runtime-rs: Introduce cdi devices in container creation

Fixes #10145 Signed-off-by: Alex Lyn <alex.lyn@antgroup.com>
2025-07-16 16:32:03 +00:00 · 2024-08-12 16:45:27 +08:00 · 2024-08-12 16:45:27 +08:00 · 63b25e8cb0
commit 63b25e8cb0
parent 03735d78ec
3 changed files with 35 additions and 8 deletions
--- a/src/runtime-rs/crates/resource/src/manager.rs
+++ b/src/runtime-rs/crates/resource/src/manager.rs
@ -6,7 +6,6 @@

 use std::sync::Arc;

-use agent::types::Device;
 use agent::{Agent, Storage};
 use anyhow::Result;
 use async_trait::async_trait;
@ -20,6 +19,7 @@ use persist::sandbox_persist::Persist;
 use tokio::sync::RwLock;
 use tracing::instrument;

+use crate::cdi_devices::ContainerDevice;
 use crate::cpu_mem::initial_size::InitialSizeManager;
 use crate::network::NetworkConfig;
 use crate::resource_persist::ResourceState;
@ -116,7 +116,7 @@ impl ResourceManager {
        inner.handler_volumes(cid, spec).await
    }

-    pub async fn handler_devices(&self, cid: &str, linux: &Linux) -> Result<Vec<Device>> {
+    pub async fn handler_devices(&self, cid: &str, linux: &Linux) -> Result<Vec<ContainerDevice>> {
        let inner = self.inner.read().await;
        inner.handler_devices(cid, linux).await
    }
--- a/src/runtime-rs/crates/resource/src/manager_inner.rs
+++ b/src/runtime-rs/crates/resource/src/manager_inner.rs
@ -25,6 +25,7 @@ use persist::sandbox_persist::Persist;
 use tokio::{runtime, sync::RwLock};

 use crate::{
+    cdi_devices::{sort_options_by_pcipath, ContainerDevice, DeviceInfo},
    cgroups::{CgroupArgs, CgroupsResource},
    cpu_mem::{cpu::CpuResource, initial_size::InitialSizeManager, mem::MemResource},
    manager::ManagerArgs,
@ -292,7 +293,7 @@ impl ResourceManagerInner {
            .await
    }

-    pub async fn handler_devices(&self, _cid: &str, linux: &Linux) -> Result<Vec<Device>> {
+    pub async fn handler_devices(&self, _cid: &str, linux: &Linux) -> Result<Vec<ContainerDevice>> {
        let mut devices = vec![];

        let linux_devices = linux.devices().clone().unwrap_or_default();
@ -329,7 +330,10 @@ impl ResourceManagerInner {
                            vm_path: device.config.virt_path,
                            ..Default::default()
                        };
-                        devices.push(agent_device);
+                        devices.push(ContainerDevice {
+                            device_info: None,
+                            device: agent_device,
+                        });
                    }
                }
                LinuxDeviceType::C => {
@ -361,14 +365,33 @@ impl ResourceManagerInner {

                    // create agent device
                    if let DeviceType::Vfio(device) = device_info {
+                        let device_options = sort_options_by_pcipath(device.device_options);
                        let agent_device = Device {
                            id: device.device_id, // just for kata-agent
                            container_path: d.path().display().to_string().clone(),
                            field_type: vfio_mode,
-                            options: device.device_options,
+                            options: device_options,
                            ..Default::default()
                        };
-                        devices.push(agent_device);
+
+                        let vendor_class = device
+                            .devices
+                            .first()
+                            .unwrap()
+                            .device_vendor_class
+                            .as_ref()
+                            .unwrap()
+                            .get_vendor_class_id()
+                            .context("get vendor class failed")?;
+                        let device_info = Some(DeviceInfo {
+                            vendor_id: vendor_class.0.to_owned(),
+                            class_id: vendor_class.1.to_owned(),
+                            host_path: d.path().clone(),
+                        });
+                        devices.push(ContainerDevice {
+                            device_info,
+                            device: agent_device,
+                        });
                    }
                }
                _ => {
--- a/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container.rs
+++ b/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container.rs
@ -21,7 +21,9 @@ use kata_types::k8s;
 use oci_spec::runtime as oci;

 use oci::{LinuxResources, Process as OCIProcess};
-use resource::{ResourceManager, ResourceUpdateOp};
+use resource::{
+    cdi_devices::container_device::annotate_container_devices, ResourceManager, ResourceUpdateOp,
+};
 use tokio::sync::RwLock;

 use super::{
@ -174,10 +176,12 @@ impl Container {
            .as_ref()
            .context("OCI spec missing linux field")?;

-        let devices_agent = self
+        let container_devices = self
            .resource_manager
            .handler_devices(&config.container_id, linux)
            .await?;
+        let devices_agent = annotate_container_devices(&mut spec, container_devices)
+            .context("annotate container devices failed")?;

        // update vcpus, mems and host cgroups
        let resources = self