podman + krun Support #25
Conversation
Add a generic API to create microVMs in an "agnostic" way, and migrate to the new API in the orchestrator.sh and runner.sh scripts. While the API has code for podman, this update only focuses on migrating the existing krunvm-based code to the new API. The new API is implemented in lib/microvm.sh, and provides a set of docker/podman lookalike commands to manage microVMs. The function microvm_runtime can be used to pinpoint or auto-detect the runtime to use depending on commands available at the host. The API is **not** able to handle several krunvm-based microVMs at the same time.
Add support for multiple krunvm-based VMs in the API. This uses a temporary directory that will store the mappings between the name of the VM and the PID of the underlying (top) process. The directory should be removed through microvm_cleanup upon process exit.
While the podman runtime is still enforced, the script now supports several other runtimes. The KRUNVM_RUNNER_RUNTIME variable should contain the word podman, followed by the plus sign, followed by the runtime to use, e.g. podman+krun will pass the value of krun to the --runtime option of podman create/run.
|
Caution Review failedThe pull request is closed. WalkthroughThe pull request introduces several changes across multiple files to enhance the management of microVMs within the project. Key updates include the addition of a new section in Changes
Sequence Diagram(s)sequenceDiagram
participant User
participant Runner
participant Orchestrator
participant MicroVM
User->>Runner: Specify runtime (-R option)
Runner->>Orchestrator: Pass runtime information
Orchestrator->>MicroVM: Create and start microVM
MicroVM->>Orchestrator: Confirm microVM running
Orchestrator->>Runner: Notify user of microVM status
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 19
🧹 Outside diff range and nitpick comments (8)
README.md (2)
Line range hint
75-79: LGTM with a suggestion: Clear feature description with community engagementThe new feature description accurately reflects the added support for both
krunvmandkrununderpodman, aligning with the PR objectives. The mention of potential compatibility with container-based solutions is a good way to encourage community involvement.Consider adding a link to the project's issue tracker or contribution guidelines after the sentence "Reports and/or changes are welcome." This would make it easier for interested contributors to get involved.
98-102: LGTM with a minor formatting suggestion: Clear explanation of runtime requirementsThe updated requirements section accurately reflects the new runtime options introduced in this PR. The note about
podmannot being required when usingkrunvmis a helpful clarification for users.There's a minor formatting inconsistency. Consider removing the extra space before the
krunbullet point to align it with thekrunvmbullet point:+ A compatible runtime, i.e. either: - + `krun` and [`podman`][podman]. + + `krun` and [`podman`][podman]. + `krunvm`, its [requirements] and `buildah`🧰 Tools
🪛 LanguageTool
[uncategorized] ~100-~100: Loose punctuation mark.
Context: ...unand [podman][podman]. +krunvm, its [requirements] andbuildah` Note:...(UNLIKELY_OPENING_PUNCTUATION)
lib/microvm.sh (3)
115-115: Use consistent DNS default valueThe default DNS server is set to
1.1.1.1. Consider using a more widely recognized default DNS server like8.8.8.8, or making it configurable to suit different environments.
183-184: Fix comment regarding job controlThe comment states
Disable job control, butset -mactually enables job control (monitor mode). Update the comment to reflect the correct behavior.Correct the comment:
optstate=$(set +o) - set -m; # Disable job control + set -m; # Enable job control
235-235: Typo in commentThere's a typo in the comment: "Specify howlog to wait between TERM and KILL?" It should be "Specify how long to wait between TERM and KILL?"
Correct the comment:
# TODO: Specify howlog to wait between TERM and KILL? + # TODO: Specify how long to wait between TERM and KILL?runner.sh (3)
Line range hint
215-289: Potential issue with argument handling invm_runfunctionThe
vm_runfunction usesset --multiple times, which can overwrite previously set positional parameters and lead to unexpected behavior.Consider using an array to collect arguments to prevent overwriting. Here's a suggested refactor:
+args=() ... if [ -n "$RUNNER_ENVIRONMENT" ]; then ... # Pass the location of the env. file to the runner script - set -- -E "/${RUNNER_VM_ENVDIR}/${_id}.env" - set -- -k "/${RUNNER_VM_ENVDIR}/${_id}.tkn" "$@" + args+=("-E" "/${RUNNER_VM_ENVDIR}/${_id}.env") + args+=("-k" "/${RUNNER_VM_ENVDIR}/${_id}.tkn") else ... # Collect arguments + args+=( + -g "$RUNNER_GITHUB" + -G "$RUNNER_GROUP" + -i "$_id" + -l "$RUNNER_LOG" + -L "$RUNNER_LABELS" + -p "$RUNNER_PRINCIPAL" + -s "$RUNNER_SCOPE" + -S "$RUNNER_SECRET" + -T "$RUNNER_PAT" + -u "$RUNNER_USER" + ) if is_true "$RUNNER_EPHEMERAL"; then - set -- -e "$@" + args+=("-e") fi for _ in $(seq 1 "$RUNNER_VERBOSE"); do - set -- -v "$@" + args+=("-v") done fi # Add image to create from - set -- -- "$RUNNER_IMAGE" "$@" + args=( "--" "$RUNNER_IMAGE" "${args[@]}" ) # Add microVM options - set -- \ - -c "$RUNNER_CPUS" \ - -m "$RUNNER_MEMORY" \ - -d "$RUNNER_DNS" \ - -n "${RUNNER_PREFIX}-$_id" \ - -e "$RUNNER_ENTRYPOINT" \ - "$@" + args=( + -c "$RUNNER_CPUS" + -m "$RUNNER_MEMORY" + -d "$RUNNER_DNS" + -n "${RUNNER_PREFIX}-$_id" + -e "$RUNNER_ENTRYPOINT" + "${args[@]}" + ) if [ -n "${RUNNER_DIR:-}" ]; then - set -- -v "${RUNNER_ROOTDIR}:${RUNNER_DIR}" "$@" + args+=("-v" "${RUNNER_ROOTDIR}:${RUNNER_DIR}") fi if [ -n "${RUNNER_ENVIRONMENT:-}" ]; then - set -- -v "${RUNNER_ENVIRONMENT}:/${RUNNER_VM_ENVDIR}" "$@" + args+=("-v" "${RUNNER_ENVIRONMENT}:/${RUNNER_VM_ENVDIR}") fi if [ -n "$RUNNER_MOUNT" ]; then while IFS= read -r mount || [ -n "$mount" ]; do if [ -n "$mount" ]; then - set -- -v "$mount" "$@" + args+=("-v" "$mount") fi done <<EOF $(printf %s\\n "$RUNNER_MOUNT") EOF fi trace "Running microVM with: ${args[*]}" microvm_run "${args[@]}"
278-286: Simplify mounting multiple directoriesThe loop handling
RUNNER_MOUNTcan be simplified for clarity and efficiency.Consider using a
forloop:- while IFS= read -r mount || [ -n "$mount" ]; do - if [ -n "$mount" ]; then - set -- -v "$mount" "$@" - fi - done <<EOF - $(printf %s\\n "$RUNNER_MOUNT") - EOF + for mount in $RUNNER_MOUNT; do + [ -n "$mount" ] && args+=("-v" "$mount") + done
Line range hint
42-45: Duplicate definitions ofRUNNER_DIRandRUNNER_MOUNTThe variables
RUNNER_DIRandRUNNER_MOUNTare defined twice in the script, which may cause confusion and unexpected behavior.Remove the duplicate definitions to maintain clarity:
-# Name of top directory in VM where to host a copy of the root directory of this -# script. When this is set, the runner starter script from that directory will -# be used -- instead of the one already in the OCI image. This option is mainly -# usefull for development and testing. -RUNNER_DIR=${RUNNER_DIR:-""} - -RUNNER_MOUNT=${RUNNER_MOUNT:-""}Also applies to: 83-86
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
📒 Files selected for processing (6)
- CONTRIBUTING.md (1 hunks)
- README.md (4 hunks)
- lib/common.sh (1 hunks)
- lib/microvm.sh (1 hunks)
- orchestrator.sh (5 hunks)
- runner.sh (6 hunks)
🧰 Additional context used
🪛 LanguageTool
README.md
[uncategorized] ~100-~100: Loose punctuation mark.
Context: ...unand [podman][podman]. +krunvm, its [requirements] andbuildah` Note:...(UNLIKELY_OPENING_PUNCTUATION)
🔇 Additional comments (18)
README.md (6)
4-9: LGTM: Clear and accurate updates to project capabilitiesThe changes in this section accurately reflect the new support for
krunandpodmanas alternatives tokrunvm. The wording is clear, and the added links to the new tools are helpful for users.
15-21: LGTM: Helpful addition of resource linksThe new links to
libkrun,crun, andpodmanare well-placed and provide valuable resources for users to learn more about the newly supported tools.
93-94: LGTM: Helpful reference for users with older systemsThe added reference to the original issue for installation on older versions provides valuable context for users with older systems. This is a good addition to the documentation.
106-106: LGTM: Helpful link to installation issueThe added link to the installation issue provides valuable additional context for users. This is a good addition to the documentation.
140-142: LGTM: Clear update to runner creation processThe updated description of the runner creation process accurately reflects the new capability to use
podmanas an alternative tokrunvmfor creating microVMs. The wording is clear and concise, providing users with a good understanding of the process.
Line range hint
1-184: Overall: Excellent updates to README reflecting new capabilitiesThe changes to the README.md file effectively communicate the new support for
krununderpodmanand align well with the PR objectives. The documentation has been consistently updated throughout, maintaining clarity and providing users with a good understanding of the project's new capabilities and requirements.Key improvements include:
- Clear explanation of the new runtime options (
krunvmorkrunwithpodman).- Updated requirements section reflecting the new runtime choices.
- Addition of helpful links to new resources (
libkrun,crun,podman).- Consistent updates to the project description and architecture sections.
These changes significantly enhance the documentation, making it easier for users to understand and use the new features introduced in this PR.
orchestrator.sh (7)
34-35: Sourcing 'microvm.sh' for microVM managementIncluding
microvm.shintegrates microVM management functions into the orchestrator script, which is appropriate for the new functionality.
61-63: Initializing 'ORCHESTRATOR_RUNTIME' variableDefining
ORCHESTRATOR_RUNTIMEwith a default empty value allows the script to auto-detect the runtime if none is specified, enhancing flexibility.
Line range hint
68-81: Addition of '-R' option for specifying runtimeThe
-Roption is correctly implemented ingetopts, allowing users to specify the runtime via the command line. This enhances configurability.
109-115: Ensure proper deletion of microVMs in the cleanup functionThe cleanup function effectively iterates over microVMs with the specified prefix and deletes them using
microvm_delete, ensuring resources are freed appropriately.
123-123: Calling 'microvm_cleanup' after microVM deletionsInvoking
microvm_cleanupensures any additional cleanup tasks related to microVMs are performed, which is a good practice.
127-127: Initializing microVM runtime with 'microvm_runtime'Setting the runtime with
microvm_runtime "$ORCHESTRATOR_RUNTIME"ensures the microVM functions operate with the correct runtime, enhancing reliability.
146-147: Exporting 'RUNNER_RUNTIME' for use in runner scriptsAdding
RUNNER_RUNTIMEto the exported variables allows runner scripts to access the specified runtime, maintaining consistency across scripts.runner.sh (5)
34-35: Approved inclusion of microvm.shThe microVM management functions are correctly sourced, allowing the script to utilize the new microVM functionalities.
120-121: Approved addition of RUNNER_RUNTIME variableThe
RUNNER_RUNTIMEvariable is correctly initialized and will allow users to specify the runtime as intended.
128-128: Added runtime option '-R' to getopts parsingThe addition of the
-Roption enables users to specify the runtime via command-line arguments.
160-161: Approved handling of '-R' option in getoptsThe script correctly captures the runtime specified with the
-Roption and assigns it toRUNNER_RUNTIME.
210-211: Passing runtime to microVM scriptThe call to
microvm_runtime "$RUNNER_RUNTIME"correctly passes the selected runtime to the microVM script.
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
This factors aways the microvm lifecycle to a separate "library" and arranges for the new package to support both the original
krunvmandbuidahruntime, but alsokrununderpodman.In that package, runtime choice is made through the
KRUNVM_RUNNER_RUNTIMEenvironment variable. The variable can bekrunvmorpodman+krun. In theory -- but this has never been tested -- the podman runtime appearing after the+sign could be any runtime supported bypodman, e.g.crun.When no runtime is specified at the command line or through an environment variable, the package will automatically choose depending on the presence of the relevant and necessary binaries. The implementation prefers
podman+krun, as these are part of the mainstream containers project at GitHub.