feature: build and use rootf dynamically and use kernel

support rootfs : - archlinux - ubuntu kernel 5.10.204 from url amazon url Co-authored-by: RouxAntoine <antoinroux@hotmail.fr> Co-committed-by: RouxAntoine <antoinroux@hotmail.fr>
2024-01-06 13:25:47 +00:00 · 2024-01-06 13:25:47 +00:00 · a2b5884726
commit a2b5884726
parent 99ca371839
4 changed files with 93 additions and 13 deletions
--- a/15
+++ b/15
@ -1,4 +1,4 @@
-.PHONY: build run ci get-alpine-rootfs
+.PHONY: build run ci
 .EXPORT_ALL_VARIABLES:

 GOARCH=amd64
@ -11,17 +11,19 @@ GOBUILDFLAGS=-tags dev

 EXEC=out/main

-build: out/alpine-minirootfs-3.19.0-x86_64.tar.gz $(EXEC)
+build: $(EXEC)

 run: $(EXEC)
 	@chmod +x $(EXEC)
-	$(EXEC)
+	sudo $(EXEC)
+
+NS=practical_murdock
+ssh:
+	sudo ip netns exec $(NS) ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeychecking=no 172.16.0.2

 ci:
 	golangci-lint run --fix

-get-alpine-rootfs: out/alpine-minirootfs-3.19.0-x86_64.tar.gz
-
 publish:
 	scp $(EXEC) sf314:~/firecracker/

@ -32,6 +34,3 @@ dependencies:
 $(EXEC): cmd/main.go dependencies
 	@echo "build for os $$GOOS and arch $$GOARCH"
 	go build -o $@ -ldflags="$(LDFLAGS)" $(GOBUILDFLAGS) $<
-
-out/alpine-minirootfs-3.19.0-x86_64.tar.gz:
-	wget -O $@ https://dl-cdn.alpinelinux.org/alpine/v3.19/releases/x86_64/alpine-minirootfs-3.19.0-x86_64.tar.gz
--- a/cmd/main.go
+++ b/cmd/main.go
@ -89,17 +89,18 @@ func setupEnv() int {
 	cpuCount := int64(4)
 	memorySize := int64(1024)
 	isSmt := true
+	socketPath := "/tmp/firecracker.socket"

 	cfg := firecracker.Config{
-		SocketPath:      "/tmp/firecracker.socket",
-		KernelImagePath: "./vmlinux-5.10.204",
-		LogPath:         "./firecracker.log",
+		SocketPath:      socketPath,
+		KernelImagePath: "./out/vmlinux-5.10.204",
+		LogPath:         "./out/firecracker.log",
 		LogLevel:        "Debug",
 		KernelArgs:      "console=ttyS0 reboot=k panic=1 pci=off",
 		Drives: []models.Drive{
 			{
 				DriveID:      firecracker.String("rootfs"),
-				PathOnHost:   firecracker.String("./ubuntu-22.04.ext4"),
+				PathOnHost:   firecracker.String("./out/rootfs.ext4"),
 				IsReadOnly:   firecracker.Bool(false),
 				IsRootDevice: firecracker.Bool(true),
 			},
@ -124,7 +125,7 @@ func setupEnv() int {
 		firecracker.WithProcessRunner(
 			firecracker.VMCommandBuilder{}.
 				WithBin("firecracker").
-				WithSocketPath("/tmp/firecracker.socket").
+				WithSocketPath(socketPath).
 				Build(ctx),
 		),
 		firecracker.WithLogger(logrus.NewEntry(log)),
--- a/rootfs-kernel/Makefile
+++ b/rootfs-kernel/Makefile
@ -0,0 +1,27 @@
+.PHONY: use-arch use-ubuntu
+
+# aarch64
+# x86_64
+ARCH=x86_64
+
+use-arch: ../out/arch-rootfs.ext4
+	ln -fs $< ../out/rootfs.ext4
+
+use-ubuntu: ../out/ubuntu-22.04.ext4 ../out/ubuntu-22.04.id_rsa
+	ln -fs $< ../out/rootfs.ext4
+
+kernel: ../out/vmlinux-5.10.204
+	@echo "linux kernel retrieve"
+
+../out/vmlinux-5.10.204:
+	wget -O $@ https://s3.amazonaws.com/spec.ccfc.min/firecracker-ci/v1.7/$(ARCH)/vmlinux-5.10.204
+
+../out/arch-rootfs.ext4: ./arch-rootfs.sh
+	bash ./arch-rootfs.sh
+
+../out/ubuntu-22.04.ext4:
+	wget -O $@ https://s3.amazonaws.com/spec.ccfc.min/firecracker-ci/v1.7/$(ARCH)/ubuntu-22.04.ext4
+
+../out/ubuntu-22.04.id_rsa:
+	wget -O $@ https://s3.amazonaws.com/spec.ccfc.min/firecracker-ci/v1.7/$(ARCH)/ubuntu-22.04.id_rsa
+	chmod 400 $@
--- a/rootfs-kernel/arch-rootfs.sh
+++ b/rootfs-kernel/arch-rootfs.sh
@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+
+# inspired by https://github.com/oraoto/archlinux-firecracker/blob/master/scripts/build-arch-rootfs.sh
+
+set -ex
+
+DISK_SIZE=10G
+DISK_FILE=../out/arch-rootfs.ext4
+DISK_ROOT=../out/mount
+
+# Allocate rootfs disk
+fallocate -l "$DISK_SIZE" "$DISK_FILE"
+mkfs.ext4 -F $DISK_FILE
+
+# Mount rootfs to mount
+mkdir -p $DISK_ROOT
+
+sudo mount $DISK_FILE $DISK_ROOT
+
+sudo pacstrap -c $DISK_ROOT bash filesystem systemd-sysvcompat pacman iproute2 openssh git vim
+
+echo "nameserver 1.1.1.1" | sudo tee $DISK_ROOT/etc/resolv.conf
+
+sudo tee $DISK_ROOT/etc/systemd/system/internal-network.service <<-'EOF'
+[Unit]
+Description=Internal Network
+
+[Service]
+Type=oneshot
+ExecStart=ip link set eth0 up
+ExecStart=ip addr add 172.16.0.2/24 dev eth0
+ExecStart=ip route add default via 172.16.0.1 dev eth0
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+sudo ln -s /etc/systemd/system/internal-network.service $DISK_ROOT/etc/systemd/system/multi-user.target.wants/
+sudo ln -s /usr/lib/systemd/system/sshd.service $DISK_ROOT/etc/systemd/system/multi-user.target.wants/
+
+# allow root login with empty password, unsafe !
+sudo tee $DISK_ROOT/etc/ssh/sshd_config.d/98-archlinux.conf <<-'EOF'
+PermitEmptyPasswords yes
+PermitRootLogin yes
+EOF
+
+# Remove default (locked) root password
+# See https://github.com/archlinux/svntogit-packages/commit/0320c909f3867d47576083e853543bab1705185b
+sudo sed 's/^root:.*/root::14871::::::/' -i $DISK_ROOT/etc/shadow
+
+sudo umount $DISK_ROOT
+rmdir $DISK_ROOT