr/local/bin/${shim_binary}" local shim_file="/usr/local/bin/${shim_binary}"
local shim_backup="/usr/local/bin/${shim_binary}.bak" local shim_backup="/usr/local/bin/${shim_binary}.bak"
rm ${shim_file} || true rm "${shim_file}" || true
if [ -f ${shim_backup} ]; then if [ -f "${shim_backup}" ]; then
mv "$shim_backup" "$shim_file" mv "$shim_backup" "$shim_file"
fi fi
done done
@ -240,15 +264,15 @@ function cleanup_containerd() {
} }
function reset_runtime() { function reset_runtime() {
kubectl label node $NODE_NAME katacontainers.io/kata-runtime- kubectl label node "$NODE_NAME" katacontainers.io/kata-runtime-
systemctl daemon-reload systemctl daemon-reload
systemctl restart $1 systemctl restart "$1"
systemctl restart kubelet systemctl restart kubelet
} }
function main() { function main() {
# script requires that user is root # script requires that user is root
euid=`id -u` euid=$(id -u)
if [[ $euid -ne 0 ]]; then if [[ $euid -ne 0 ]]; then
die "This script must be run as root" die "This script must be run as root"
fi fi
@ -261,7 +285,7 @@ function main() {
fi fi
action=${1:-} action=${1:-}
if [ -z $action ]; then if [ -z "$action" ]; then
print_usage print_usage
die "invalid arguments" die "invalid arguments"
fi fi
@ -269,16 +293,16 @@ function main() {
# only install / remove / update if we are dealing with CRIO or containerd # only install / remove / update if we are dealing with CRIO or containerd
if [ "$runtime" == "crio" ] || [ "$runtime" == "containerd" ]; then if [ "$runtime" == "crio" ] || [ "$runtime" == "containerd" ]; then
case $action in case "$action" in
install) install)
install_artifacts install_artifacts
configure_cri_runtime $runtime configure_cri_runtime "$runtime"
kubectl label node $NODE_NAME --overwrite katacontainers.io/kata-runtime=true kubectl label node "$NODE_NAME" --overwrite katacontainers.io/kata-runtime=true
;; ;;
cleanup) cleanup)
cleanup_cri_runtime $runtime cleanup_cri_runtime "$runtime"
kubectl label node $NODE_NAME --overwrite katacontainers.io/kata-runtime=cleanup kubectl label node "$NODE_NAME" --overwrite katacontainers.io/kata-runtime=cleanup
remove_artifacts remove_artifacts
;; ;;
reset) reset)
@ -296,4 +320,4 @@ function main() {
sleep infinity sleep infinity
} }
main $@ main "$@"