Skip to content

Use gvisor in kvm platform #84

Closed
Closed
Use gvisor in kvm platform#84
@zhang2639

Description

@zhang2639
zhang2639
opened on Jul 4, 2018

I use gvisor in kvm platform. The full docker command I ran is sudo docker run --runtime=runsc -it --name test centos /bin/bash.
/etc/docker/daemon.json is as follows:

{
    "runtimes": {
        "runsc": {
            "path": "/usr/local/bin/runsc",
            "runtimeArgs": [
                       "--debug-log-dir=/tmp/runsc",
                       "--debug",
                       "--strace",
                       "--platform=kvm"
            ]
       }
    }
}

I want to know whether this container use kvm platform. Then I use ps -elf | grep qemu . But I didn't see anything.
See create log in /tmp/runsc:

I0704 12:02:22.691966    9504 x:0] ***************************
I0704 12:02:22.692085    9504 x:0] Args: [/usr/local/bin/runsc --debug-log-dir=/tmp/runsc --debug --strace --platform=kvm --root /var/run/docker/runtime-runsc/moby --log /run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca/log.json --log-format json create --bundle /var/run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca --pid-file /run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca/init.pid --console-socket /tmp/pty866709656/pty.sock 7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca]
I0704 12:02:22.692135    9504 x:0] PID: 9504
I0704 12:02:22.692151    9504 x:0] UID: 0, GID: 0
I0704 12:02:22.692164    9504 x:0] Configuration:
I0704 12:02:22.692176    9504 x:0] 		RootDir: /var/run/docker/runtime-runsc/moby
I0704 12:02:22.692190    9504 x:0] 		Platform: kvm
I0704 12:02:22.692212    9504 x:0] 		FileAccess: proxy, overlay: false
I0704 12:02:22.692229    9504 x:0] 		Network: sandbox, logging: false
I0704 12:02:22.692245    9504 x:0] 		Strace: true, max size: 1024, syscalls: []
I0704 12:02:22.692260    9504 x:0] ***************************
D0704 12:02:22.694536    9504 x:0] Spec: &{Version:1.0.1 Process:0xc4201dc4e0 Root:0xc4201e24e0 Hostname:7b605f35389d Mounts:[{Destination:/proc Type:proc Source:proc Options:[nosuid noexec nodev]} {Destination:/dev Type:tmpfs Source:tmpfs Options:[nosuid strictatime mode=755 size=65536k]} {Destination:/dev/pts Type:devpts Source:devpts Options:[nosuid noexec newinstance ptmxmode=0666 mode=0620 gid=5]} {Destination:/sys Type:sysfs Source:sysfs Options:[nosuid noexec nodev ro]} {Destination:/sys/fs/cgroup Type:cgroup Source:cgroup Options:[ro nosuid noexec nodev]} {Destination:/dev/mqueue Type:mqueue Source:mqueue Options:[nosuid noexec nodev]} {Destination:/etc/resolv.conf Type:bind Source:/home/docker/containers/7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca/resolv.conf Options:[rbind rprivate]} {Destination:/etc/hostname Type:bind Source:/home/docker/containers/7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca/hostname Options:[rbind rprivate]} {Destination:/etc/hosts Type:bind Source:/home/docker/containers/7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca/hosts Options:[rbind rprivate]} {Destination:/dev/shm Type:bind Source:/home/docker/containers/7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca/mounts/shm Options:[rbind rprivate]}] Hooks:0xc4200ba550 Annotations:map[] Linux:0xc420200000 Solaris:<nil> Windows:<nil>}
D0704 12:02:22.694655    9504 x:0] Spec.Hooks: &{Prestart:[{Path:/proc/9243/exe Args:[libnetwork-setkey 7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca db2706454c904cf29d852c3fd7f02925d9ad3fa5feb848af72957b2dc62963f6] Env:[] Timeout:<nil>}] Poststart:[] Poststop:[]}
D0704 12:02:22.694692    9504 x:0] Spec.Linux: &{UIDMappings:[] GIDMappings:[] Sysctl:map[] Resources:0xc420096f60 CgroupsPath:/docker/7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca Namespaces:[{Type:mount Path:} {Type:network Path:} {Type:uts Path:} {Type:pid Path:} {Type:ipc Path:}] Devices:[] Seccomp:0xc420092d00 RootfsPropagation: MaskedPaths:[/proc/kcore /proc/keys /proc/latency_stats /proc/timer_list /proc/timer_stats /proc/sched_debug /proc/scsi /sys/firmware] ReadonlyPaths:[/proc/asound /proc/bus /proc/fs /proc/irq /proc/sys /proc/sysrq-trigger] MountLabel: IntelRdt:<nil>}
D0704 12:02:22.694748    9504 x:0] Spec.Process: &{Terminal:true ConsoleSize:<nil> User:{UID:0 GID:0 AdditionalGids:[] Username:} Args:[/bin/bash] Env:[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin HOSTNAME=7b605f35389d TERM=xterm container=docker] Cwd:/ Capabilities:0xc4201aa200 Rlimits:[] NoNewPrivileges:false ApparmorProfile: OOMScoreAdj:0xc4201f64e0 SelinuxLabel:}
D0704 12:02:22.694863    9504 x:0] Spec.Root: &{Path:/home/docker/overlay/08f0f7eab71d93c0229a53e432426c8c9f2382953568751506729f3af6b1bc9a/merged Readonly:false}
D0704 12:02:22.694899    9504 x:0] Create sandbox "7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca" in root dir: /var/run/docker/runtime-runsc/moby
D0704 12:02:22.695031    9504 x:0] Starting gofer: /usr/local/bin/runsc [--debug=true --debug-log-dir=/tmp/runsc --log=/run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca/log.json --log-format=json --platform=kvm --root=/var/run/docker/runtime-runsc/moby --strace=true gofer --bundle /var/run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca --io-fds=3 --io-fds=4 --io-fds=5 --io-fds=6]
I0704 12:02:22.703415    9504 x:0] Gofer started, pid: 9510
I0704 12:02:22.703871    9504 x:0] Sandbox will be started in empty IPC and UTS namespaces
I0704 12:02:22.703898    9504 x:0] Sandbox will be started in empty PID namespace
I0704 12:02:22.703912    9504 x:0] Sandbox will be started in empty mount namespace
I0704 12:02:22.703926    9504 x:0] Sandbox will be started in the container's network namespace: {Type:network Path:}
I0704 12:02:22.703944    9504 x:0] Sandbox will be started in empty user namespace
D0704 12:02:22.703958    9504 x:0] Starting sandbox: /usr/local/bin/runsc [/usr/local/bin/runsc --debug=true --debug-log-dir=/tmp/runsc --log=/run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca/log.json --log-format=json --platform=kvm --root=/var/run/docker/runtime-runsc/moby --strace=true boot --bundle /var/run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca --controller-fd=3 --console=true --io-fds=4 --io-fds=5 --io-fds=6 --io-fds=7]
I0704 12:02:22.706186    9504 x:0] Sandbox started, pid: 9515
D0704 12:02:22.706248    9504 x:0] Waiting for sandbox "7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca" creation
D0704 12:02:22.743994    9504 x:0] Save sandbox "7b605f35389d5766d0b56daa51fc8b1b20a2cc7375d3ef8f6ddc71881be0e9ca"
I0704 12:02:22.746578    9504 x:0] Exiting with status: 0

These means I succeed ? Or I cann't use ps -elf | grep qemu to verify it"?
Thank you for helping me.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions