Ops
Search…
Firecracker
OPS works well with Firecracker from AWS. OPS doesn't currently interact with the firecracker api but can produce disk images for you to use with firecracker.
To run:
1
./firecracker --api-sock /tmp/firecracker.socket --config-file vm_config.json
Copied!
You should replace the kernel.img file with the location of your kernel and the my_img.img with the unikernel disk image of choice:
The vm_config.json:
1
{
2
"boot-source": {
3
"kernel_image_path": "/Users/bob/.ops/0.1.26/kernel.img",
4
"boot_args": "console=ttyS0 reboot=k panic=1 pci=off"
5
},
6
"drives": [
7
{
8
"drive_id": "rootfs",
9
"path_on_host": "/Users/bob/.ops/images/my_img.img",
10
"is_root_device": true,
11
"is_read_only": false
12
}
13
],
14
"network-interfaces": [
15
{
16
"iface_id": "eth0",
17
"guest_mac": "AA:FC:00:00:00:01",
18
"host_dev_name": "tap0"
19
}
20
],
21
"machine-config": {
22
"vcpu_count": 1,
23
"mem_size_mib": 1024,
24
"ht_enabled": false
25
}
26
}
Copied!
You should have dhcp listen on your tap:
1
sudo apt-get install isc-dhcp-server
Copied!
Create a tap device:
1
sudo ip tuntap add dev tap0 mode tap
2
sudo ip addr add 10.0.2.1/24 dev tap0
3
sudo ip link set tap0 up
Copied!
Sample dhcp config:
1
option domain-name "example.org";
2
option domain-name-servers ns1.example.org, ns2.example.org;
3
4
default-lease-time 600;
5
max-lease-time 7200;
6
7
ddns-update-style none;
8
9
INTERFACES="tap0";
10
11
subnet 10.0.2.0 netmask 255.255.255.0 {
12
option routers 10.0.2.1;
13
range 10.0.2.10 10.0.2.255;
14
}
Copied!
1
dhcpd -f -d tap0
Copied!
If this is setup correctly you should see some arp requests fly by:
1
[email protected]:/home/eyberg~ dhcpd -f -d tap0
2
Internet Systems Consortium DHCP Server 4.3.5
3
Copyright 2004-2016 Internet Systems Consortium.
4
All rights reserved.
5
For info, please visit https://www.isc.org/software/dhcp/
6
Config file: /etc/dhcp/dhcpd.conf
7
Database file: /var/lib/dhcp/dhcpd.leases
8
PID file: /var/run/dhcpd.pid
9
lease 10.0.2.0: no subnet.
10
Wrote 0 leases to leases file.
11
Listening on LPF/tap0/96:ea:ca:e0:76:63/10.0.2.0/24
12
Sending on LPF/tap0/96:ea:ca:e0:76:63/10.0.2.0/24
13
Sending on Socket/fallback/fallback-net
14
Server starting service.
15
DHCPDISCOVER from aa:fc:00:00:00:01 via tap0
16
DHCPOFFER on 10.0.2.10 to aa:fc:00:00:00:01 via tap0
17
DHCPREQUEST for 10.0.2.10 (10.0.2.1) from aa:fc:00:00:00:01 via tap0
18
DHCPACK on 10.0.2.10 to aa:fc:00:00:00:01 (uniboot) via tap0
19
DHCPREQUEST for 10.0.2.10 from aa:fc:00:00:00:01 (uniboot) via tap0
20
DHCPACK on 10.0.2.10 to aa:fc:00:00:00:01 (uniboot) via tap0
21
DHCPREQUEST for 10.0.2.10 from aa:fc:00:00:00:01 (uniboot) via tap0
22
DHCPACK on 10.0.2.10 to aa:fc:00:00:00:01 (uniboot) via tap0
23
DHCPREQUEST for 10.0.2.10 from aa:fc:00:00:00:01 (uniboot) via tap0
24
DHCPACK on 10.0.2.10 to aa:fc:00:00:00:01 (uniboot) via tap0
Copied!
and you should see the unikernel snag an ip:
1
Server started on port 8080
2
assigned: 10.0.2.10
3
assigned: 0.0.0.0
Copied!
If you would like diagnostic logs you can try this before turning on the vm:
boot.sh:
1
#!/bin/sh
2
3
curl --unix-socket /tmp/firecracker.socket -i \
4
-X PUT 'http://localhost/boot-source' \
5
-H 'Accept: application/json' \
6
-H 'Content-Type: application/json' \
7
-d '{
8
"kernel_image_path": "/home/bob/.ops/0.1.26/kernel.img",
9
"boot_args": "console=ttyS0 reboot=k panic=1 pci=off" }'
Copied!
drives.sh:
1
#!/bin/sh
2
3
curl --unix-socket /tmp/firecracker.socket -i \
4
-X PUT 'http://localhost/drives/rootfs' \
5
-H 'Accept: application/json' \
6
-H 'Content-Type: application/json' \
7
-d '{
8
"drive_id": "rootfs",
9
"path_on_host": "/home/bob/.ops/0.1.26/images/my_img.img",
10
"is_root_device": true,
11
"is_read_only": false
12
13
}'
Copied!
machine.sh:
1
#!/bin/sh
2
3
curl --unix-socket /tmp/firecracker.socket -i \
4
-X PUT 'http://localhost/machine-config' \
5
-H 'Accept: application/json' \
6
-H 'Content-Type: application/json' \
7
-d '{
8
"vcpu_count": 1,
9
"mem_size_mib": 1024,
10
"ht_enabled": false
11
}'
Copied!
start.sh:
1
#!/bin/sh
2
3
curl --unix-socket /tmp/firecracker.socket -i \
4
-X PUT 'http://localhost/actions' \
5
-H 'Accept: application/json' \
6
-H 'Content-Type: application/json' \
7
-d '{
8
"action_type": "InstanceStart"
9
}'
Copied!
logs.sh:
1
#!/bin/sh
2
3
mkfifo log.fifo
4
mkfifo metrics.fifo
5
6
curl --unix-socket /tmp/firecracker.socket -i \
7
-X PUT 'http://localhost/logger' \
8
-H "accept: application/json" \
9
-H "Content-Type: application/json" \
10
-d '{ "log_fifo": "log.fifo", "metrics_fifo": "metrics.fifo", "level":
11
"Info", "show_level": true, "show_log_origin": true }'
Copied!
Finally read your logs:
read_fifo.sh:
1
#!/bin/bash
2
3
while true
4
do
5
if read line <$1; then
6
if [[ "$line" == 'quit' ]]; then
7
break
8
fi
9
echo $line
10
fi
11
done
12
13
echo "Reader exiting"
Copied!
1
./read_fifo.sh log.fifo
Copied!
Last modified 5mo ago
Copy link