reynir/albatross
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

s/ukvm/hvt/

Browse source
This commit is contained in:
Hannes Mehnert 2018-09-21 22:31:04 +02:00
parent 38b98ab318
commit 02f8d94db8
9 changed files with 39 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
README.md
View file

@ -14,13 +14,12 @@ is used on top to (more gracefully) handle multiple connection, and to have a
watching thread (in `waitpid(2)`) for every virtual machine started by vmmd.
To install Albatross, run `opam pin add albatross
https://github.com/hannesm/albatross`. On FreeBSD, `opam pin add
solo5-kernel-ukvm --dev` is needed as well.
https://github.com/hannesm/albatross`.
The following elaborates on how to get the software up and running, following by
provisioning and deploying some unikernels. There is a *server* (`SRV`)
component which needs six binaries: vmm_console, vmm_log, vmm_stats_lwt, vmmd,
ukvm-bin.none, and ukvm-bin.net; a `CA` machine (which should be air-gapped, or
solo6-hvt.none, and solo5-hvt.net; a `CA` machine (which should be air-gapped, or
at least use some hardware token) for provisioning which needs vmm_sign, and
vmm_gen_ca; and a *development* (`DEV`) machine which has a fully featured OCaml
and MirageOS environment. Each step is prefixed with the machine it is supposed
@ -63,15 +62,15 @@ steps to produce the remaining required binaries:
CA> COPY cacert.pem server.pem server.key SRV:
DEV> git clone https://github.com/mirage/mirage-skeleton.git
DEV> cd mirage-skeleton/tutorial/hello
DEV> mirage configure -t ukvm
DEV> mirage configure -t hvt
DEV> mirage build
DEV> mv ukvm-bin /tmp/ukvm-bin.none
DEV> mv solo5-hvt /tmp/solo5-hvt.none
DEV> cd ../device-usage/network
DEV> mirage configure -t ukvm
DEV> mirage configure -t hvt
DEV> mirage build
DEV> mv ukvm-bin /tmp/ukvm-bin.net
DEV> mv solo5-hvt /tmp/solo5-hvt.net
DEV> cd ../../..
DEV> COPY /tmp/ukvm-bin.none /tmp/ukvm-bin.net SRV:/var/db/albatross
DEV> COPY /tmp/solo5-hvt.none /tmp/solo5-hvt.net SRV:/var/db/albatross
DEV> COPY vmm_console vmm_log vmm_stats_lwt vmmd SRV:/opt/bin/
```
@ -104,7 +103,7 @@ able to collect statistics unless running as a privileged user, the following
```
[albatross=10]
add path 'vmm/ukvm*' mode 0660 group albatross
add path 'vmm/solo5*' mode 0660 group albatross
```
Also need to activate by adding `devfs_system_ruleset="albatross"` to
@ -140,12 +139,12 @@ This produced in the first step two files, `admin.req` and `admin.key`, and in
the second step two more files, `dev.db` and `admin.pem`.
```
DEV> vmm_req_vm hello mirage-skeleton/tutorial/hello/hello.ukvm 12 1
DEV> vmm_req_vm hello mirage-skeleton/tutorial/hello/hello.hvt 12 1
DEV> vmm_sign dev.db dev.pem dev.key hello.req
```
This generates a private key `hello.key` and a certificate signing request named
`hello.req` including the virtual machine image `hello.ukvm`, which gets 12MB
`hello.req` including the virtual machine image `hello.hvt`, which gets 12MB
memory and CPU id 1. The second command used the `dev.key` to sign the signing
request and output a `hello.pem`.

2
app/vmmc.ml
View file

@ -90,7 +90,7 @@ let create _ opt_socket force name image cpuid requested_memory boot_params bloc
| [] -> None
| xs -> Some xs
(* TODO we could do the compression btw *)
and vmimage = `Ukvm_amd64, Cstruct.of_string image'
and vmimage = `Hvt_amd64, Cstruct.of_string image'
in
let vm_config = {
prefix ; vname ; cpuid ; requested_memory ; block_device ; network ;

2
app/vmmd.ml
View file

@ -34,7 +34,7 @@ let handle state out c_fd fd addr =
(c) create initiates the vm startup procedure:
write image file, create fifo, create tap(s), send fifo to console
-- Lwt effects happen (console) --
executes ukvm-bin + waiter, send stats pid and taps, inserts await into state, logs "created vm"
executes solo5-hvt + waiter, send stats pid and taps, inserts await into state, logs "created vm"
-- Lwt effects happen (stats, logs, wait_and_clear) --
(2) goto (1)
*)

4
provision/vmm_req_vm.ml
View file

@ -19,10 +19,10 @@ let vm_csr key name image cpu mem args block net force compression =
and cmd = if force then `Force_create_vm else `Create_vm
in
let image = match compression with
| 0 -> image_to_cstruct (`Ukvm_amd64, image)
| 0 -> image_to_cstruct (`Hvt_amd64, image)
| level ->
let img = Vmm_compress.compress ~level (Cstruct.to_string image) in
image_to_cstruct (`Ukvm_amd64_compressed, Cstruct.of_string img)
image_to_cstruct (`Hvt_amd64_compressed, Cstruct.of_string img)
in
let exts =
[ (false, `Unsupported (Oid.version, version_to_cstruct asn_version)) ;

12
src/vmm_asn.ml
View file

@ -105,13 +105,13 @@ let string_of_cstruct, string_to_cstruct = projections_of Asn.S.utf8_string
let image =
let f = function
| `C1 x -> `Ukvm_amd64, x
| `C2 x -> `Ukvm_arm64, x
| `C3 x -> `Ukvm_amd64_compressed, x
| `C1 x -> `Hvt_amd64, x
| `C2 x -> `Hvt_arm64, x
| `C3 x -> `Hvt_amd64_compressed, x
and g = function
| `Ukvm_amd64, x -> `C1 x
| `Ukvm_arm64, x -> `C2 x
| `Ukvm_amd64_compressed, x -> `C3 x
| `Hvt_amd64, x -> `C1 x
| `Hvt_arm64, x -> `C2 x
| `Hvt_amd64_compressed, x -> `C3 x
in
Asn.S.map f g @@
Asn.S.(choice3

5
src/vmm_asn.mli
View file

@ -52,8 +52,9 @@ module Oid : sig
must exist. *)
val block_device : Asn.OID.t
(** [vmimage] is a [CHOICE] between [ [0] OCTET_STRING] for an UKVM amd64
image and [ [1] OCTET_STRING] for an UKVM arm64 image. *)
(** [vmimage] is a [CHOICE] between [ [0] OCTET_STRING] for an hvt amd64
image, [ [1] OCTET_STRING] for an hvt arm64 image, and [ [2] OCTET_STRING]
for a compressed am64 hvt image. *)
val vmimage : Asn.OID.t
(** [argv] is a [SEQUENCE OF UTF8STRING] denoting the boot parameters passed

20
src/vmm_core.ml
View file

@ -60,23 +60,23 @@ let command_of_string = function
| x when x = "destroy-block" -> Some `Destroy_block
| _ -> None
type vmtype = [ `Ukvm_amd64 | `Ukvm_arm64 | `Ukvm_amd64_compressed ]
type vmtype = [ `Hvt_amd64 | `Hvt_arm64 | `Hvt_amd64_compressed ]
let vmtype_to_int = function
| `Ukvm_amd64 -> 0
| `Ukvm_arm64 -> 1
| `Ukvm_amd64_compressed -> 2
| `Hvt_amd64 -> 0
| `Hvt_arm64 -> 1
| `Hvt_amd64_compressed -> 2
let int_to_vmtype = function
| 0 -> Some `Ukvm_amd64
| 1 -> Some `Ukvm_arm64
| 2 -> Some `Ukvm_amd64_compressed
| 0 -> Some `Hvt_amd64
| 1 -> Some `Hvt_arm64
| 2 -> Some `Hvt_amd64_compressed
| _ -> None
let pp_vmtype ppf = function
| `Ukvm_amd64 -> Fmt.pf ppf "ukvm-amd64"
| `Ukvm_amd64_compressed -> Fmt.pf ppf "ukvm-amd64-compressed"
| `Ukvm_arm64 -> Fmt.pf ppf "ukvm-arm64"
| `Hvt_amd64 -> Fmt.pf ppf "hvt-amd64"
| `Hvt_amd64_compressed -> Fmt.pf ppf "hvt-amd64-compressed"
| `Hvt_arm64 -> Fmt.pf ppf "hvt-arm64"
type id = string list

10
src/vmm_unix.ml
View file

@ -116,13 +116,13 @@ let create_bridge bname =
let prepare vm =
(match vm.vmimage with
| `Ukvm_amd64, blob -> Ok blob
| `Ukvm_amd64_compressed, blob ->
| `Hvt_amd64, blob -> Ok blob
| `Hvt_amd64_compressed, blob ->
begin match Vmm_compress.uncompress (Cstruct.to_string blob) with
| Ok blob -> Ok (Cstruct.of_string blob)
| Error () -> Error (`Msg "failed to uncompress")
end
| `Ukvm_arm64, _ -> Error (`Msg "no amd64 ukvm image found")) >>= fun image ->
| `Hvt_arm64, _ -> Error (`Msg "no amd64 hvt image found")) >>= fun image ->
let fifo = fifo_file vm in
(match fifo_exists fifo with
| Ok true -> Ok ()
@ -161,8 +161,8 @@ let exec vm taps =
let net = List.map (fun t -> "--net=" ^ t) taps in
let argv = match vm.argv with None -> [] | Some xs -> xs in
(match taps with
| [] -> Ok Fpath.(dbdir / "ukvm-bin.none")
| [_] -> Ok Fpath.(dbdir / "ukvm-bin.net")
| [] -> Ok Fpath.(dbdir / "solo5-hvt.none")
| [_] -> Ok Fpath.(dbdir / "solo5-hvt.net")
| _ -> Error (`Msg "cannot handle multiple network interfaces")) >>= fun bin ->
cpuset vm.cpuid >>= fun cpuset ->
let mem = "--mem=" ^ string_of_int vm.requested_memory in

2
stats/vmm_stats.ml
View file

@ -56,7 +56,7 @@ let fill_descr ctx =
| ds -> Logs.info (fun m -> m "%d descr are already present" (List.length ds))
let open_vmmapi ?(retries = 4) pid =
let name = "ukvm" ^ string_of_int pid in
let name = "solo5-" ^ string_of_int pid in
if retries = 0 then begin
Logs.debug (fun m -> m "(ignored 0) vmmapi_open failed for %d" pid) ;
Error 0