Skip to content

Latest commit

 

History

History
218 lines (180 loc) · 4.68 KB

firecracker.md

File metadata and controls

218 lines (180 loc) · 4.68 KB

Firecracker Integration

OPS works well with Firecracker from AWS. OPS doesn't currently interact with the firecracker api but can produce disk images for you to use with firecracker.

To run:

./firecracker --api-sock /tmp/firecracker.socket --config-file vm_config.json

You should replace the kernel.img file with the location of your kernel and the my_img.img with the unikernel disk image of choice:

The vm_config.json:

{
  "boot-source": {
    "kernel_image_path": "/Users/bob/.ops/0.1.26/kernel.img",
    "boot_args": "console=ttyS0 reboot=k panic=1 pci=off"
  },
  "drives": [
    {
      "drive_id": "rootfs",
      "path_on_host": "/Users/bob/.ops/images/my_img.img",
      "is_root_device": true,
      "is_read_only": false
    }
  ],
  "network-interfaces": [
    {
      "iface_id": "eth0",
      "guest_mac": "AA:FC:00:00:00:01",
      "host_dev_name": "tap0"
    }
  ],
  "machine-config": {
    "vcpu_count": 1,
    "mem_size_mib": 1024,
    "ht_enabled": false
  }
}

You should have dhcp listen on your tap:

sudo apt-get install isc-dhcp-server

Create a tap device:

sudo ip tuntap add dev tap0 mode tap
sudo ip addr add 10.0.2.1/24 dev tap0
sudo ip link set tap0 up

Sample dhcp config:


option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;

default-lease-time 600;
max-lease-time 7200;

ddns-update-style none;

INTERFACES="tap0";

subnet 10.0.2.0 netmask 255.255.255.0 {
    option routers 10.0.2.1;
range 10.0.2.10 10.0.2.255;
}

dhcpd -f -d tap0

If this is setup correctly you should see some arp requests fly by:

bob@box:/home/eyberg~ dhcpd -f -d tap0
Internet Systems Consortium DHCP Server 4.3.5
Copyright 2004-2016 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Config file: /etc/dhcp/dhcpd.conf
Database file: /var/lib/dhcp/dhcpd.leases
PID file: /var/run/dhcpd.pid
lease 10.0.2.0: no subnet.
Wrote 0 leases to leases file.
Listening on LPF/tap0/96:ea:ca:e0:76:63/10.0.2.0/24
Sending on   LPF/tap0/96:ea:ca:e0:76:63/10.0.2.0/24
Sending on   Socket/fallback/fallback-net
Server starting service.
DHCPDISCOVER from aa:fc:00:00:00:01 via tap0
DHCPOFFER on 10.0.2.10 to aa:fc:00:00:00:01 via tap0
DHCPREQUEST for 10.0.2.10 (10.0.2.1) from aa:fc:00:00:00:01 via tap0
DHCPACK on 10.0.2.10 to aa:fc:00:00:00:01 (uniboot) via tap0
DHCPREQUEST for 10.0.2.10 from aa:fc:00:00:00:01 (uniboot) via tap0
DHCPACK on 10.0.2.10 to aa:fc:00:00:00:01 (uniboot) via tap0
DHCPREQUEST for 10.0.2.10 from aa:fc:00:00:00:01 (uniboot) via tap0
DHCPACK on 10.0.2.10 to aa:fc:00:00:00:01 (uniboot) via tap0
DHCPREQUEST for 10.0.2.10 from aa:fc:00:00:00:01 (uniboot) via tap0
DHCPACK on 10.0.2.10 to aa:fc:00:00:00:01 (uniboot) via tap0

and you should see the unikernel snag an ip:

Server started on port 8080
assigned: 10.0.2.10
assigned: 0.0.0.0

If you would like diagnostic logs you can try this before turning on the vm:

boot.sh:

#!/bin/sh

curl --unix-socket /tmp/firecracker.socket -i \
-X PUT 'http://localhost/boot-source' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"kernel_image_path": "/home/bob/.ops/0.1.26/kernel.img",
"boot_args": "console=ttyS0 reboot=k panic=1 pci=off" }'

drives.sh:

#!/bin/sh

curl --unix-socket /tmp/firecracker.socket -i \
-X PUT 'http://localhost/drives/rootfs' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
      "drive_id": "rootfs",
      "path_on_host": "/home/bob/.ops/0.1.26/images/my_img.img",
      "is_root_device": true,
      "is_read_only": false

}'

machine.sh:

#!/bin/sh

 curl --unix-socket /tmp/firecracker.socket -i \
-X PUT 'http://localhost/machine-config' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
    "vcpu_count": 1,
    "mem_size_mib": 1024,
    "ht_enabled": false
}'

start.sh:

#!/bin/sh

curl --unix-socket /tmp/firecracker.socket -i \
-X PUT 'http://localhost/actions' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"action_type": "InstanceStart"
}'

logs.sh:

#!/bin/sh

mkfifo log.fifo
mkfifo metrics.fifo

curl --unix-socket /tmp/firecracker.socket -i \
-X PUT 'http://localhost/logger' \
-H "accept: application/json" \
-H "Content-Type: application/json" \
-d '{ "log_fifo": "log.fifo", "metrics_fifo": "metrics.fifo", "level":
"Info", "show_level": true, "show_log_origin": true }'

Finally read your logs:

read_fifo.sh:

#!/bin/bash

while true
do
    if read line <$1; then
        if [[ "$line" == 'quit' ]]; then
            break
        fi
        echo $line
    fi
done

echo "Reader exiting"

 ./read_fifo.sh log.fifo