diff --git a/README.md b/README.md index 9a5a400..b2985ec 100644 --- a/README.md +++ b/README.md @@ -14,13 +14,12 @@ is used on top to (more gracefully) handle multiple connection, and to have a watching thread (in `waitpid(2)`) for every virtual machine started by vmmd. To install Albatross, run `opam pin add albatross -https://github.com/hannesm/albatross`. On FreeBSD, `opam pin add -solo5-kernel-ukvm --dev` is needed as well. +https://github.com/hannesm/albatross`. The following elaborates on how to get the software up and running, following by provisioning and deploying some unikernels. There is a *server* (`SRV`) component which needs six binaries: vmm_console, vmm_log, vmm_stats_lwt, vmmd, -ukvm-bin.none, and ukvm-bin.net; a `CA` machine (which should be air-gapped, or +solo6-hvt.none, and solo5-hvt.net; a `CA` machine (which should be air-gapped, or at least use some hardware token) for provisioning which needs vmm_sign, and vmm_gen_ca; and a *development* (`DEV`) machine which has a fully featured OCaml and MirageOS environment. Each step is prefixed with the machine it is supposed @@ -63,15 +62,15 @@ steps to produce the remaining required binaries: CA> COPY cacert.pem server.pem server.key SRV: DEV> git clone https://github.com/mirage/mirage-skeleton.git DEV> cd mirage-skeleton/tutorial/hello -DEV> mirage configure -t ukvm +DEV> mirage configure -t hvt DEV> mirage build -DEV> mv ukvm-bin /tmp/ukvm-bin.none +DEV> mv solo5-hvt /tmp/solo5-hvt.none DEV> cd ../device-usage/network -DEV> mirage configure -t ukvm +DEV> mirage configure -t hvt DEV> mirage build -DEV> mv ukvm-bin /tmp/ukvm-bin.net +DEV> mv solo5-hvt /tmp/solo5-hvt.net DEV> cd ../../.. -DEV> COPY /tmp/ukvm-bin.none /tmp/ukvm-bin.net SRV:/var/db/albatross +DEV> COPY /tmp/solo5-hvt.none /tmp/solo5-hvt.net SRV:/var/db/albatross DEV> COPY vmm_console vmm_log vmm_stats_lwt vmmd SRV:/opt/bin/ ``` @@ -104,7 +103,7 @@ able to collect statistics unless running as a privileged user, the following ``` [albatross=10] -add path 'vmm/ukvm*' mode 0660 group albatross +add path 'vmm/solo5*' mode 0660 group albatross ``` Also need to activate by adding `devfs_system_ruleset="albatross"` to @@ -140,12 +139,12 @@ This produced in the first step two files, `admin.req` and `admin.key`, and in the second step two more files, `dev.db` and `admin.pem`. ``` -DEV> vmm_req_vm hello mirage-skeleton/tutorial/hello/hello.ukvm 12 1 +DEV> vmm_req_vm hello mirage-skeleton/tutorial/hello/hello.hvt 12 1 DEV> vmm_sign dev.db dev.pem dev.key hello.req ``` This generates a private key `hello.key` and a certificate signing request named -`hello.req` including the virtual machine image `hello.ukvm`, which gets 12MB +`hello.req` including the virtual machine image `hello.hvt`, which gets 12MB memory and CPU id 1. The second command used the `dev.key` to sign the signing request and output a `hello.pem`. diff --git a/app/vmmc.ml b/app/vmmc.ml index b5c2950..3f6713b 100644 --- a/app/vmmc.ml +++ b/app/vmmc.ml @@ -90,7 +90,7 @@ let create _ opt_socket force name image cpuid requested_memory boot_params bloc | [] -> None | xs -> Some xs (* TODO we could do the compression btw *) - and vmimage = `Ukvm_amd64, Cstruct.of_string image' + and vmimage = `Hvt_amd64, Cstruct.of_string image' in let vm_config = { prefix ; vname ; cpuid ; requested_memory ; block_device ; network ; diff --git a/app/vmmd.ml b/app/vmmd.ml index 9b54b4b..0416557 100644 --- a/app/vmmd.ml +++ b/app/vmmd.ml @@ -34,7 +34,7 @@ let handle state out c_fd fd addr = (c) create initiates the vm startup procedure: write image file, create fifo, create tap(s), send fifo to console -- Lwt effects happen (console) -- - executes ukvm-bin + waiter, send stats pid and taps, inserts await into state, logs "created vm" + executes solo5-hvt + waiter, send stats pid and taps, inserts await into state, logs "created vm" -- Lwt effects happen (stats, logs, wait_and_clear) -- (2) goto (1) *) diff --git a/provision/vmm_req_vm.ml b/provision/vmm_req_vm.ml index 60e1273..5e96c89 100644 --- a/provision/vmm_req_vm.ml +++ b/provision/vmm_req_vm.ml @@ -19,10 +19,10 @@ let vm_csr key name image cpu mem args block net force compression = and cmd = if force then `Force_create_vm else `Create_vm in let image = match compression with - | 0 -> image_to_cstruct (`Ukvm_amd64, image) + | 0 -> image_to_cstruct (`Hvt_amd64, image) | level -> let img = Vmm_compress.compress ~level (Cstruct.to_string image) in - image_to_cstruct (`Ukvm_amd64_compressed, Cstruct.of_string img) + image_to_cstruct (`Hvt_amd64_compressed, Cstruct.of_string img) in let exts = [ (false, `Unsupported (Oid.version, version_to_cstruct asn_version)) ; diff --git a/src/vmm_asn.ml b/src/vmm_asn.ml index 88af92d..3a1bd24 100644 --- a/src/vmm_asn.ml +++ b/src/vmm_asn.ml @@ -105,13 +105,13 @@ let string_of_cstruct, string_to_cstruct = projections_of Asn.S.utf8_string let image = let f = function - | `C1 x -> `Ukvm_amd64, x - | `C2 x -> `Ukvm_arm64, x - | `C3 x -> `Ukvm_amd64_compressed, x + | `C1 x -> `Hvt_amd64, x + | `C2 x -> `Hvt_arm64, x + | `C3 x -> `Hvt_amd64_compressed, x and g = function - | `Ukvm_amd64, x -> `C1 x - | `Ukvm_arm64, x -> `C2 x - | `Ukvm_amd64_compressed, x -> `C3 x + | `Hvt_amd64, x -> `C1 x + | `Hvt_arm64, x -> `C2 x + | `Hvt_amd64_compressed, x -> `C3 x in Asn.S.map f g @@ Asn.S.(choice3 diff --git a/src/vmm_asn.mli b/src/vmm_asn.mli index 30143c9..15d42f9 100644 --- a/src/vmm_asn.mli +++ b/src/vmm_asn.mli @@ -52,8 +52,9 @@ module Oid : sig must exist. *) val block_device : Asn.OID.t - (** [vmimage] is a [CHOICE] between [ [0] OCTET_STRING] for an UKVM amd64 - image and [ [1] OCTET_STRING] for an UKVM arm64 image. *) + (** [vmimage] is a [CHOICE] between [ [0] OCTET_STRING] for an hvt amd64 + image, [ [1] OCTET_STRING] for an hvt arm64 image, and [ [2] OCTET_STRING] + for a compressed am64 hvt image. *) val vmimage : Asn.OID.t (** [argv] is a [SEQUENCE OF UTF8STRING] denoting the boot parameters passed diff --git a/src/vmm_core.ml b/src/vmm_core.ml index 235c0e3..0c10bfb 100644 --- a/src/vmm_core.ml +++ b/src/vmm_core.ml @@ -60,23 +60,23 @@ let command_of_string = function | x when x = "destroy-block" -> Some `Destroy_block | _ -> None -type vmtype = [ `Ukvm_amd64 | `Ukvm_arm64 | `Ukvm_amd64_compressed ] +type vmtype = [ `Hvt_amd64 | `Hvt_arm64 | `Hvt_amd64_compressed ] let vmtype_to_int = function - | `Ukvm_amd64 -> 0 - | `Ukvm_arm64 -> 1 - | `Ukvm_amd64_compressed -> 2 + | `Hvt_amd64 -> 0 + | `Hvt_arm64 -> 1 + | `Hvt_amd64_compressed -> 2 let int_to_vmtype = function - | 0 -> Some `Ukvm_amd64 - | 1 -> Some `Ukvm_arm64 - | 2 -> Some `Ukvm_amd64_compressed + | 0 -> Some `Hvt_amd64 + | 1 -> Some `Hvt_arm64 + | 2 -> Some `Hvt_amd64_compressed | _ -> None let pp_vmtype ppf = function - | `Ukvm_amd64 -> Fmt.pf ppf "ukvm-amd64" - | `Ukvm_amd64_compressed -> Fmt.pf ppf "ukvm-amd64-compressed" - | `Ukvm_arm64 -> Fmt.pf ppf "ukvm-arm64" + | `Hvt_amd64 -> Fmt.pf ppf "hvt-amd64" + | `Hvt_amd64_compressed -> Fmt.pf ppf "hvt-amd64-compressed" + | `Hvt_arm64 -> Fmt.pf ppf "hvt-arm64" type id = string list diff --git a/src/vmm_unix.ml b/src/vmm_unix.ml index 7b5bc4b..c2649bc 100644 --- a/src/vmm_unix.ml +++ b/src/vmm_unix.ml @@ -116,13 +116,13 @@ let create_bridge bname = let prepare vm = (match vm.vmimage with - | `Ukvm_amd64, blob -> Ok blob - | `Ukvm_amd64_compressed, blob -> + | `Hvt_amd64, blob -> Ok blob + | `Hvt_amd64_compressed, blob -> begin match Vmm_compress.uncompress (Cstruct.to_string blob) with | Ok blob -> Ok (Cstruct.of_string blob) | Error () -> Error (`Msg "failed to uncompress") end - | `Ukvm_arm64, _ -> Error (`Msg "no amd64 ukvm image found")) >>= fun image -> + | `Hvt_arm64, _ -> Error (`Msg "no amd64 hvt image found")) >>= fun image -> let fifo = fifo_file vm in (match fifo_exists fifo with | Ok true -> Ok () @@ -161,8 +161,8 @@ let exec vm taps = let net = List.map (fun t -> "--net=" ^ t) taps in let argv = match vm.argv with None -> [] | Some xs -> xs in (match taps with - | [] -> Ok Fpath.(dbdir / "ukvm-bin.none") - | [_] -> Ok Fpath.(dbdir / "ukvm-bin.net") + | [] -> Ok Fpath.(dbdir / "solo5-hvt.none") + | [_] -> Ok Fpath.(dbdir / "solo5-hvt.net") | _ -> Error (`Msg "cannot handle multiple network interfaces")) >>= fun bin -> cpuset vm.cpuid >>= fun cpuset -> let mem = "--mem=" ^ string_of_int vm.requested_memory in diff --git a/stats/vmm_stats.ml b/stats/vmm_stats.ml index cbe7328..ba7c3b4 100644 --- a/stats/vmm_stats.ml +++ b/stats/vmm_stats.ml @@ -56,7 +56,7 @@ let fill_descr ctx = | ds -> Logs.info (fun m -> m "%d descr are already present" (List.length ds)) let open_vmmapi ?(retries = 4) pid = - let name = "ukvm" ^ string_of_int pid in + let name = "solo5-" ^ string_of_int pid in if retries = 0 then begin Logs.debug (fun m -> m "(ignored 0) vmmapi_open failed for %d" pid) ; Error 0