github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-27 15:57:09 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #809 from chavafg/topic/clh-support

Browse Source 
kata-deploy: add support for Cloud Hypervisor and remove nemu
This commit is contained in:
Archana Shinde 2019-11-18 13:57:13 -08:00 committed by GitHub
commit ca7fb82003
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 70 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
kata-deploy/examples/nginx-deployment-nemu.yaml → kata-deploy/examples/nginx-deployment-clh.yaml
View File

@ -1,7 +1,7 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment-nemu
name: nginx-deployment-clh
spec:
selector:
matchLabels:
@ -12,7 +12,7 @@ spec:
labels:
app: nginx
spec:
runtimeClassName: kata-nemu
runtimeClassName: kata-clh
containers:
- name: nginx
image: nginx:1.14

14
kata-deploy/examples/test-deploy-kata-nemu.yaml → kata-deploy/examples/test-deploy-kata-clh.yaml
View File

@ -2,19 +2,19 @@ apiVersion: apps/v1
kind: Deployment
metadata:
labels:
run: php-apache-kata-nemu
name: php-apache-kata-nemu
run: php-apache-kata-clh
name: php-apache-kata-clh
spec:
replicas: 1
selector:
matchLabels:
run: php-apache-kata-nemu
run: php-apache-kata-clh
template:
metadata:
labels:
run: php-apache-kata-nemu
run: php-apache-kata-clh
spec:
runtimeClassName: kata-nemu
runtimeClassName: kata-clh
containers:
- image: k8s.gcr.io/hpa-example
imagePullPolicy: Always
@ -30,13 +30,13 @@ spec:
apiVersion: v1
kind: Service
metadata:
name: php-apache-kata-nemu
name: php-apache-kata-clh
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
run: php-apache-kata-nemu
run: php-apache-kata-clh
sessionAffinity: None
type: ClusterIP

5
kata-deploy/k8s-1.13/kata-nemu-runtimeClass.yaml → kata-deploy/k8s-1.13/kata-clh-runtimeClass.yaml
View File

@ -2,5 +2,6 @@
kind: RuntimeClass
apiVersion: node.k8s.io/v1alpha1
metadata:
name: kata-nemu
handler: kata-nemu
name: kata-clh
spec:
runtimeHandler: kata-clh

4
kata-deploy/k8s-1.14/kata-nemu-runtimeClass.yaml → kata-deploy/k8s-1.14/kata-clh-runtimeClass.yaml
View File

@ -2,5 +2,5 @@
kind: RuntimeClass
apiVersion: node.k8s.io/v1beta1
metadata:
name: kata-nemu
handler: kata-nemu
name: kata-clh
handler: kata-clh

8
kata-deploy/scripts/kata-deploy-docker.sh
View File

@ -43,14 +43,14 @@ function configure_docker() {
"kata-qemu-virtiofs": {
"path": "/opt/kata/bin/kata-runtime",
"runtimeArgs": [ "--kata-config", "/opt/kata/share/defaults/kata-containers/configuration-qemu-virtiofs.toml" ]
},
"kata-nemu": {
"path": "/opt/kata/bin/kata-runtime",
"runtimeArgs": [ "--kata-config", "/opt/kata/share/defaults/kata-containers/configuration-nemu.toml" ]
},
"kata-fc": {
"path": "/opt/kata/bin/kata-runtime",
"runtimeArgs": [ "--kata-config", "/opt/kata/share/defaults/kata-containers/configuration-fc.toml" ]
},
"kata-clh": {
"path": "/opt/kata/bin/kata-runtime",
"runtimeArgs": [ "--kata-config", "/opt/kata/share/defaults/kata-containers/configuration-clh.toml" ]
}
}
}

101
kata-deploy/scripts/kata-deploy.sh
View File

@ -15,9 +15,9 @@ containerd_conf_file_backup="${containerd_conf_file}.bak"
shims=(
"fc"
"nemu"
"qemu"
"qemu-virtiofs"
"cloud-hypervisor"
)
# If we fail for any reason a message will be displayed
@ -32,7 +32,7 @@ function print_usage() {
}
function get_container_runtime() {
local runtime=$(kubectl describe node $NODE_NAME)
local runtime="$(kubectl describe node $NODE_NAME)"
if [ "$?" -ne 0 ]; then
die "invalid node name"
fi
@ -55,7 +55,7 @@ function configure_cri_runtime() {
;;
esac
systemctl daemon-reload
systemctl restart $1
systemctl restart "$1"
}
function configure_crio() {
@ -65,15 +65,18 @@ function configure_crio() {
# backup the CRIO.conf only if a backup doesn't already exist (don't override original)
cp -n "$crio_conf_file" "$crio_conf_file_backup"
local kata_qemu_path="/opt/kata/bin/kata-qemu"
local kata_qemu_virtiofs_path="/opt/kata/bin/kata-qemu-virtiofs"
local kata_nemu_path="/opt/kata/bin/kata-nemu"
local kata_clh_path="/opt/kata/bin/kata-clh"
local kata_clh_conf="crio.runtime.runtimes.kata-clh"
local kata_fc_path="/opt/kata/bin/kata-fc"
local kata_qemu_conf="crio.runtime.runtimes.kata-qemu"
local kata_qemu_virtiofs_conf="crio.runtime.runtimes.kata-qemu-virtiofs"
local kata_nemu_conf="crio.runtime.runtimes.kata-nemu"
local kata_fc_conf="crio.runtime.runtimes.kata-fc"
local kata_qemu_path="/opt/kata/bin/kata-qemu"
local kata_qemu_conf="crio.runtime.runtimes.kata-qemu"
local kata_qemu_virtiofs_path="/opt/kata/bin/kata-qemu-virtiofs"
local kata_qemu_virtiofs_conf="crio.runtime.runtimes.kata-qemu-virtiofs"
# add kata-qemu config
if grep -q "^\[$kata_qemu_conf\]" $crio_conf_file; then
echo "Configuration exists $kata_qemu_conf, overwriting"
@ -100,19 +103,6 @@ EOT
EOT
fi
# add kata-nemu config
if grep -q "^\[$kata_nemu_conf\]" $crio_conf_file; then
echo "Configuration exists $kata_nemu_conf, overwriting"
sed -i "/^\[$kata_nemu_conf\]/,+1s#runtime_path.*#runtime_path = \"${kata_nemu_path}\"#" $crio_conf_file
else
cat <<EOT | tee -a "$crio_conf_file"
# Path to the Kata Containers runtime binary that uses the NEMU hypervisor.
[$kata_nemu_conf]
runtime_path = "${kata_nemu_path}"
EOT
fi
# add kata-fc config
if grep -q "^\[$kata_fc_conf\]" $crio_conf_file; then
echo "Configuration exists for $kata_fc_conf, overwriting"
@ -126,10 +116,23 @@ EOT
EOT
fi
# Replace if exists, insert otherwise
grep -Fq 'manage_network_ns_lifecycle =' $crio_conf_file \
&& sed -i '/manage_network_ns_lifecycle =/c manage_network_ns_lifecycle = true' $crio_conf_file \
|| sed -i '/\[crio.runtime\]/a manage_network_ns_lifecycle = true' $crio_conf_file
# add kata-clh config
if grep -q "^\[$kata_clh_conf\]" $crio_conf_file; then
echo "Configuration exists $kata_clh_conf, overwriting"
sed -i "/^\[$kata_clh_conf\]/,+1s#runtime_path.*#runtime_path = \"${kata_clh_path}\"#" $crio_conf_file
else
cat <<EOT | tee -a "$crio_conf_file"
# Path to the Kata Containers runtime binary that uses the Cloud Hypervisor.
[$kata_clh_conf]
runtime_path = "${kata_clh_path}"
EOT
fi
# Replace if exists, insert otherwise
grep -Fq 'manage_network_ns_lifecycle =' $crio_conf_file \
&& sed -i '/manage_network_ns_lifecycle =/c manage_network_ns_lifecycle = true' $crio_conf_file \
|| sed -i '/\[crio.runtime\]/a manage_network_ns_lifecycle = true' $crio_conf_file
}
function configure_containerd() {
@ -161,10 +164,10 @@ function configure_containerd() {
runtime_type = "io.containerd.kata-qemu-virtiofs.v2"
[plugins.cri.containerd.runtimes.kata-qemu-virtiofs.options]
ConfigPath = "/opt/kata/share/defaults/kata-containers/configuration-qemu-virtiofs.toml"
[plugins.cri.containerd.runtimes.kata-nemu]
runtime_type = "io.containerd.kata-nemu.v2"
[plugins.cri.containerd.runtimes.kata-nemu.options]
ConfigPath = "/opt/kata/share/defaults/kata-containers/configuration-nemu.toml"
[plugins.cri.containerd.runtimes.kata-clh]
runtime_type = "io.containerd.kata-clh.v2"
[plugins.cri.containerd.runtimes.kata-clh.options]
ConfigPath = "/opt/kata/share/defaults/kata-containers/configuration-clh.toml"
EOT
#Currently containerd has an assumption on the location of the shimv2 implementation
#Until support is added (see https://github.com/containerd/containerd/issues/3073),
@ -172,24 +175,24 @@ EOT
mkdir -p /usr/local/bin
for shim in ${shims[@]}; do
for shim in "${shims[@]}"; do
local shim_binary="containerd-shim-kata-${shim}-v2"
local shim_file="/usr/local/bin/${shim_binary}"
local shim_backup="/usr/local/bin/${shim_binary}.bak"
if [ -f ${shim_file} ]; then
if [ -f "${shim_file}" ]; then
echo "warning: ${shim_binary} already exists" >&2
if [ ! -f ${shim_backup} ]; then
mv ${shim_file} ${shim_backup}
if [ ! -f "${shim_backup}" ]; then
mv "${shim_file}" "${shim_backup}"
else
rm ${shim_file}
rm "${shim_file}"
fi
fi
cat << EOT | tee "$shim_file"
#!/bin/bash
KATA_CONF_FILE=/opt/kata/share/defaults/kata-containers/configuration-${shim}.toml /opt/kata/bin/containerd-shim-kata-v2 \$@
EOT
chmod +x $shim_file
chmod +x "$shim_file"
done
}
@ -225,14 +228,14 @@ function cleanup_containerd() {
#Until support is added (see https://github.com/containerd/containerd/issues/3073), we manage
# a reference to the v2-shim implementation
for shim in ${shims[@]}; do
for shim in "${shims[@]}"; do
local shim_binary="containerd-shim-kata-${shim}-v2"
local shim_file="/usr/local/bin/${shim_binary}"
local shim_backup="/usr/local/bin/${shim_binary}.bak"
rm ${shim_file} || true
rm "${shim_file}" || true
if [ -f ${shim_backup} ]; then
if [ -f "${shim_backup}" ]; then
mv "$shim_backup" "$shim_file"
fi
done
@ -240,15 +243,15 @@ function cleanup_containerd() {
}
function reset_runtime() {
kubectl label node $NODE_NAME katacontainers.io/kata-runtime-
kubectl label node "$NODE_NAME" katacontainers.io/kata-runtime-
systemctl daemon-reload
systemctl restart $1
systemctl restart "$1"
systemctl restart kubelet
}
function main() {
# script requires that user is root
euid=`id -u`
euid=$(id -u)
if [[ $euid -ne 0 ]]; then
die "This script must be run as root"
fi
@ -261,7 +264,7 @@ function main() {
fi
action=${1:-}
if [ -z $action ]; then
if [ -z "$action" ]; then
print_usage
die "invalid arguments"
fi
@ -269,16 +272,16 @@ function main() {
# only install / remove / update if we are dealing with CRIO or containerd
if [ "$runtime" == "crio" ] || [ "$runtime" == "containerd" ]; then
case $action in
case "$action" in
install)
install_artifacts
configure_cri_runtime $runtime
kubectl label node $NODE_NAME --overwrite katacontainers.io/kata-runtime=true
configure_cri_runtime "$runtime"
kubectl label node "$NODE_NAME" --overwrite katacontainers.io/kata-runtime=true
;;
cleanup)
cleanup_cri_runtime $runtime
kubectl label node $NODE_NAME --overwrite katacontainers.io/kata-runtime=cleanup
cleanup_cri_runtime "$runtime"
kubectl label node "$NODE_NAME" --overwrite katacontainers.io/kata-runtime=cleanup
remove_artifacts
;;
reset)
@ -296,4 +299,4 @@ function main() {
sleep infinity
}
main $@
main "$@"