Deprecate hyperstart, CC shim, and CC proxy #1428
Conversation
gabibeyer
force-pushed
the
slashNburn
branch
3 times, most recently
from
2d6ac6b
to
3d74dfa
Compare
pkg/katautils/config.go
Outdated
| case ccProxyTableType: | ||
| config.ProxyType = vc.CCProxyType | ||
| case kataProxyTableType: | ||
| if k == kataProxyTableType { |
There was a problem hiding this comment.
So two things after talking with @gabibeyer, we don't expect more than one proxy definition, so we should check the number of entries provided through the config. Also, we don't expect to support multiple types of proxy, shim or agent, so we should simply have a toml entry this way:
[proxy]
path = "foo"
[shim]
path = "bar"And to even go one step further, we can remove the agent entry itself since that was a simple placeholder to determine the type of agent.
There was a problem hiding this comment.
I prefer we keep original ones and don't change it. Modify existing field names can break compatibility and make me anxious, proxy.kata doesn't harm :)
There was a problem hiding this comment.
If we do this I think we should maintain backward compatibility here to allow runtime to be used with older toml possibly in /etc/kata-containers.
There was a problem hiding this comment.
Sounds good! I kept the old formatting, then added a 'default' case statement that returns an error is the type passed is not supported.
|
Thanks for the PR @gabibeyer, it looks good! Just need to cleanup the whole configuration since we won't be carrying multiple shim/proxy entries. |
|
/test |
|
Actually alibaba is still using hyperstart for some legacy kernel support in GuestOS. Could we find another way to still support legacy kernels. |
|
@allencloud but I thought hyperstart was not even working anymore with Kata. I might be wrong though, or is it because they maintain a downstream version of Kata? |
|
Looks still have some people need the code. |
|
@teawater yes but I want to clarify if the hyperstart agent is used in the context of Kata or not. This PR removes the support from a Kata perspective, which I thought was not even working anymore with this agent. |
|
@allencloud I believe you are referring hyperstart support via runv instead. hyperstart_agent.go in kata containers is missing a lot of interface implementations and I doubt it can even work. |
| @@ -70,6 +70,7 @@ var ( | |||
| kataEphemeralDevType = "ephemeral" | |||
| ephemeralPath = filepath.Join(kataGuestSandboxDir, kataEphemeralDevType) | |||
| grpcMaxDataSize = int64(1024 * 1024) | |||
| maxHostnameLen = 64 | |||
There was a problem hiding this comment.
It was originally declared in the hyperstart_agent.go, but is needed here too, so I moved it :)
| os.RemoveAll(dir) | ||
| os.MkdirAll(dir, store.DirMode) | ||
| } | ||
| os.RemoveAll(testDir) |
There was a problem hiding this comment.
Why remove defaultSharedDir?
There was a problem hiding this comment.
It was declared in the hyperstart_agent.go file, and seems to point to the hyper sandbox location, so I figured it may be irrelevant with the removal of hyperstart: var defaultSharedDir = /run/hyper/shared/sandboxes/", but I'm not entirely sure
There was a problem hiding this comment.
The CI passed, so I think you should be right.
pkg/katautils/config.go
Outdated
| case ccProxyTableType: | ||
| config.ProxyType = vc.CCProxyType | ||
| case kataProxyTableType: | ||
| if k == kataProxyTableType { |
There was a problem hiding this comment.
I prefer we keep original ones and don't change it. Modify existing field names can break compatibility and make me anxious, proxy.kata doesn't harm :)
If it's runv+hyperstart, then I think it's safe to remove from kata. Or we need more discussion about our deprecated features. |
| bindUnmountAllRootfs(ctx, defaultSharedDir, pImpl) | ||
| // TODO: defaultSharedDir is a hyper var = /run/hyper/shared/sandboxes | ||
| // do we need to unmount sandboxes and containers? | ||
| bindUnmountAllRootfs(ctx, testDir, pImpl) |
There was a problem hiding this comment.
@WeiZhang555 your comment reminded me I needed ask about this, thank you!
Two test cases were calling bindUnmountAllRootfs with the defaultSharedDir as an argument, however neither test had anything to do with hyperstart (since defaultSharedDir = /run/hyper/shared/sandboxes/). I wasn't sure what to do about that situation; whether to bindUnmount the KataHostSharedDir, testDir, or some other variable instead.
There was a problem hiding this comment.
I'm not sure either, I think it should be kataHostSharedDir, but I wonder if this is really necessary, maybe bindUnmountAllRootfs can be removed.
|
/test |
pkg/katautils/config.go
Outdated
| case ccProxyTableType: | ||
| config.ProxyType = vc.CCProxyType | ||
| case kataProxyTableType: | ||
| if k == kataProxyTableType { |
There was a problem hiding this comment.
If we do this I think we should maintain backward compatibility here to allow runtime to be used with older toml possibly in /etc/kata-containers.
|
/test |
|
@gabibeyer ping this PR require rebase |
gabibeyer
force-pushed
the
slashNburn
branch
2 times, most recently
from
1b9b2d2
to
c611cab
Compare
|
/test |
gabibeyer
requested review from
WeiZhang555,
amshinde and
sboeuf
and removed request for
WeiZhang555
|
/test |
The hyperstart agent has not been supported in kata since 2.1, so remove it as a component to kata. Mentioned in issue kata-containers#1113. Fixes: kata-containers#1419 Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
previously used as a small api client for virtcontainers, virtc no longer needed. Fixes kata-containers#1419 Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
Clear Containers proxy and shim are no longer supported. This was mentioned in issue kata-containers#1113. Their functionalities are thus removed from the runtime. Fixes kata-containers#1419 Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
The kata shim tests make use of an ioctl function, so instead of having a custom one within that file, use the ioctl function in utils/utils_linux Fixes kata-containers#1419 Signed-off-by: Gabi Beyer <Gabrielle.n.beyer@intel.com>
|
/test |
| if _, _, errno := unix.Syscall(unix.SYS_IOCTL, fd, request, data); errno != 0 { | ||
| //uintptr(request) | ||
| //uintptr(unsafe.Pointer(&arg1)), | ||
| //); errno != 0 { |
There was a problem hiding this comment.
need to clean unnecessary codes.
|
I'll merge this. You can file another PR to clean unnecessary comments, it doesn't influence functions so I think it's OK |
|
Yay! Thank you @WeiZhang555 |
vc: as discussed, the hyperstart agent, clear containers shim, and clear containers proxy are no longer being supported, as of version 2.1. Therefore their components have been removed from the kata-runtime implementation and the kata agent, shim and proxy are used when necessary. The virtc API client is also removed, for it uses these deprecated features heavily, and is no longer in working condition.
Fixes issue #1419