reynir/albatross
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

s/ukvm/hvt/

Browse source
This commit is contained in:
Hannes Mehnert 2018-09-21 22:31:04 +02:00
parent 38b98ab318
commit 02f8d94db8
9 changed files with 39 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
README.md
View file

@ -14,13 +14,12 @@ is used on top to (more gracefully) handle multiple connection, and to have a
watching thread (in `waitpid(2)`) for every virtual machine started by vmmd. watching thread (in `waitpid(2)`) for every virtual machine started by vmmd.
To install Albatross, run `opam pin add albatross To install Albatross, run `opam pin add albatross
https://github.com/hannesm/albatross`. On FreeBSD, `opam pin add https://github.com/hannesm/albatross`.
solo5-kernel-ukvm --dev` is needed as well.
The following elaborates on how to get the software up and running, following by The following elaborates on how to get the software up and running, following by
provisioning and deploying some unikernels. There is a *server* (`SRV`) provisioning and deploying some unikernels. There is a *server* (`SRV`)
component which needs six binaries: vmm_console, vmm_log, vmm_stats_lwt, vmmd, component which needs six binaries: vmm_console, vmm_log, vmm_stats_lwt, vmmd,
ukvm-bin.none, and ukvm-bin.net; a `CA` machine (which should be air-gapped, or solo6-hvt.none, and solo5-hvt.net; a `CA` machine (which should be air-gapped, or
at least use some hardware token) for provisioning which needs vmm_sign, and at least use some hardware token) for provisioning which needs vmm_sign, and
vmm_gen_ca; and a *development* (`DEV`) machine which has a fully featured OCaml vmm_gen_ca; and a *development* (`DEV`) machine which has a fully featured OCaml
and MirageOS environment. Each step is prefixed with the machine it is supposed and MirageOS environment. Each step is prefixed with the machine it is supposed
@ -63,15 +62,15 @@ steps to produce the remaining required binaries:
CA> COPY cacert.pem server.pem server.key SRV: CA> COPY cacert.pem server.pem server.key SRV:
DEV> git clone https://github.com/mirage/mirage-skeleton.git DEV> git clone https://github.com/mirage/mirage-skeleton.git
DEV> cd mirage-skeleton/tutorial/hello DEV> cd mirage-skeleton/tutorial/hello
DEV> mirage configure -t ukvm DEV> mirage configure -t hvt
DEV> mirage build DEV> mirage build
DEV> mv ukvm-bin /tmp/ukvm-bin.none DEV> mv solo5-hvt /tmp/solo5-hvt.none
DEV> cd ../device-usage/network DEV> cd ../device-usage/network
DEV> mirage configure -t ukvm DEV> mirage configure -t hvt
DEV> mirage build DEV> mirage build
DEV> mv ukvm-bin /tmp/ukvm-bin.net DEV> mv solo5-hvt /tmp/solo5-hvt.net
DEV> cd ../../.. DEV> cd ../../..
DEV> COPY /tmp/ukvm-bin.none /tmp/ukvm-bin.net SRV:/var/db/albatross DEV> COPY /tmp/solo5-hvt.none /tmp/solo5-hvt.net SRV:/var/db/albatross
DEV> COPY vmm_console vmm_log vmm_stats_lwt vmmd SRV:/opt/bin/ DEV> COPY vmm_console vmm_log vmm_stats_lwt vmmd SRV:/opt/bin/
``` ```
@ -104,7 +103,7 @@ able to collect statistics unless running as a privileged user, the following
``` ```
[albatross=10] [albatross=10]
add path 'vmm/ukvm*' mode 0660 group albatross add path 'vmm/solo5*' mode 0660 group albatross
``` ```
Also need to activate by adding `devfs_system_ruleset="albatross"` to Also need to activate by adding `devfs_system_ruleset="albatross"` to
@ -140,12 +139,12 @@ This produced in the first step two files, `admin.req` and `admin.key`, and in
the second step two more files, `dev.db` and `admin.pem`. the second step two more files, `dev.db` and `admin.pem`.
``` ```
DEV> vmm_req_vm hello mirage-skeleton/tutorial/hello/hello.ukvm 12 1 DEV> vmm_req_vm hello mirage-skeleton/tutorial/hello/hello.hvt 12 1
DEV> vmm_sign dev.db dev.pem dev.key hello.req DEV> vmm_sign dev.db dev.pem dev.key hello.req
``` ```
This generates a private key `hello.key` and a certificate signing request named This generates a private key `hello.key` and a certificate signing request named
`hello.req` including the virtual machine image `hello.ukvm`, which gets 12MB `hello.req` including the virtual machine image `hello.hvt`, which gets 12MB
memory and CPU id 1. The second command used the `dev.key` to sign the signing memory and CPU id 1. The second command used the `dev.key` to sign the signing
request and output a `hello.pem`. request and output a `hello.pem`.

2
app/vmmc.ml
View file

@ -90,7 +90,7 @@ let create _ opt_socket force name image cpuid requested_memory boot_params bloc
| [] -> None | [] -> None
| xs -> Some xs | xs -> Some xs
(* TODO we could do the compression btw *) (* TODO we could do the compression btw *)
and vmimage = `Ukvm_amd64, Cstruct.of_string image' and vmimage = `Hvt_amd64, Cstruct.of_string image'
in in
let vm_config = { let vm_config = {
prefix ; vname ; cpuid ; requested_memory ; block_device ; network ; prefix ; vname ; cpuid ; requested_memory ; block_device ; network ;

2
app/vmmd.ml
View file

@ -34,7 +34,7 @@ let handle state out c_fd fd addr =
(c) create initiates the vm startup procedure: (c) create initiates the vm startup procedure:
write image file, create fifo, create tap(s), send fifo to console write image file, create fifo, create tap(s), send fifo to console
-- Lwt effects happen (console) -- -- Lwt effects happen (console) --
executes ukvm-bin + waiter, send stats pid and taps, inserts await into state, logs "created vm" executes solo5-hvt + waiter, send stats pid and taps, inserts await into state, logs "created vm"
-- Lwt effects happen (stats, logs, wait_and_clear) -- -- Lwt effects happen (stats, logs, wait_and_clear) --
(2) goto (1) (2) goto (1)
*) *)

4
provision/vmm_req_vm.ml
View file

@ -19,10 +19,10 @@ let vm_csr key name image cpu mem args block net force compression =
and cmd = if force then `Force_create_vm else `Create_vm and cmd = if force then `Force_create_vm else `Create_vm
in in
let image = match compression with let image = match compression with
| 0 -> image_to_cstruct (`Ukvm_amd64, image) | 0 -> image_to_cstruct (`Hvt_amd64, image)
| level -> | level ->
let img = Vmm_compress.compress ~level (Cstruct.to_string image) in let img = Vmm_compress.compress ~level (Cstruct.to_string image) in
image_to_cstruct (`Ukvm_amd64_compressed, Cstruct.of_string img) image_to_cstruct (`Hvt_amd64_compressed, Cstruct.of_string img)
in in
let exts = let exts =
[ (false, `Unsupported (Oid.version, version_to_cstruct asn_version)) ; [ (false, `Unsupported (Oid.version, version_to_cstruct asn_version)) ;

12
src/vmm_asn.ml
View file

@ -105,13 +105,13 @@ let string_of_cstruct, string_to_cstruct = projections_of Asn.S.utf8_string
let image = let image =
let f = function let f = function
| `C1 x -> `Ukvm_amd64, x | `C1 x -> `Hvt_amd64, x
| `C2 x -> `Ukvm_arm64, x | `C2 x -> `Hvt_arm64, x
| `C3 x -> `Ukvm_amd64_compressed, x | `C3 x -> `Hvt_amd64_compressed, x
and g = function and g = function
| `Ukvm_amd64, x -> `C1 x | `Hvt_amd64, x -> `C1 x
| `Ukvm_arm64, x -> `C2 x | `Hvt_arm64, x -> `C2 x
| `Ukvm_amd64_compressed, x -> `C3 x | `Hvt_amd64_compressed, x -> `C3 x
in in
Asn.S.map f g @@ Asn.S.map f g @@
Asn.S.(choice3 Asn.S.(choice3

5
src/vmm_asn.mli
View file

@ -52,8 +52,9 @@ module Oid : sig
must exist. *) must exist. *)
val block_device : Asn.OID.t val block_device : Asn.OID.t
(** [vmimage] is a [CHOICE] between [ [0] OCTET_STRING] for an UKVM amd64 (** [vmimage] is a [CHOICE] between [ [0] OCTET_STRING] for an hvt amd64
image and [ [1] OCTET_STRING] for an UKVM arm64 image. *) image, [ [1] OCTET_STRING] for an hvt arm64 image, and [ [2] OCTET_STRING]
for a compressed am64 hvt image. *)
val vmimage : Asn.OID.t val vmimage : Asn.OID.t
(** [argv] is a [SEQUENCE OF UTF8STRING] denoting the boot parameters passed (** [argv] is a [SEQUENCE OF UTF8STRING] denoting the boot parameters passed

20
src/vmm_core.ml
View file

@ -60,23 +60,23 @@ let command_of_string = function
| x when x = "destroy-block" -> Some `Destroy_block | x when x = "destroy-block" -> Some `Destroy_block
| _ -> None | _ -> None
type vmtype = [ `Ukvm_amd64 | `Ukvm_arm64 | `Ukvm_amd64_compressed ] type vmtype = [ `Hvt_amd64 | `Hvt_arm64 | `Hvt_amd64_compressed ]
let vmtype_to_int = function let vmtype_to_int = function
| `Ukvm_amd64 -> 0 | `Hvt_amd64 -> 0
| `Ukvm_arm64 -> 1 | `Hvt_arm64 -> 1
| `Ukvm_amd64_compressed -> 2 | `Hvt_amd64_compressed -> 2
let int_to_vmtype = function let int_to_vmtype = function
| 0 -> Some `Ukvm_amd64 | 0 -> Some `Hvt_amd64
| 1 -> Some `Ukvm_arm64 | 1 -> Some `Hvt_arm64
| 2 -> Some `Ukvm_amd64_compressed | 2 -> Some `Hvt_amd64_compressed
| _ -> None | _ -> None
let pp_vmtype ppf = function let pp_vmtype ppf = function
| `Ukvm_amd64 -> Fmt.pf ppf "ukvm-amd64" | `Hvt_amd64 -> Fmt.pf ppf "hvt-amd64"
| `Ukvm_amd64_compressed -> Fmt.pf ppf "ukvm-amd64-compressed" | `Hvt_amd64_compressed -> Fmt.pf ppf "hvt-amd64-compressed"
| `Ukvm_arm64 -> Fmt.pf ppf "ukvm-arm64" | `Hvt_arm64 -> Fmt.pf ppf "hvt-arm64"
type id = string list type id = string list

10
src/vmm_unix.ml
View file

@ -116,13 +116,13 @@ let create_bridge bname =
let prepare vm = let prepare vm =
(match vm.vmimage with (match vm.vmimage with
| `Ukvm_amd64, blob -> Ok blob | `Hvt_amd64, blob -> Ok blob
| `Ukvm_amd64_compressed, blob -> | `Hvt_amd64_compressed, blob ->
begin match Vmm_compress.uncompress (Cstruct.to_string blob) with begin match Vmm_compress.uncompress (Cstruct.to_string blob) with
| Ok blob -> Ok (Cstruct.of_string blob) | Ok blob -> Ok (Cstruct.of_string blob)
| Error () -> Error (`Msg "failed to uncompress") | Error () -> Error (`Msg "failed to uncompress")
end end
| `Ukvm_arm64, _ -> Error (`Msg "no amd64 ukvm image found")) >>= fun image -> | `Hvt_arm64, _ -> Error (`Msg "no amd64 hvt image found")) >>= fun image ->
let fifo = fifo_file vm in let fifo = fifo_file vm in
(match fifo_exists fifo with (match fifo_exists fifo with
| Ok true -> Ok () | Ok true -> Ok ()
@ -161,8 +161,8 @@ let exec vm taps =
let net = List.map (fun t -> "--net=" ^ t) taps in let net = List.map (fun t -> "--net=" ^ t) taps in
let argv = match vm.argv with None -> [] | Some xs -> xs in let argv = match vm.argv with None -> [] | Some xs -> xs in
(match taps with (match taps with
| [] -> Ok Fpath.(dbdir / "ukvm-bin.none") | [] -> Ok Fpath.(dbdir / "solo5-hvt.none")
| [_] -> Ok Fpath.(dbdir / "ukvm-bin.net") | [_] -> Ok Fpath.(dbdir / "solo5-hvt.net")
| _ -> Error (`Msg "cannot handle multiple network interfaces")) >>= fun bin -> | _ -> Error (`Msg "cannot handle multiple network interfaces")) >>= fun bin ->
cpuset vm.cpuid >>= fun cpuset -> cpuset vm.cpuid >>= fun cpuset ->
let mem = "--mem=" ^ string_of_int vm.requested_memory in let mem = "--mem=" ^ string_of_int vm.requested_memory in

2
stats/vmm_stats.ml
View file

@ -56,7 +56,7 @@ let fill_descr ctx =
| ds -> Logs.info (fun m -> m "%d descr are already present" (List.length ds)) | ds -> Logs.info (fun m -> m "%d descr are already present" (List.length ds))
let open_vmmapi ?(retries = 4) pid = let open_vmmapi ?(retries = 4) pid =
let name = "ukvm" ^ string_of_int pid in let name = "solo5-" ^ string_of_int pid in
if retries = 0 then begin if retries = 0 then begin
Logs.debug (fun m -> m "(ignored 0) vmmapi_open failed for %d" pid) ; Logs.debug (fun m -> m "(ignored 0) vmmapi_open failed for %d" pid) ;
Error 0 Error 0