diff --git a/Developer-Guide.md b/Developer-Guide.md index 1920ab8e69..0c27562b6b 100644 --- a/Developer-Guide.md +++ b/Developer-Guide.md @@ -2,17 +2,22 @@ * [Assumptions](#assumptions) * [Build and install the Kata Containers runtime](#build-and-install-the-kata-containers-runtime) * [Check hardware requirements](#check-hardware-requirements) - * [Disable initrd](#disable-initrd) + * [Configure to use initrd or rootfs image](#configure-to-use-initrd-or-rootfs-image) * [Enable full debug](#enable-full-debug) * [Build and install Kata proxy](#build-and-install-kata-proxy) * [Build and install Kata shim](#build-and-install-kata-shim) -* [Create an image](#create-an-image) +* [Create and install rootfs and initrd image](#create-and-install-rootfs-and-initrd-image) * [Build a custom Kata agent - OPTIONAL](#build-a-custom-kata-agent---optional) * [Get the osbuilder](#get-the-osbuilder) * [Create a rootfs image](#create-a-rootfs-image) + * [Create a local rootfs](#create-a-local-rootfs) * [Add a custom agent to the image - OPTIONAL](#add-a-custom-agent-to-the-image---optional) - * [Build the image](#build-the-image) -* [Install the image](#install-the-image) + * [Build a rootfs image](#build-a-rootfs-image) + * [Install the rootfs image](#install-the-rootfs-image) + * [Create an initrd image - OPTIONAL](#create-an-initrd-image---optional) + * [Create a local rootfs for initrd image](#create-a-local-rootfs-for-initrd-image) + * [Build an initrd image](#build-an-initrd-image) + * [Install the initrd image](#install-the-initrd-image) * [Install guest kernel images](#install-guest-kernel-images) * [Update Docker configuration](#update-docker-configuration) * [Create a Kata Container](#create-a-kata-container) @@ -63,15 +68,29 @@ $ sudo kata-runtime kata-check If your system is *not* able to run Kata Containers, the previous command will error and explain why. -## Disable initrd +## Configure to use initrd or rootfs image -Unless you use an initial ramdisk (`initrd` or `initramfs`): +Kata containers can run with either an initrd image or a rootfs image. + +If you want to test with `initrd`, make sure you have `initrd = /usr/share/kata-containers/kata-containers-initrd.img` +in `/usr/share/defaults/kata-containers/configuration.toml` and remove the `image` line with the following: ``` -$ sudo sed -i 's/^\(initrd.*\)/# \1/g' /usr/share/defaults/kata-containers/configuration.toml +$ sudo sed -i 's/^\(image =.*\)/# \1/g' /usr/share/defaults/kata-containers/configuration.toml ``` +You can create the initrd image as shown in the [create an initrd image](#create-an-initrd-image---optional) secion. -If you use an initial ramdisk, see https://github.com/kata-containers/osbuilder. +If you test with a rootfs `image`, make sure you have `image = /usr/share/kata-containers/kata-containers.img` +in `/usr/share/defaults/kata-containers/configuration.toml` and remove the `initrd` line with the following: + +``` +$ sudo sed -i 's/^\(initrd =.*\)/# \1/g' /usr/share/defaults/kata-containers/configuration.toml +``` +The rootfs image is created as shown in the [create a rootfs image](#create-a-rootfs-image) secion. + +One of the `initrd` and `image` options in kata runtime config file **MUST** be set but **not both**. +The main difference between the options is that the size of `initrd`(10MB+) is significantly smaller than +rootfs `image`(100MB+). ## Enable full debug @@ -96,7 +115,7 @@ $ go get -d -u github.com/kata-containers/shim $ cd $GOPATH/src/github.com/kata-containers/shim && make && sudo make install ``` -# Create an image +# Create and install rootfs and initrd image ## Build a custom Kata agent - OPTIONAL @@ -116,11 +135,14 @@ $ go get -d -u github.com/kata-containers/osbuilder ``` ## Create a rootfs image - +### Create a local rootfs ``` +$ export ROOTFS_DIR=${GOPATH}/src/github.com/kata-containers/osbuilder/rootfs-builder/rootfs +$ rm -rf ${ROOTFS_DIR} $ cd $GOPATH/src/github.com/kata-containers/osbuilder/rootfs-builder -$ script -fec 'sudo -E GOPATH=$GOPATH USE_DOCKER=true ./rootfs.sh clearlinux' +$ script -fec 'sudo -E GOPATH=$GOPATH USE_DOCKER=true ./rootfs.sh ${distro}' ``` +You MUST choose one of `alpine`, `centos`, `clearlinux`, `euleros`, and `fedora` for `${distro}`. > **Note:** > @@ -135,16 +157,16 @@ $ script -fec 'sudo -E GOPATH=$GOPATH USE_DOCKER=true ./rootfs.sh clearlinux' > - You only do this step if you test with the latest version of the agent. ``` -$ sudo install -o root -g root -m 0550 -t rootfs/bin ../../agent/kata-agent -$ sudo install -o root -g root -m 0440 ../../agent/kata-agent.service rootfs/usr/lib/systemd/system/ -$ sudo install -o root -g root -m 0440 ../../agent/kata-containers.target rootfs/usr/lib/systemd/system/ +$ sudo install -o root -g root -m 0550 -t ${ROOTFS_DIR}/bin ../../agent/kata-agent +$ sudo install -o root -g root -m 0440 ../../agent/kata-agent.service ${ROOTFS_DIR}/usr/lib/systemd/system/ +$ sudo install -o root -g root -m 0440 ../../agent/kata-containers.target ${ROOTFS_DIR}/usr/lib/systemd/system/ ``` -## Build the image +### Build a rootfs image ``` $ cd $GOPATH/src/github.com/kata-containers/osbuilder/image-builder -$ script -fec 'sudo -E USE_DOCKER=true ./image_builder.sh ../rootfs-builder/rootfs' +$ script -fec 'sudo -E USE_DOCKER=true ./image_builder.sh ${ROOTFS_DIR}' ``` > **Notes:** @@ -156,7 +178,8 @@ $ script -fec 'sudo -E USE_DOCKER=true ./image_builder.sh ../rootfs-builder/root > variable in the previous command and ensure the `qemu-img` command is > available on your system. -# Install the image + +### Install the rootfs image ``` $ commit=$(git log --format=%h -1 HEAD) @@ -166,6 +189,41 @@ $ sudo install -o root -g root -m 0640 -D kata-containers.img "/usr/share/kata-c $ (cd /usr/share/kata-containers && sudo ln -sf "$image" kata-containers.img) ``` +## Create an initrd image - OPTIONAL +### Create a local rootfs for initrd image +``` +$ export ROOTFS_DIR="${GOPATH}/src/github.com/kata-containers/osbuilder/rootfs-builder/rootfs" +$ rm -rf ${ROOTFS_DIR} +$ cd $GOPATH/src/github.com/kata-containers/osbuilder/rootfs-builder +$ script -fec 'sudo -E GOPATH=$GOPATH AGENT_INIT=yes USE_DOCKER=true ./rootfs.sh ${distro}' +``` +`AGENT_INIT` controls if the guest image uses kata agent as the guest `init` process. When you create an initrd image, +always set `AGENT_INIT` to `yes`. + +You MUST choose one of `alpine`, `centos`, `clearlinux`, `euleros`, and `fedora` for `${distro}`. + +Optionally, add your custom agent binary to the rootfs with the following: +``` +$ sudo install -o root -g root -m 0550 -T ../../agent/kata-agent ${ROOTFS_DIR}/sbin/init +``` + +### Build an initrd image + +``` +$ cd $GOPATH/src/github.com/kata-containers/osbuilder/initrd-builder +$ script -fec 'sudo -E AGENT_INIT=yes USE_DOCKER=true ./initrd_builder.sh ${ROOTFS_DIR}' +``` + +### Install the initrd image + +``` +$ commit=$(git log --format=%h -1 HEAD) +$ date=$(date +%Y-%m-%d-%T.%N%z) +$ image="kata-containers-initrd-${date}-${commit}" +$ sudo install -o root -g root -m 0640 -D kata-containers-initrd.img "/usr/share/kata-containers/${image}" +$ (cd /usr/share/kata-containers && sudo ln -sf "$image" kata-containers-initrd.img) +``` + # Install guest kernel images ``` @@ -178,6 +236,11 @@ $ sudo ln -s /usr/share/clear-containers/vmlinuz.container /usr/share/kata-conta > - The files in the previous commands are from the Clear Containers > `linux-container` package. See [Assumptions](#assumptions). +If you want to use an initrd image, install the [hyperstart](https://github.com/hyperhq/hyperstart/) kernel instead: +``` +$ sudo wget -O /usr/share/kata-containers/vmlinuz.container https://github.com/hyperhq/hyperstart/raw/master/build/arch/x86_64/kernel +``` + # Update Docker configuration ```