aljaz/kata-containers
1
0
Fork 0
mirror of https://github.com/aljazceru/kata-containers.git synced 2026-01-03 06:24:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
bc4460e12fa90a67e8fb6801d99ac8d5aebe8f59
kata-containers/virtcontainers/mock_hypervisor.go
Manohar Castelino 78ea50c36c virtcontainers: Jailer: Add jailer support for firecracker 
Firecracker provides a jailer to constrain the VMM. Use this
jailer to launch the firecracker VMM instead of launching it
directly from the kata-runtime.

The jailer will ensure that the firecracker VMM will run
in its own network and mount namespace. All assets required
by the VMM have to be present within these namespaces.
The assets need to be copied or bind mounted into the chroot
location setup by jailer in order for firecracker to access
these resouces. This includes files, device nodes and all
other assets.

Jailer automatically sets up the jail to have access to
kvm and vhost-vsock.

If a jailer is not available (i.e. not setup in the toml)
for a given hypervisor the runtime will act as the jailer.

Also enhance the hypervisor interface and unit tests to
include the network namespace. This allows the hypervisor
to choose how and where to lauch the VMM process, vs
virtcontainers directly launching the VMM process.

Fixes: #1129

Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
2019-07-11 21:32:36 +00:00

117 lines
2.6 KiB
Go
Raw Blame History

// Copyright (c) 2016 Intel Corporation
//
// SPDX-License-Identifier: Apache-2.0
//
package virtcontainers
import (
"context"
"errors"
"os"
"github.com/kata-containers/runtime/virtcontainers/store"
"github.com/kata-containers/runtime/virtcontainers/types"
)
type mockHypervisor struct {
mockPid int
}
func (m *mockHypervisor) capabilities() types.Capabilities {
return types.Capabilities{}
}
func (m *mockHypervisor) hypervisorConfig() HypervisorConfig {
return HypervisorConfig{}
}
func (m *mockHypervisor) createSandbox(ctx context.Context, id string, networkNS NetworkNamespace, hypervisorConfig *HypervisorConfig, store *store.VCStore) error {
err := hypervisorConfig.valid()
if err != nil {
return err
}
return nil
}
func (m *mockHypervisor) startSandbox(timeout int) error {
return nil
}
func (m *mockHypervisor) stopSandbox() error {
return nil
}
func (m *mockHypervisor) pauseSandbox() error {
return nil
}
func (m *mockHypervisor) resumeSandbox() error {
return nil
}
func (m *mockHypervisor) saveSandbox() error {
return nil
}
func (m *mockHypervisor) addDevice(devInfo interface{}, devType deviceType) error {
return nil
}
func (m *mockHypervisor) hotplugAddDevice(devInfo interface{}, devType deviceType) (interface{}, error) {
switch devType {
case cpuDev:
return devInfo.(uint32), nil
case memoryDev:
memdev := devInfo.(*memoryDevice)
return memdev.sizeMB, nil
}
return nil, nil
}
func (m *mockHypervisor) hotplugRemoveDevice(devInfo interface{}, devType deviceType) (interface{}, error) {
switch devType {
case cpuDev:
return devInfo.(uint32), nil
case memoryDev:
return 0, nil
}
return nil, nil
}
func (m *mockHypervisor) getSandboxConsole(sandboxID string) (string, error) {
return "", nil
}
func (m *mockHypervisor) resizeMemory(memMB uint32, memorySectionSizeMB uint32, probe bool) (uint32, memoryDevice, error) {
return 0, memoryDevice{}, nil
}
func (m *mockHypervisor) resizeVCPUs(cpus uint32) (uint32, uint32, error) {
return 0, 0, nil
}
func (m *mockHypervisor) disconnect() {
}
func (m *mockHypervisor) getThreadIDs() (vcpuThreadIDs, error) {
vcpus := map[int]int{0: os.Getpid()}
return vcpuThreadIDs{vcpus}, nil
}
func (m *mockHypervisor) cleanup() error {
return nil
}
func (m *mockHypervisor) pid() int {
return m.mockPid
}
func (m *mockHypervisor) fromGrpc(ctx context.Context, hypervisorConfig *HypervisorConfig, store *store.VCStore, j []byte) error {
return errors.New("mockHypervisor is not supported by VM cache")
}
func (m *mockHypervisor) toGrpc() ([]byte, error) {
return nil, errors.New("firecracker is not supported by VM cache")
}
Reference in New Issue View Git Blame Copy Permalink