github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-25 18:53:44 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2505 from Pennyzct/update_FC_0.21.0

Browse Source 
AArch64: officially enable firecracker v0.21.0 on AArch64
This commit is contained in:
Graham Whaley
2020-03-23 10:03:19 +00:00
committed by GitHub
parent 2d89766d3a d60902a95e
commit c028329755
7 changed files with 52 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
arch/arm64-options.mk
View File

@@ -10,3 +10,8 @@ KERNELPARAMS :=
MACHINEACCELERATORS := MACHINEACCELERATORS :=
QEMUCMD := qemu-system-aarch64 QEMUCMD := qemu-system-aarch64
# Firecracker binary name
FCCMD := firecracker
# Firecracker's jailer binary name
FCJAILERCMD := jailer

2
versions.yaml
View File

@@ -83,7 +83,7 @@ assets:
uscan-url: >- uscan-url: >-
https://github.com/firecracker-microvm/firecracker/tags https://github.com/firecracker-microvm/firecracker/tags
.*/v?(\d\S+)\.tar\.gz .*/v?(\d\S+)\.tar\.gz
version: "v0.20.0" version: "v0.21.1"
qemu: qemu:
description: "VMM that uses KVM" description: "VMM that uses KVM"

50
virtcontainers/fc.go
View File

@@ -53,7 +53,7 @@ const (
const ( const (
//fcTimeout is the maximum amount of time in seconds to wait for the VMM to respond //fcTimeout is the maximum amount of time in seconds to wait for the VMM to respond
fcTimeout = 10 fcTimeout = 10
fcSocket = "api.socket" fcSocket = "firecracker.socket"
//Name of the files within jailer root //Name of the files within jailer root
//Having predefined names helps with cleanup //Having predefined names helps with cleanup
fcKernel = "vmlinux" fcKernel = "vmlinux"
@@ -80,7 +80,7 @@ const (
) )
// Specify the minimum version of firecracker supported // Specify the minimum version of firecracker supported
var fcMinSupportedVersion = semver.MustParse("0.19.0") var fcMinSupportedVersion = semver.MustParse("0.21.1")
var fcKernelParams = append(commonVirtioblkKernelRootParams, []Param{ var fcKernelParams = append(commonVirtioblkKernelRootParams, []Param{
// The boot source is the first partition of the first block device added // The boot source is the first partition of the first block device added
@@ -180,6 +180,19 @@ func (fc *firecracker) trace(name string) (opentracing.Span, context.Context) {
return span, ctx return span, ctx
} }
//At some cases, when sandbox id is too long, it will incur error of overlong
//firecracker API unix socket(fc.socketPath).
//In Linux, sun_path could maximumly contains 108 bytes in size.
//(http://man7.org/linux/man-pages/man7/unix.7.html)
func (fc *firecracker) truncateID(id string) string {
if len(id) > 32 {
//truncate the id to only leave the size of UUID(128bit).
return id[:32]
}
return id
}
// For firecracker this call only sets the internal structure up. // For firecracker this call only sets the internal structure up.
// The sandbox will be created and started through startSandbox(). // The sandbox will be created and started through startSandbox().
func (fc *firecracker) createSandbox(ctx context.Context, id string, networkNS NetworkNamespace, hypervisorConfig *HypervisorConfig, stateful bool) error { func (fc *firecracker) createSandbox(ctx context.Context, id string, networkNS NetworkNamespace, hypervisorConfig *HypervisorConfig, stateful bool) error {
@@ -190,7 +203,7 @@ func (fc *firecracker) createSandbox(ctx context.Context, id string, networkNS N
//TODO: check validity of the hypervisor config provided //TODO: check validity of the hypervisor config provided
//https://github.com/kata-containers/runtime/issues/1065 //https://github.com/kata-containers/runtime/issues/1065
fc.id = id fc.id = fc.truncateID(id)
fc.state.set(notReady) fc.state.set(notReady)
fc.config = *hypervisorConfig fc.config = *hypervisorConfig
fc.stateful = stateful fc.stateful = stateful
@@ -210,7 +223,10 @@ func (fc *firecracker) createSandbox(ctx context.Context, id string, networkNS N
fc.vmPath = filepath.Join(fc.chrootBaseDir, hypervisorName, fc.id) fc.vmPath = filepath.Join(fc.chrootBaseDir, hypervisorName, fc.id)
fc.jailerRoot = filepath.Join(fc.vmPath, "root") // auto created by jailer fc.jailerRoot = filepath.Join(fc.vmPath, "root") // auto created by jailer
fc.socketPath = filepath.Join(fc.jailerRoot, fcSocket)
// Firecracker and jailer automatically creates default API socket under /run
// with the name of "firecracker.socket"
fc.socketPath = filepath.Join(fc.jailerRoot, "run", fcSocket)
// So we need to repopulate this at startSandbox where it is valid // So we need to repopulate this at startSandbox where it is valid
fc.netNSPath = networkNS.NetNsPath fc.netNSPath = networkNS.NetNsPath
@@ -284,7 +300,9 @@ func (fc *firecracker) getVersionNumber() (string, error) {
var version string var version string
fields := strings.Split(string(data), " ") fields := strings.Split(string(data), " ")
if len(fields) > 1 { if len(fields) > 1 {
version = strings.TrimSpace(fields[1]) // The output format of `Firecracker --verion` is as follows
// Firecracker v0.21.1
version = strings.TrimPrefix(strings.TrimSpace(fields[1]), "v")
return version, nil return version, nil
} }
@@ -361,7 +379,6 @@ func (fc *firecracker) fcInit(timeout int) error {
jailedArgs := []string{ jailedArgs := []string{
"--id", fc.id, "--id", fc.id,
"--node", "0", //FIXME: Comprehend NUMA topology or explicit ignore "--node", "0", //FIXME: Comprehend NUMA topology or explicit ignore
"--seccomp-level", "2",
"--exec-file", fc.config.HypervisorPath, "--exec-file", fc.config.HypervisorPath,
"--uid", "0", //https://github.com/kata-containers/runtime/issues/1869 "--uid", "0", //https://github.com/kata-containers/runtime/issues/1869
"--gid", "0", "--gid", "0",
@@ -612,7 +629,6 @@ func (fc *firecracker) fcSetLogger() error {
Level: &fcLogLevel, Level: &fcLogLevel,
LogFifo: &jailedLogFifo, LogFifo: &jailedLogFifo,
MetricsFifo: &jailedMetricsFifo, MetricsFifo: &jailedMetricsFifo,
Options: []string{},
} }
return err return err
@@ -651,7 +667,9 @@ func (fc *firecracker) fcListenToFifo(fifoName string) (string, error) {
} }
func (fc *firecracker) fcInitConfiguration() error { func (fc *firecracker) fcInitConfiguration() error {
err := os.MkdirAll(fc.jailerRoot, DirMode) // Firecracker API socket(firecracker.socket) is automatically created
// under /run dir.
err := os.MkdirAll(filepath.Join(fc.jailerRoot, "run"), DirMode)
if err != nil { if err != nil {
return err return err
} }
@@ -666,7 +684,7 @@ func (fc *firecracker) fcInitConfiguration() error {
if fc.config.JailerPath != "" { if fc.config.JailerPath != "" {
fc.jailed = true fc.jailed = true
if err := fc.fcRemountJailerRootWithExec(); err != nil { if err := fc.fcRemountJailerRootWithExec(); err != nil {
return nil return err
} }
} }
@@ -935,20 +953,6 @@ func (fc *firecracker) fcUpdateBlockDrive(path, id string) error {
return err return err
} }
// Rescan needs to used only if the VM is running
if fc.vmRunning() {
actionParams := ops.NewCreateSyncActionParams()
actionType := "BlockDeviceRescan"
actionInfo := &models.InstanceActionInfo{
ActionType: &actionType,
Payload: id,
}
actionParams.SetInfo(actionInfo)
if _, err := fc.client().Operations.CreateSyncAction(actionParams); err != nil {
return err
}
}
return nil return nil
} }

16
virtcontainers/fc_test.go
View File

@@ -29,3 +29,19 @@ func TestFCGenerateSocket(t *testing.T) {
assert.NotEmpty(hvsock.UdsPath) assert.NotEmpty(hvsock.UdsPath)
assert.NotZero(hvsock.Port) assert.NotZero(hvsock.Port)
} }
func TestFCTruncateID(t *testing.T) {
assert := assert.New(t)
fc := firecracker{}
testLongID := "3ef98eb7c6416be11e0accfed2f4e6560e07f8e33fa8d31922fd4d61747d7ead"
expectedID := "3ef98eb7c6416be11e0accfed2f4e656"
id := fc.truncateID(testLongID)
assert.Equal(expectedID, id)
testShortID := "3ef98eb7c6416be11"
expectedID = "3ef98eb7c6416be11"
id = fc.truncateID(testShortID)
assert.Equal(expectedID, id)
}

10
virtcontainers/pkg/firecracker/client/models/instance_action_info.go
View File

@@ -21,11 +21,8 @@ type InstanceActionInfo struct {
// Enumeration indicating what type of action is contained in the payload // Enumeration indicating what type of action is contained in the payload
// Required: true // Required: true
// Enum: [BlockDeviceRescan FlushMetrics InstanceStart SendCtrlAltDel] // Enum: [FlushMetrics InstanceStart SendCtrlAltDel]
ActionType *string `json:"action_type"` ActionType *string `json:"action_type"`
// payload
Payload string `json:"payload,omitempty"`
} }
// Validate validates this instance action info // Validate validates this instance action info
@@ -46,7 +43,7 @@ var instanceActionInfoTypeActionTypePropEnum []interface{}
func init() { func init() {
var res []string var res []string
if err := json.Unmarshal([]byte(`["BlockDeviceRescan","FlushMetrics","InstanceStart","SendCtrlAltDel"]`), &res); err != nil { if err := json.Unmarshal([]byte(`["FlushMetrics","InstanceStart","SendCtrlAltDel"]`), &res); err != nil {
panic(err) panic(err)
} }
for _, v := range res { for _, v := range res {
@@ -56,9 +53,6 @@ func init() {
const ( const (
// InstanceActionInfoActionTypeBlockDeviceRescan captures enum value "BlockDeviceRescan"
InstanceActionInfoActionTypeBlockDeviceRescan string = "BlockDeviceRescan"
// InstanceActionInfoActionTypeFlushMetrics captures enum value "FlushMetrics" // InstanceActionInfoActionTypeFlushMetrics captures enum value "FlushMetrics"
InstanceActionInfoActionTypeFlushMetrics string = "FlushMetrics" InstanceActionInfoActionTypeFlushMetrics string = "FlushMetrics"

3
virtcontainers/pkg/firecracker/client/models/logger.go
View File

@@ -31,9 +31,6 @@ type Logger struct {
// Required: true // Required: true
MetricsFifo *string `json:"metrics_fifo"` MetricsFifo *string `json:"metrics_fifo"`
// Additional logging options. Only "LogDirtyPages" is supported.
Options []string `json:"options"`
// Whether or not to output the level in the logs. // Whether or not to output the level in the logs.
ShowLevel *bool `json:"show_level,omitempty"` ShowLevel *bool `json:"show_level,omitempty"`

11
virtcontainers/pkg/firecracker/firecracker.yaml
View File

@@ -5,7 +5,7 @@ info:
The API is accessible through HTTP calls on specific URLs The API is accessible through HTTP calls on specific URLs
carrying JSON modeled data. carrying JSON modeled data.
The transport medium is a Unix Domain Socket. The transport medium is a Unix Domain Socket.
version: 0.19.0 version: 0.21.1
termsOfService: "" termsOfService: ""
contact: contact:
email: "compute-capsule@amazon.com" email: "compute-capsule@amazon.com"
@@ -449,12 +449,9 @@ definitions:
description: Enumeration indicating what type of action is contained in the payload description: Enumeration indicating what type of action is contained in the payload
type: string type: string
enum: enum:
- BlockDeviceRescan
- FlushMetrics - FlushMetrics
- InstanceStart - InstanceStart
- SendCtrlAltDel - SendCtrlAltDel
payload:
type: string
InstanceInfo: InstanceInfo:
type: object type: object
@@ -508,12 +505,6 @@ definitions:
type: boolean type: boolean
description: Whether or not to include the file path and line number of the log's origin. description: Whether or not to include the file path and line number of the log's origin.
default: false default: false
options:
type: array
items:
type: string
description: Additional logging options. Only "LogDirtyPages" is supported.
default: []
MachineConfiguration: MachineConfiguration:
type: object type: object