Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support vsock connection to task api #9738

Merged
merged 1 commit into from Feb 22, 2024
Merged

Support vsock connection to task api #9738

merged 1 commit into from Feb 22, 2024

Conversation

abel-von
Copy link
Contributor

@abel-von abel-von commented Feb 2, 2024

In VM based sandbox scenario, we can start Task api Server inside VM. and containerd could connect it directly, without a shim process to do the api proxy or conversion.

@k8s-ci-robot
Copy link

Hi @abel-von. Thanks for your PR.

I'm waiting for a containerd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@abel-von abel-von mentioned this pull request Feb 2, 2024
Open
17 tasks
@abel-von abel-von force-pushed the add-vsock branch 2 times, most recently from 91eef4e to ebf9144 Compare February 4, 2024 09:25
@abel-von abel-von requested review from dcantah and mxpv February 4, 2024 09:35
cpuguy83
cpuguy83 requested changes Feb 4, 2024
View reviewed changes
Copy link
Member

@cpuguy83 cpuguy83 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice, just some code cleanup suggestions.

Also would be nice to not use strings.Split which forces an unbounded allocation and instead chomp away at the address with strings.Cut

core/runtime/v2/shim/util_unix.go Outdated Show resolved Hide resolved
cpuguy83
cpuguy83 requested changes Feb 5, 2024
View reviewed changes
core/runtime/v2/shim/util_unix.go Outdated Show resolved Hide resolved
core/runtime/v2/shim/util_unix.go Outdated Show resolved Hide resolved
mxpv
mxpv reviewed Feb 5, 2024
View reviewed changes
Copy link
Member

@mxpv mxpv left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have a few minor suggestions, but overall looks good!

core/runtime/v2/shim/util_unix.go Show resolved Hide resolved
core/runtime/v2/shim/util_unix.go Outdated
conn.Close()
// when it is EOF, maybe the server side is not ready.
if err == io.EOF {
time.Sleep(10 * time.Millisecond)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

10 a bit too much IMO.
Should we reduce this or at least add a warning message.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changed this value to timeout/10 to do 10 retries before timeout. and warning log is added.

core/runtime/v2/shim/util_unix.go
if port > math.MaxUint32 {
return nil, fmt.Errorf("vsock port %d is invalid", port)
}
return vsock.Dial(uint32(contextID), uint32(port), &vsock.Config{})
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recent Linux kernels got vsock with loopback support. Possibly we could have a test for this just for sanity check? (I'm fine to have this in follow up)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems we have to listen the loopback first and then we can check the connection to it. Shall we do it when init or use a sync.Once to make the check done only once.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd do everything within a single unit test.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oh, I got what you mean now.

@abel-von abel-von force-pushed the add-vsock branch 2 times, most recently from a94a51c to 967dc6a Compare February 6, 2024 02:07
@mxpv mxpv enabled auto-merge February 7, 2024 06:07
@mxpv mxpv disabled auto-merge February 7, 2024 06:07
fuweid
fuweid reviewed Feb 7, 2024
View reviewed changes
core/runtime/v2/shim/util_unix.go Outdated Show resolved Hide resolved
core/runtime/v2/shim/util_unix.go Outdated Show resolved Hide resolved
@mxpv mxpv added this to the 2.0 milestone Feb 13, 2024
@abel-von abel-von force-pushed the add-vsock branch 2 times, most recently from e8d4933 to d891a8c Compare February 21, 2024 01:30
@mxpv mxpv added this pull request to the merge queue Feb 21, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to a conflict with the base branch Feb 21, 2024
@mxpv
Copy link
Member

mxpv commented Feb 21, 2024

@abel-von could you pls rebase the PR ?

@abel-von
sandbox: support vsock connection to task api
522130a 
Signed-off-by: Abel Feng <fshb1988@gmail.com>
@abel-von
Copy link
Contributor Author

done @mxpv

fuweid
fuweid approved these changes Feb 22, 2024
View reviewed changes
Copy link
Member

@fuweid fuweid left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mxpv mxpv added this pull request to the merge queue Feb 22, 2024
Merged via the queue into containerd:main with commit fde15ba Feb 22, 2024
45 checks passed
@dmcgowan dmcgowan added the area/runtime Runtime label Mar 18, 2024
@dmcgowan dmcgowan changed the title sandbox: support vsock connection to task api Support vsock connection to task api Mar 18, 2024
@dmcgowan dmcgowan mentioned this pull request Apr 19, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmcgowan dmcgowan dmcgowan approved these changes

@cpuguy83 cpuguy83 cpuguy83 approved these changes

@mxpv mxpv mxpv approved these changes

@fuweid fuweid fuweid approved these changes

@dcantah dcantah Awaiting requested review from dcantah

Assignees
No one assigned
Labels
area/runtime Runtime impact/changelog needs-ok-to-test size/XXL
Projects
Pull Request Review
Status: Done
Milestone
2.0
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@abel-von @k8s-ci-robot @mxpv @dmcgowan @cpuguy83 @fuweid @dcantah