mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-09-25 10:43:15 +00:00
Merge pull request #2505 from Pennyzct/update_FC_0.21.0
AArch64: officially enable firecracker v0.21.0 on AArch64
This commit is contained in:
Graham Whaley
GitHub
@@ -10,3 +10,8 @@ KERNELPARAMS :=
|
||||
MACHINEACCELERATORS :=
|
||||
|
||||
QEMUCMD := qemu-system-aarch64
|
||||
|
||||
# Firecracker binary name
|
||||
FCCMD := firecracker
|
||||
# Firecracker's jailer binary name
|
||||
FCJAILERCMD := jailer
|
||||
|
||||
@@ -83,7 +83,7 @@ assets:
|
||||
uscan-url: >-
|
||||
https://github.com/firecracker-microvm/firecracker/tags
|
||||
.*/v?(\d\S+)\.tar\.gz
|
||||
version: "v0.20.0"
|
||||
version: "v0.21.1"
|
||||
|
||||
qemu:
|
||||
description: "VMM that uses KVM"
|
||||
|
||||
@@ -53,7 +53,7 @@ const (
|
||||
const (
|
||||
//fcTimeout is the maximum amount of time in seconds to wait for the VMM to respond
|
||||
fcTimeout = 10
|
||||
fcSocket = "api.socket"
|
||||
fcSocket = "firecracker.socket"
|
||||
//Name of the files within jailer root
|
||||
//Having predefined names helps with cleanup
|
||||
fcKernel = "vmlinux"
|
||||
@@ -80,7 +80,7 @@ const (
|
||||
)
|
||||
|
||||
// Specify the minimum version of firecracker supported
|
||||
var fcMinSupportedVersion = semver.MustParse("0.19.0")
|
||||
var fcMinSupportedVersion = semver.MustParse("0.21.1")
|
||||
|
||||
var fcKernelParams = append(commonVirtioblkKernelRootParams, []Param{
|
||||
// The boot source is the first partition of the first block device added
|
||||
@@ -180,6 +180,19 @@ func (fc *firecracker) trace(name string) (opentracing.Span, context.Context) {
|
||||
return span, ctx
|
||||
}
|
||||
|
||||
//At some cases, when sandbox id is too long, it will incur error of overlong
|
||||
//firecracker API unix socket(fc.socketPath).
|
||||
//In Linux, sun_path could maximumly contains 108 bytes in size.
|
||||
//(http://man7.org/linux/man-pages/man7/unix.7.html)
|
||||
func (fc *firecracker) truncateID(id string) string {
|
||||
if len(id) > 32 {
|
||||
//truncate the id to only leave the size of UUID(128bit).
|
||||
return id[:32]
|
||||
}
|
||||
|
||||
return id
|
||||
}
|
||||
|
||||
// For firecracker this call only sets the internal structure up.
|
||||
// The sandbox will be created and started through startSandbox().
|
||||
func (fc *firecracker) createSandbox(ctx context.Context, id string, networkNS NetworkNamespace, hypervisorConfig *HypervisorConfig, stateful bool) error {
|
||||
@@ -190,7 +203,7 @@ func (fc *firecracker) createSandbox(ctx context.Context, id string, networkNS N
|
||||
|
||||
//TODO: check validity of the hypervisor config provided
|
||||
//https://github.com/kata-containers/runtime/issues/1065
|
||||
fc.id = id
|
||||
fc.id = fc.truncateID(id)
|
||||
fc.state.set(notReady)
|
||||
fc.config = *hypervisorConfig
|
||||
fc.stateful = stateful
|
||||
@@ -210,7 +223,10 @@ func (fc *firecracker) createSandbox(ctx context.Context, id string, networkNS N
|
||||
|
||||
fc.vmPath = filepath.Join(fc.chrootBaseDir, hypervisorName, fc.id)
|
||||
fc.jailerRoot = filepath.Join(fc.vmPath, "root") // auto created by jailer
|
||||
fc.socketPath = filepath.Join(fc.jailerRoot, fcSocket)
|
||||
|
||||
// Firecracker and jailer automatically creates default API socket under /run
|
||||
// with the name of "firecracker.socket"
|
||||
fc.socketPath = filepath.Join(fc.jailerRoot, "run", fcSocket)
|
||||
|
||||
// So we need to repopulate this at startSandbox where it is valid
|
||||
fc.netNSPath = networkNS.NetNsPath
|
||||
@@ -284,7 +300,9 @@ func (fc *firecracker) getVersionNumber() (string, error) {
|
||||
var version string
|
||||
fields := strings.Split(string(data), " ")
|
||||
if len(fields) > 1 {
|
||||
version = strings.TrimSpace(fields[1])
|
||||
// The output format of `Firecracker --verion` is as follows
|
||||
// Firecracker v0.21.1
|
||||
version = strings.TrimPrefix(strings.TrimSpace(fields[1]), "v")
|
||||
return version, nil
|
||||
}
|
||||
|
||||
@@ -361,7 +379,6 @@ func (fc *firecracker) fcInit(timeout int) error {
|
||||
jailedArgs := []string{
|
||||
"--id", fc.id,
|
||||
"--node", "0", //FIXME: Comprehend NUMA topology or explicit ignore
|
||||
"--seccomp-level", "2",
|
||||
"--exec-file", fc.config.HypervisorPath,
|
||||
"--uid", "0", //https://github.com/kata-containers/runtime/issues/1869
|
||||
"--gid", "0",
|
||||
@@ -612,7 +629,6 @@ func (fc *firecracker) fcSetLogger() error {
|
||||
Level: &fcLogLevel,
|
||||
LogFifo: &jailedLogFifo,
|
||||
MetricsFifo: &jailedMetricsFifo,
|
||||
Options: []string{},
|
||||
}
|
||||
|
||||
return err
|
||||
@@ -651,7 +667,9 @@ func (fc *firecracker) fcListenToFifo(fifoName string) (string, error) {
|
||||
}
|
||||
|
||||
func (fc *firecracker) fcInitConfiguration() error {
|
||||
err := os.MkdirAll(fc.jailerRoot, DirMode)
|
||||
// Firecracker API socket(firecracker.socket) is automatically created
|
||||
// under /run dir.
|
||||
err := os.MkdirAll(filepath.Join(fc.jailerRoot, "run"), DirMode)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -666,7 +684,7 @@ func (fc *firecracker) fcInitConfiguration() error {
|
||||
if fc.config.JailerPath != "" {
|
||||
fc.jailed = true
|
||||
if err := fc.fcRemountJailerRootWithExec(); err != nil {
|
||||
return nil
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
@@ -935,20 +953,6 @@ func (fc *firecracker) fcUpdateBlockDrive(path, id string) error {
|
||||
return err
|
||||
}
|
||||
|
||||
// Rescan needs to used only if the VM is running
|
||||
if fc.vmRunning() {
|
||||
actionParams := ops.NewCreateSyncActionParams()
|
||||
actionType := "BlockDeviceRescan"
|
||||
actionInfo := &models.InstanceActionInfo{
|
||||
ActionType: &actionType,
|
||||
Payload: id,
|
||||
}
|
||||
actionParams.SetInfo(actionInfo)
|
||||
if _, err := fc.client().Operations.CreateSyncAction(actionParams); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
||||
@@ -29,3 +29,19 @@ func TestFCGenerateSocket(t *testing.T) {
|
||||
assert.NotEmpty(hvsock.UdsPath)
|
||||
assert.NotZero(hvsock.Port)
|
||||
}
|
||||
|
||||
func TestFCTruncateID(t *testing.T) {
|
||||
assert := assert.New(t)
|
||||
|
||||
fc := firecracker{}
|
||||
|
||||
testLongID := "3ef98eb7c6416be11e0accfed2f4e6560e07f8e33fa8d31922fd4d61747d7ead"
|
||||
expectedID := "3ef98eb7c6416be11e0accfed2f4e656"
|
||||
id := fc.truncateID(testLongID)
|
||||
assert.Equal(expectedID, id)
|
||||
|
||||
testShortID := "3ef98eb7c6416be11"
|
||||
expectedID = "3ef98eb7c6416be11"
|
||||
id = fc.truncateID(testShortID)
|
||||
assert.Equal(expectedID, id)
|
||||
}
|
||||
|
||||
@@ -21,11 +21,8 @@ type InstanceActionInfo struct {
|
||||
|
||||
// Enumeration indicating what type of action is contained in the payload
|
||||
// Required: true
|
||||
// Enum: [BlockDeviceRescan FlushMetrics InstanceStart SendCtrlAltDel]
|
||||
// Enum: [FlushMetrics InstanceStart SendCtrlAltDel]
|
||||
ActionType *string `json:"action_type"`
|
||||
|
||||
// payload
|
||||
Payload string `json:"payload,omitempty"`
|
||||
}
|
||||
|
||||
// Validate validates this instance action info
|
||||
@@ -46,7 +43,7 @@ var instanceActionInfoTypeActionTypePropEnum []interface{}
|
||||
|
||||
func init() {
|
||||
var res []string
|
||||
if err := json.Unmarshal([]byte(`["BlockDeviceRescan","FlushMetrics","InstanceStart","SendCtrlAltDel"]`), &res); err != nil {
|
||||
if err := json.Unmarshal([]byte(`["FlushMetrics","InstanceStart","SendCtrlAltDel"]`), &res); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
for _, v := range res {
|
||||
@@ -56,9 +53,6 @@ func init() {
|
||||
|
||||
const (
|
||||
|
||||
// InstanceActionInfoActionTypeBlockDeviceRescan captures enum value "BlockDeviceRescan"
|
||||
InstanceActionInfoActionTypeBlockDeviceRescan string = "BlockDeviceRescan"
|
||||
|
||||
// InstanceActionInfoActionTypeFlushMetrics captures enum value "FlushMetrics"
|
||||
InstanceActionInfoActionTypeFlushMetrics string = "FlushMetrics"
|
||||
|
||||
|
||||
@@ -31,9 +31,6 @@ type Logger struct {
|
||||
// Required: true
|
||||
MetricsFifo *string `json:"metrics_fifo"`
|
||||
|
||||
// Additional logging options. Only "LogDirtyPages" is supported.
|
||||
Options []string `json:"options"`
|
||||
|
||||
// Whether or not to output the level in the logs.
|
||||
ShowLevel *bool `json:"show_level,omitempty"`
|
||||
|
||||
|
||||
@@ -5,7 +5,7 @@ info:
|
||||
The API is accessible through HTTP calls on specific URLs
|
||||
carrying JSON modeled data.
|
||||
The transport medium is a Unix Domain Socket.
|
||||
version: 0.19.0
|
||||
version: 0.21.1
|
||||
termsOfService: ""
|
||||
contact:
|
||||
email: "compute-capsule@amazon.com"
|
||||
@@ -449,12 +449,9 @@ definitions:
|
||||
description: Enumeration indicating what type of action is contained in the payload
|
||||
type: string
|
||||
enum:
|
||||
- BlockDeviceRescan
|
||||
- FlushMetrics
|
||||
- InstanceStart
|
||||
- SendCtrlAltDel
|
||||
payload:
|
||||
type: string
|
||||
|
||||
InstanceInfo:
|
||||
type: object
|
||||
@@ -508,12 +505,6 @@ definitions:
|
||||
type: boolean
|
||||
description: Whether or not to include the file path and line number of the log's origin.
|
||||
default: false
|
||||
options:
|
||||
type: array
|
||||
items:
|
||||
type: string
|
||||
description: Additional logging options. Only "LogDirtyPages" is supported.
|
||||
default: []
|
||||
|
||||
MachineConfiguration:
|
||||
type: object
|
||||
|
||||
Reference in New Issue
Block a user