Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for volume sharing via gvproxy for HyperV #280

Closed
wants to merge 1 commit into from

Conversation

mheon
Copy link
Member

@mheon mheon commented Sep 29, 2023

Specifically, gvproxy will act as a 9p server, serving shares requested by the caller on HyperV vsocks, to allow the guest VM to access content on the host.

The vsocks are intended to be managed by the caller in this model. As such, gvproxy receives the path to be shared and a vsock port number to share it on via CLI. An arbitrary number of these are accepted, as each share needs a separate server and vsock (they will be mounted by the Linux kernel 9p code within the guest VM, which does not support multiplexing multiple shares over a single vsock).

Also, make a slight change to .gitignore - the ./bin/ ignore pattern was not ignoring the bin/ directory for me (removing the leading . fixes things).

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Sep 29, 2023

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: mheon
Once this PR has been reviewed and has the lgtm label, please assign baude for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@mheon
Copy link
Member Author

mheon commented Sep 29, 2023

There are no tests included here, because right now, the 9p code only runs on Windows + hyperv, and GHA does not seem to be able to reasonably test that configuration. I briefly looked into adding Mac support so it could be tested on a platform where we actually have access to non-nested virt, but the code was going to be so different (and not used outside of testing) that I didn't think it was worth it.

Companion Podman branch, not yet PRed: https://github.com/mheon/libpod/tree/9p

@mheon mheon force-pushed the add_9p branch 4 times, most recently from d2e5bdc to 0891cc3 Compare October 3, 2023 12:36
@baude
Copy link
Member

baude commented Oct 3, 2023

@mheon do you have an idea of how much this increased binary size?

@mheon
Copy link
Member Author

mheon commented Oct 3, 2023

~500kb from an initial check, exclusive to Windows (only place we need the 9p library)

Copy link
Collaborator

@cfergeau cfergeau left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a couple of comments.
However, having this 9p support in gvproxy feels awkward. This PR has no dependency on other gvisor-tap-vsock/pkg code, is Windows/Hyper-V only.
gvisor-tap-vsock provides a user-mode networking implementation, this 9p file sharing code is unrelated to this.

Apparently similar functionality could be achieved with a patched https://github.com/hugelgupf/p9/tree/main/cmd/p9ufs (for hvsock support) and one process per share? This could go in libhvee where it would fit better?

If podman wants to keep all the code which runs for the lifetime of the VM in a single process, have you considered having this combined gvproxy + 9p code in podman or a related module?


go func() {
if err := server.WaitForError(); err != nil {
logrus.Errorf("Error from 9p server for %s: %v", path, err)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

path -> serverDir?

"github.com/containers/gvisor-tap-vsock/pkg/fileserver/plan9"
"github.com/linuxkit/virtsock/pkg/hvsock"
"github.com/sirupsen/logrus"
"github.com/pkg/errors"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fwiw, this is obsolete https://github.com/pkg/errors " This repository has been archived by the owner on Dec 1, 2021. It is now read-only. "

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's used throughout gvproxy right now, and I don't think mixing legacy pkg/errors and the new Golang fmt errors is a good idea. I can convert the entire project over to it, if you'd like? Shouldn't be that difficult.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah I did not check the existing code for usage of pkg/errors. I only noticed it's deprecated when looking for the doc/source code for errors.Wrapf, I'm fine if you keep the pkg/errors usage in this file.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what about a follow-up/refactor to address this?

pkg/fileserver/server_windows.go Outdated Show resolved Hide resolved
cmd/gvproxy/main.go Show resolved Hide resolved
@mheon
Copy link
Member Author

mheon commented Oct 4, 2023

We could certainly move the code into Podman, but thus far Podman has avoided having a long-running VM management process on Windows. The hope was we could continue to avoid this by placing the 9p code into the existing service which is guaranteed to live as long as the VM (gvproxy). If this is disagreeable, we can look into integrating the code back into Podman.

Specifically, gvproxy will act as a 9p server, serving shares
requested by the caller on HyperV vsocks, to allow the guest VM
to access content on the host.

The vsocks are intended to be managed by the caller in this
model. As such, gvproxy receives the path to be shared and a
vsock port number to share it on via CLI. An arbitrary number of
these are accepted, as each share needs a separate server and
vsock (they will be mounted by the Linux kernel 9p code within
the guest VM, which does not support multiplexing multiple shares
over a single vsock).

Also, make a slight change to .gitignore - the ./bin/ ignore
pattern was not ignoring the bin/ directory for me (removing the
leading . fixes things).

Signed-off-by: Matthew Heon <[email protected]>
@gbraad
Copy link
Member

gbraad commented Oct 5, 2023

forking of a process from podman machine (or libhvee) seems better fitting, with this code being part of a separate library. it is not something for gvproxy.

@mheon
Copy link
Member Author

mheon commented Oct 5, 2023

Ack, I'll shift this over, then.

@gbraad
Copy link
Member

gbraad commented Oct 6, 2023

Thanks @mheon, that would also make it easier to use it in:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants