2024-03-24 05:25:48 +00:00
|
|
|
use std::collections::HashMap;
|
2024-03-27 02:54:39 +00:00
|
|
|
use std::net::{IpAddr, Ipv6Addr};
|
2024-02-29 12:52:44 +00:00
|
|
|
use std::{fs, net::Ipv4Addr, str::FromStr};
|
|
|
|
|
|
|
|
use advmac::MacAddr6;
|
|
|
|
use anyhow::{anyhow, Result};
|
2024-03-05 11:35:25 +00:00
|
|
|
use ipnetwork::{IpNetwork, Ipv4Network};
|
|
|
|
use krata::launchcfg::{
|
2024-02-29 12:52:44 +00:00
|
|
|
LaunchInfo, LaunchNetwork, LaunchNetworkIpv4, LaunchNetworkIpv6, LaunchNetworkResolver,
|
|
|
|
};
|
|
|
|
use uuid::Uuid;
|
2024-03-28 07:36:48 +00:00
|
|
|
use xenclient::{DomainChannel, DomainConfig, DomainDisk, DomainNetworkInterface};
|
2024-03-08 13:08:59 +00:00
|
|
|
use xenstore::XsdInterface;
|
2024-02-29 12:52:44 +00:00
|
|
|
|
2024-03-07 18:04:22 +00:00
|
|
|
use crate::cfgblk::ConfigBlock;
|
2024-03-25 02:37:02 +00:00
|
|
|
use crate::RuntimeContext;
|
|
|
|
use krataoci::{
|
2024-03-08 14:44:45 +00:00
|
|
|
cache::ImageCache,
|
|
|
|
compiler::{ImageCompiler, ImageInfo},
|
|
|
|
name::ImageName,
|
|
|
|
};
|
2024-02-29 12:52:44 +00:00
|
|
|
|
2024-03-06 15:57:56 +00:00
|
|
|
use super::{GuestInfo, GuestState};
|
2024-02-29 12:52:44 +00:00
|
|
|
|
|
|
|
pub struct GuestLaunchRequest<'a> {
|
2024-03-14 14:03:11 +00:00
|
|
|
pub uuid: Option<Uuid>,
|
2024-03-13 13:05:17 +00:00
|
|
|
pub name: Option<&'a str>,
|
2024-02-29 12:52:44 +00:00
|
|
|
pub image: &'a str,
|
|
|
|
pub vcpus: u32,
|
|
|
|
pub mem: u64,
|
2024-03-24 05:25:48 +00:00
|
|
|
pub env: HashMap<String, String>,
|
2024-02-29 12:52:44 +00:00
|
|
|
pub run: Option<Vec<String>>,
|
|
|
|
pub debug: bool,
|
|
|
|
}
|
|
|
|
|
|
|
|
pub struct GuestLauncher {}
|
|
|
|
|
|
|
|
impl GuestLauncher {
|
|
|
|
pub fn new() -> Result<Self> {
|
|
|
|
Ok(Self {})
|
|
|
|
}
|
|
|
|
|
2024-03-05 11:35:25 +00:00
|
|
|
pub async fn launch<'r>(
|
2024-02-29 12:52:44 +00:00
|
|
|
&mut self,
|
2024-03-05 11:35:25 +00:00
|
|
|
context: &mut RuntimeContext,
|
2024-02-29 12:52:44 +00:00
|
|
|
request: GuestLaunchRequest<'r>,
|
|
|
|
) -> Result<GuestInfo> {
|
2024-03-14 14:03:11 +00:00
|
|
|
let uuid = request.uuid.unwrap_or_else(Uuid::new_v4);
|
2024-03-14 23:29:07 +00:00
|
|
|
let xen_name = format!("krata-{uuid}");
|
2024-02-29 12:52:44 +00:00
|
|
|
let image_info = self.compile(request.image, &context.image_cache).await?;
|
|
|
|
|
|
|
|
let mut gateway_mac = MacAddr6::random();
|
|
|
|
gateway_mac.set_local(true);
|
|
|
|
gateway_mac.set_multicast(false);
|
|
|
|
let mut container_mac = MacAddr6::random();
|
|
|
|
container_mac.set_local(true);
|
|
|
|
container_mac.set_multicast(false);
|
|
|
|
|
|
|
|
let guest_ipv4 = self.allocate_ipv4(context).await?;
|
|
|
|
let guest_ipv6 = container_mac.to_link_local_ipv6();
|
2024-03-03 12:07:32 +00:00
|
|
|
let gateway_ipv4 = "10.75.70.1";
|
2024-02-29 12:52:44 +00:00
|
|
|
let gateway_ipv6 = "fe80::1";
|
2024-03-03 12:07:32 +00:00
|
|
|
let ipv4_network_mask: u32 = 16;
|
2024-02-29 12:52:44 +00:00
|
|
|
let ipv6_network_mask: u32 = 10;
|
|
|
|
|
|
|
|
let launch_config = LaunchInfo {
|
|
|
|
network: Some(LaunchNetwork {
|
|
|
|
link: "eth0".to_string(),
|
|
|
|
ipv4: LaunchNetworkIpv4 {
|
|
|
|
address: format!("{}/{}", guest_ipv4, ipv4_network_mask),
|
|
|
|
gateway: gateway_ipv4.to_string(),
|
|
|
|
},
|
|
|
|
ipv6: LaunchNetworkIpv6 {
|
|
|
|
address: format!("{}/{}", guest_ipv6, ipv6_network_mask),
|
|
|
|
gateway: gateway_ipv6.to_string(),
|
|
|
|
},
|
|
|
|
resolver: LaunchNetworkResolver {
|
|
|
|
nameservers: vec![
|
|
|
|
"1.1.1.1".to_string(),
|
|
|
|
"1.0.0.1".to_string(),
|
|
|
|
"2606:4700:4700::1111".to_string(),
|
|
|
|
"2606:4700:4700::1001".to_string(),
|
|
|
|
],
|
|
|
|
},
|
|
|
|
}),
|
|
|
|
env: request.env,
|
|
|
|
run: request.run,
|
|
|
|
};
|
|
|
|
|
|
|
|
let cfgblk = ConfigBlock::new(&uuid, &image_info)?;
|
|
|
|
cfgblk.build(&launch_config)?;
|
|
|
|
|
|
|
|
let image_squashfs_path = image_info
|
|
|
|
.image_squashfs
|
|
|
|
.to_str()
|
|
|
|
.ok_or_else(|| anyhow!("failed to convert image squashfs path to string"))?;
|
|
|
|
|
|
|
|
let cfgblk_dir_path = cfgblk
|
|
|
|
.dir
|
|
|
|
.to_str()
|
|
|
|
.ok_or_else(|| anyhow!("failed to convert cfgblk directory path to string"))?;
|
|
|
|
let cfgblk_squashfs_path = cfgblk
|
|
|
|
.file
|
|
|
|
.to_str()
|
|
|
|
.ok_or_else(|| anyhow!("failed to convert cfgblk squashfs path to string"))?;
|
|
|
|
|
|
|
|
let image_squashfs_loop = context.autoloop.loopify(image_squashfs_path)?;
|
|
|
|
let cfgblk_squashfs_loop = context.autoloop.loopify(cfgblk_squashfs_path)?;
|
|
|
|
|
|
|
|
let cmdline_options = [
|
|
|
|
if request.debug { "debug" } else { "quiet" },
|
|
|
|
"elevator=noop",
|
|
|
|
];
|
|
|
|
let cmdline = cmdline_options.join(" ");
|
|
|
|
|
2024-03-27 02:54:39 +00:00
|
|
|
let guest_mac_string = container_mac.to_string().replace('-', ":");
|
2024-02-29 12:52:44 +00:00
|
|
|
let gateway_mac_string = gateway_mac.to_string().replace('-', ":");
|
2024-03-13 13:05:17 +00:00
|
|
|
|
|
|
|
let mut extra_keys = vec![
|
|
|
|
("krata/uuid".to_string(), uuid.to_string()),
|
|
|
|
(
|
|
|
|
"krata/loops".to_string(),
|
|
|
|
format!(
|
|
|
|
"{}:{}:none,{}:{}:{}",
|
|
|
|
&image_squashfs_loop.path,
|
|
|
|
image_squashfs_path,
|
|
|
|
&cfgblk_squashfs_loop.path,
|
|
|
|
cfgblk_squashfs_path,
|
|
|
|
cfgblk_dir_path,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
("krata/image".to_string(), request.image.to_string()),
|
|
|
|
(
|
|
|
|
"krata/network/guest/ipv4".to_string(),
|
|
|
|
format!("{}/{}", guest_ipv4, ipv4_network_mask),
|
|
|
|
),
|
|
|
|
(
|
|
|
|
"krata/network/guest/ipv6".to_string(),
|
|
|
|
format!("{}/{}", guest_ipv6, ipv6_network_mask),
|
|
|
|
),
|
|
|
|
(
|
|
|
|
"krata/network/guest/mac".to_string(),
|
2024-03-27 02:54:39 +00:00
|
|
|
guest_mac_string.clone(),
|
2024-03-13 13:05:17 +00:00
|
|
|
),
|
|
|
|
(
|
|
|
|
"krata/network/gateway/ipv4".to_string(),
|
|
|
|
format!("{}/{}", gateway_ipv4, ipv4_network_mask),
|
|
|
|
),
|
|
|
|
(
|
|
|
|
"krata/network/gateway/ipv6".to_string(),
|
|
|
|
format!("{}/{}", gateway_ipv6, ipv6_network_mask),
|
|
|
|
),
|
|
|
|
(
|
|
|
|
"krata/network/gateway/mac".to_string(),
|
|
|
|
gateway_mac_string.clone(),
|
|
|
|
),
|
|
|
|
];
|
|
|
|
|
|
|
|
if let Some(name) = request.name {
|
|
|
|
extra_keys.push(("krata/name".to_string(), name.to_string()));
|
|
|
|
}
|
|
|
|
|
2024-02-29 12:52:44 +00:00
|
|
|
let config = DomainConfig {
|
|
|
|
backend_domid: 0,
|
2024-03-14 23:29:07 +00:00
|
|
|
name: &xen_name,
|
2024-02-29 12:52:44 +00:00
|
|
|
max_vcpus: request.vcpus,
|
|
|
|
mem_mb: request.mem,
|
2024-03-05 11:35:25 +00:00
|
|
|
kernel_path: &context.kernel,
|
|
|
|
initrd_path: &context.initrd,
|
2024-02-29 12:52:44 +00:00
|
|
|
cmdline: &cmdline,
|
|
|
|
disks: vec![
|
|
|
|
DomainDisk {
|
|
|
|
vdev: "xvda",
|
|
|
|
block: &image_squashfs_loop,
|
|
|
|
writable: false,
|
|
|
|
},
|
|
|
|
DomainDisk {
|
|
|
|
vdev: "xvdb",
|
|
|
|
block: &cfgblk_squashfs_loop,
|
|
|
|
writable: false,
|
|
|
|
},
|
|
|
|
],
|
2024-03-28 07:36:48 +00:00
|
|
|
channels: vec![DomainChannel {
|
|
|
|
typ: "krata-channel".to_string(),
|
|
|
|
initialized: false,
|
|
|
|
}],
|
2024-02-29 12:52:44 +00:00
|
|
|
vifs: vec![DomainNetworkInterface {
|
2024-03-27 02:54:39 +00:00
|
|
|
mac: &guest_mac_string,
|
2024-02-29 12:52:44 +00:00
|
|
|
mtu: 1500,
|
|
|
|
bridge: None,
|
|
|
|
script: None,
|
|
|
|
}],
|
|
|
|
filesystems: vec![],
|
|
|
|
event_channels: vec![],
|
2024-03-13 13:05:17 +00:00
|
|
|
extra_keys,
|
2024-02-29 12:52:44 +00:00
|
|
|
extra_rw_paths: vec!["krata/guest".to_string()],
|
|
|
|
};
|
|
|
|
match context.xen.create(&config).await {
|
2024-03-27 06:28:47 +00:00
|
|
|
Ok(created) => Ok(GuestInfo {
|
2024-03-13 13:05:17 +00:00
|
|
|
name: request.name.map(|x| x.to_string()),
|
2024-02-29 12:52:44 +00:00
|
|
|
uuid,
|
2024-03-27 06:28:47 +00:00
|
|
|
domid: created.domid,
|
2024-02-29 12:52:44 +00:00
|
|
|
image: request.image.to_string(),
|
|
|
|
loops: vec![],
|
2024-03-27 02:54:39 +00:00
|
|
|
guest_ipv4: Some(IpNetwork::new(
|
2024-03-05 11:35:25 +00:00
|
|
|
IpAddr::V4(guest_ipv4),
|
|
|
|
ipv4_network_mask as u8,
|
|
|
|
)?),
|
2024-03-27 02:54:39 +00:00
|
|
|
guest_ipv6: Some(IpNetwork::new(
|
2024-03-05 11:35:25 +00:00
|
|
|
IpAddr::V6(guest_ipv6),
|
|
|
|
ipv6_network_mask as u8,
|
|
|
|
)?),
|
2024-03-27 02:54:39 +00:00
|
|
|
guest_mac: Some(guest_mac_string.clone()),
|
|
|
|
gateway_ipv4: Some(IpNetwork::new(
|
|
|
|
IpAddr::V4(Ipv4Addr::from_str(gateway_ipv4)?),
|
|
|
|
ipv4_network_mask as u8,
|
|
|
|
)?),
|
|
|
|
gateway_ipv6: Some(IpNetwork::new(
|
|
|
|
IpAddr::V6(Ipv6Addr::from_str(gateway_ipv6)?),
|
|
|
|
ipv4_network_mask as u8,
|
|
|
|
)?),
|
|
|
|
gateway_mac: Some(gateway_mac_string.clone()),
|
2024-03-06 15:57:56 +00:00
|
|
|
state: GuestState { exit_code: None },
|
2024-02-29 12:52:44 +00:00
|
|
|
}),
|
|
|
|
Err(error) => {
|
|
|
|
let _ = context.autoloop.unloop(&image_squashfs_loop.path);
|
|
|
|
let _ = context.autoloop.unloop(&cfgblk_squashfs_loop.path);
|
|
|
|
let _ = fs::remove_dir(&cfgblk.dir);
|
|
|
|
Err(error.into())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
async fn compile(&self, image: &str, image_cache: &ImageCache) -> Result<ImageInfo> {
|
|
|
|
let image = ImageName::parse(image)?;
|
2024-03-13 14:20:22 +00:00
|
|
|
let compiler = ImageCompiler::new(image_cache, None)?;
|
2024-02-29 12:52:44 +00:00
|
|
|
compiler.compile(&image).await
|
|
|
|
}
|
|
|
|
|
2024-03-05 11:35:25 +00:00
|
|
|
async fn allocate_ipv4(&mut self, context: &mut RuntimeContext) -> Result<Ipv4Addr> {
|
2024-03-03 12:07:32 +00:00
|
|
|
let network = Ipv4Network::new(Ipv4Addr::new(10, 75, 80, 0), 24)?;
|
|
|
|
let mut used: Vec<Ipv4Addr> = vec![];
|
2024-02-29 12:52:44 +00:00
|
|
|
for domid_candidate in context.xen.store.list("/local/domain").await? {
|
|
|
|
let dom_path = format!("/local/domain/{}", domid_candidate);
|
|
|
|
let ip_path = format!("{}/krata/network/guest/ipv4", dom_path);
|
|
|
|
let existing_ip = context.xen.store.read_string(&ip_path).await?;
|
|
|
|
if let Some(existing_ip) = existing_ip {
|
|
|
|
let ipv4_network = Ipv4Network::from_str(&existing_ip)?;
|
|
|
|
used.push(ipv4_network.ip());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
let mut found: Option<Ipv4Addr> = None;
|
|
|
|
for ip in network.iter() {
|
2024-03-03 12:07:32 +00:00
|
|
|
let last = ip.octets()[3];
|
|
|
|
if last == 0 || last == 255 {
|
|
|
|
continue;
|
|
|
|
}
|
2024-02-29 12:52:44 +00:00
|
|
|
if !used.contains(&ip) {
|
|
|
|
found = Some(ip);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if found.is_none() {
|
|
|
|
return Err(anyhow!(
|
|
|
|
"unable to find ipv4 to allocate to container, ipv4 addresses are exhausted"
|
|
|
|
));
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok(found.unwrap())
|
|
|
|
}
|
|
|
|
}
|