mirror of
https://github.com/aljazceru/kata-containers.git
synced 2026-01-02 05:54:26 +01:00
907459c1c1
The agent initiates a PCI rescan from two places. One is triggered for each virtio-blk PCI device, and one is triggered unconditionally when we start a new container. The PCI bus rescan code was added long time ago in Clear Containers due to lack of ACPI support in QEMU 2.9 + q35. Since Kata routinely plugs devices under a PCIe-to-PCI bridge, that left SHPC as the only available hotplug mechanism. However, while Kata was using SHPC on the qemu side, it wasn't actually using it on the guest side. Due to a quirk of our guest kernel configuration, the SHPC driver never bound to the bridge, and *no* hotplug was working at all. To work around that, Kata was forcing the rescan manually, which would discover the new device. That was very fragile (we were arguably relying on a kernel bug). Even if we were using SHPC propertly, it includes a mandatory 5s delay during plug operations (designed for physical cards and human operators), which makes it unsuitable quick start up. Worse, the forced PCI rescans could race with either SHPC or PCIe native hotplug sequences, causing several problems. In some cases this could put the device into an entirely broken state where it wouldn't respond to config space accesses at all. Since pull request #2323 was merged, we have instead used ACPI hotplug which is both fast, and more solid in terms of semantics and races. So, the forced PCI rescans are no longer necessary. Remove them all. fixes #683 Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Kata Agent in Rust
This is a rust version of the kata-agent.
In Denver PTG, we discussed about re-writing agent in rust:
In general, we all think about re-write agent in rust to reduce the footprint of agent. Moreover, Eric mentioned the possibility to stop using gRPC, which may have some impact on footprint. We may begin to do some POC to show how much we could save by re-writing agent in rust.
After that, we drafted the initial code here, and any contributions are welcome.
Features
| Feature | Status |
|---|---|
| OCI Behaviors | |
| create/start containers | ✅ |
| signal/wait process | ✅ |
| exec/list process | ✅ |
| I/O stream | ✅ |
| Cgroups | ✅ |
Capabilities, rlimit, readonly path, masked path, users |
✅ |
container stats (stats_container) |
✅ |
| Hooks | ✅ |
| Agent Features & APIs | |
run agent as init (mount fs, udev, setup lo) |
✅ |
| block device as root device | ✅ |
| Health API | ✅ |
network, interface/routes (update_container) |
✅ |
File transfer API (copy_file) |
✅ |
Device APIs (reseed_random_device, , online_cpu_memory, mem_hotplug_probe, set_guet_data_time) |
✅ |
| VSOCK support | ✅ |
| virtio-serial support | ✖️ |
| OCI Spec validator | ✅ |
| Infrastructures | |
| Debug Console | ✅ |
| Command line | ✅ |
| Tracing | ✖️ |
Getting Started
Build from Source
The rust-agent needs to be built statically and linked with musl
Note: skip this step for ppc64le, the build scripts explicitly use gnu for ppc64le.
$ arch=$(uname -m)
$ rustup target add "${arch}-unknown-linux-musl"
$ sudo ln -s /usr/bin/g++ /bin/musl-g++
ppc64le-only: Manually install protoc, e.g.
$ sudo dnf install protobuf-compiler
Download the source files in the Kata containers repository and build the agent:
$ GOPATH="${GOPATH:-$HOME/go}"
$ dir="$GOPATH/src/github.com/kata-containers"
$ git -C ${dir} clone --depth 1 https://github.com/kata-containers/kata-containers
$ make -C ${dir}/kata-containers/src/agent
Run Kata CI with rust-agent
- Firstly, install Kata as noted by "how to install Kata"
- Secondly, build your own Kata initrd/image following the steps in "how to build your own initrd/image". notes: Please use your rust agent instead of the go agent when building your initrd/image.
- Clone the Kata CI test cases from: https://github.com/kata-containers/tests.git, and then run the CRI test with:
$sudo -E PATH=$PATH -E GOPATH=$GOPATH integration/containerd/shimv2/shimv2-tests.sh
Mini Benchmark
The memory of RssAnon consumed by the go-agent and rust-agent as below:
go-agent: about 11M
rust-agent: about 1.1M