From d48c542a527b26d7caeda004cfbb95176296f17a Mon Sep 17 00:00:00 2001
From: Fupan Li <fupan.lfp@antgroup.com>
Date: Wed, 10 Sep 2025 18:00:54 +0800
Subject: [PATCH] runtime-rs: Support Firecracker disk rate limiter

This PR adds code that passes disk limiter parameters from KC
configuration to Firecracker.

Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
---
 .../config/configuration-rs-fc.toml.in        | 30 +++++++++++++++++++
 .../hypervisor/src/firecracker/fc_api.rs      | 19 +++++++++++-
 2 files changed, 48 insertions(+), 1 deletion(-)

diff --git a/src/runtime-rs/config/configuration-rs-fc.toml.in b/src/runtime-rs/config/configuration-rs-fc.toml.in
index e8d083f334..889f149acb 100644
--- a/src/runtime-rs/config/configuration-rs-fc.toml.in
+++ b/src/runtime-rs/config/configuration-rs-fc.toml.in
@@ -128,6 +128,36 @@ block_device_driver = "@DEFBLOCKSTORAGEDRIVER_FC@"
 # Default false
 #block_device_cache_noflush = true
 
+# Bandwidth rate limiter options
+#
+# disk_rate_limiter_bw_max_rate controls disk I/O bandwidth (size in bits/sec
+# for SB/VM).
+# The same value is used for inbound and outbound bandwidth.
+# Default 0-sized value means unlimited rate.
+#disk_rate_limiter_bw_max_rate = 0
+#
+# disk_rate_limiter_bw_one_time_burst increases the initial max rate and this
+# initial extra credit does *NOT* affect the overall limit and can be used for
+# an *initial* burst of data.
+# This is *optional* and only takes effect if disk_rate_limiter_bw_max_rate is
+# set to a non zero value.
+#disk_rate_limiter_bw_one_time_burst = 0
+#
+# Operation rate limiter options
+#
+# disk_rate_limiter_ops_max_rate controls disk I/O bandwidth (size in ops/sec
+# for SB/VM).
+# The same value is used for inbound and outbound bandwidth.
+# Default 0-sized value means unlimited rate.
+#disk_rate_limiter_ops_max_rate = 0
+#
+# disk_rate_limiter_ops_one_time_burst increases the initial max rate and this
+# initial extra credit does *NOT* affect the overall limit and can be used for
+# an *initial* burst of data.
+# This is *optional* and only takes effect if disk_rate_limiter_bw_max_rate is
+# set to a non zero value.
+#disk_rate_limiter_ops_one_time_burst = 0
+
 # Enable pre allocation of VM RAM, default false
 # Enabling this will result in lower container density
 # as all of the memory will be allocated and locked
diff --git a/src/runtime-rs/crates/hypervisor/src/firecracker/fc_api.rs b/src/runtime-rs/crates/hypervisor/src/firecracker/fc_api.rs
index 8da8609da7..a27c916065 100644
--- a/src/runtime-rs/crates/hypervisor/src/firecracker/fc_api.rs
+++ b/src/runtime-rs/crates/hypervisor/src/firecracker/fc_api.rs
@@ -16,6 +16,7 @@ use dbs_utils::net::MacAddr;
 use hyper::{Body, Method, Request, Response};
 use hyperlocal::Uri;
 use kata_sys_util::mount;
+use kata_types::config::hypervisor::RateLimiterConfig;
 use nix::mount::MsFlags;
 use serde_json::json;
 use tokio::{fs, fs::File};
@@ -177,9 +178,25 @@ impl FcInner {
         let new_drive_path = self
             .get_resource(drive_path, new_drive_id)
             .context("get resource CONTAINER ROOTFS")?;
+
+        let block_rate_limit = RateLimiterConfig::new(
+            self.config.blockdev_info.disk_rate_limiter_bw_max_rate,
+            self.config.blockdev_info.disk_rate_limiter_ops_max_rate,
+            self.config
+                .blockdev_info
+                .disk_rate_limiter_bw_one_time_burst,
+            self.config
+                .blockdev_info
+                .disk_rate_limiter_ops_one_time_burst,
+        );
+
+        let rate_limiter = serde_json::to_string(&block_rate_limit)
+            .with_context(|| format!("serde {:?} to json", block_rate_limit))?;
+
         let body: String = json!({
             "drive_id": format!("drive{drive_id}"),
-            "path_on_host": new_drive_path
+            "path_on_host": new_drive_path,
+            "rate_limiter": rate_limiter,
         })
         .to_string();
         self.request_with_retry(