-
Notifications
You must be signed in to change notification settings - Fork 999
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kata-ctl: Move development to main branch #5388
Conversation
Use agent-ctl tool rust code as an example for a skeleton for the new kata-ctl tool. Signed-off-by: Chelsea Mafrica <chelsea.e.mafrica@intel.com>
7bb502f
to
596df6a
Compare
As we're switching to using the rust version of the kata-ctl, lets provide with its own entry in the kata-ctl command line. Signed-off-by: David Esparza <david.esparza.borquez@intel.com> Commit-edited-by: James O. D. Hunt <james.o.hunt@intel.com>
Add more unit tests cases to --version argument. Signed-off-by: David Esparza <david.esparza.borquez@intel.com> Commit-edited-by: James O. D. Hunt <james.o.hunt@intel.com>
Add framework for different architectures for check. In the existing kata-runtime check, the network checks do not appear to be architecture-specific while the kernel module, cpu, and kvm checks do have separate implementations for different architectures. Signed-off-by: Chelsea Mafrica <chelsea.e.mafrica@intel.com>
Remove return value for branches that call `unimplemented!()`. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Automatic format updates. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Changed the `panic!()` call to a `compile_error!()` one to ensure it fires at compile time rather than runtime. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add architecture-specific code for x86_64 and generic calls handling checks for CPU flags and attributes. Signed-off-by: Chelsea Mafrica <chelsea.e.mafrica@intel.com>
Switch from the functional version of `clap` to the declarative methodology. Signed-off-by: David Esparza <david.esparza.borquez@intel.com> Commit-edited-by: James O. D. Hunt <james.o.hunt@intel.com>
This kata-ctl argument returns the latest stable Kata release by hitting github.com. Adds check-version unit tests. Fixes: #11 Signed-off-by: David Esparza <david.esparza.borquez@intel.com>
Resolved a couple of clippy warnings and applied standard `rustfmt`. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Build using the rust TLS implementation rather than the system ones. This resolves the `reqwest` crate build failure: it doesn't appear to build against the native libssl libraries due to Kata defaulting to using the musl libc. Fixes: kata-containers#5387. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add a link to the `kata-ctl` tool's README. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jodh-intel I'm approving the README and docs since I previously reviewed everything else, but I'll leave the official approval to others
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The code doesn't do much nowadays and the main intent of the PR is actually to have this into the main branch to have the development done there.
I've left a few questions about the version of the package / tool as it's rather confusing for me.
|
||
[package] | ||
name = "kata-ctl" | ||
version = "0.0.1" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMHO, it's rather confusing having a tool in a different version than the rest of the project, but that's a nit.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is just standard rust manifest versioning. If you run the tool, it shows something like this:
$ kata-ctl
3.1.0-alpha0-383b7db704fe3919841fef047bbc70a3dd605516-0.0.1
Hence, the tool contains both the Kata version and it's own tooling version (and that full version string is valid semver). We can obviously change this, but as mentioned on the description of this PR, we just want to get this landed at this stage to allow more contributions 😄
|
||
TARGET = $(PROJECT_COMPONENT) | ||
|
||
VERSION_FILE := ./VERSION |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm. Doesn't this make the package version different from the tool binary version?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See above.
Generally nice work and LGTM! This would be nice for interaction between runtime and kata-ctl. |
## Install the tool | ||
|
||
```bash | ||
$ make install |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't need sudo
? Normally $
means a non-root user.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It currently installs to the cargo bin dir, so this is correct. However, I agree we should start thinking about a proper install so I've raised #5403.
@jodh-intel Shouldn't add Lines 18 to 21 in ffdd7e1
|
Provide a basic document explaining a little about the `kata-ctl` command. Fixes: kata-containers#5351. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Update the top-level Makefile to build the `kata-ctl` tool by default. Fixes: kata-containers#4499, kata-containers#5334. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Good catch @liubin! Fixed 😄 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm, thanks!
/test |
src/tools/kata-ctl/Cargo.toml
Outdated
name = "kata-ctl" | ||
version = "0.0.0" | ||
authors = ["The Kata Containers community <kata-dev@lists.katacontainers.io>"] | ||
edition = "2021" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @jodh-intel ! Amazing initiative btw!
Regarding the rust edition, it seems all the other rust components are still on 2018 edition. Could the kata-ctl be built also on that edition?
src/tools/kata-ctl/src/main.rs
Outdated
.long_about(DESCRIPTION_TEXT) | ||
.subcommand( | ||
SubCommand::with_name("check") | ||
.about("tests if system can run Kata Containers") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: s/tests/test to make it consistent with the other descriptions
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep - we'll finesse this sort of stuff once it's landed :)
src/tools/kata-ctl/src/main.rs
Outdated
) | ||
.subcommand( | ||
SubCommand::with_name("help") | ||
.about("shows a list of commands or help for one command") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
likewise
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Generally looking good to me. Couple of comments below.
src/tools/kata-ctl/src/arch/mod.rs
Outdated
#[cfg(target_arch = "aarch64")] | ||
let result = aarch64::check(); | ||
|
||
#[cfg(target_arch = "powerpc64le")] | ||
let result = powerpc64le::check(); | ||
|
||
#[cfg(target_arch = "s390x")] | ||
let result = s390x::check(); | ||
|
||
#[cfg(target_arch = "x86_64")] | ||
let result = x86_64::check(global_args); | ||
|
||
#[cfg(not(any( | ||
target_arch = "aarch64", | ||
target_arch = "powerpc64le", | ||
target_arch = "s390x", | ||
target_arch = "x86_64" | ||
)))] | ||
panic!("unknown architecture"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For common functions that all architecture needs to provide and share the same signature, a nicer way is exposing these common functions directly from the arch-specific module with the right cfg
guard, for example:
#[cfg(target_arch = "x86_64")]
pub use x86_64::check;
#[cfg(target_arch = "aarch64")]
pub use aarch64::check;
...
In this way, the actual interface function of the crate (e.g. arch::check()
) will be better abstracted and simpler. This will also report error at compile time for unsupported architectures (instead of a panic at runtime).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @likebreath - I'm confused. Firstly, that panic line was replaced on commit 7c9f9a5 so I'm not sure why/how you were seeing that. Secondly, we're already using cfg guards. The code I think you might be referring to (now) is:
#[cfg(not(any(
target_arch = "aarch64",
target_arch = "powerpc64le",
target_arch = "s390x",
target_arch = "x86_64"
)))]
compile_error!("unknown architecture");
... and I think that does exactly what we want: it will fail to compile on unknown platforms.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah - I see what you're saying about the cfg guard now. Must be time for ☕ 😄
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
println!("INFO: check CPU: x86_64"); | ||
|
||
let cpu_info = check::get_single_cpu_info(PROC_CPUINFO, CPUINFO_DELIMITER)?; | ||
|
||
let cpu_flags = check::get_cpu_flags(&cpu_info, CPUINFO_FLAGS_TAG) | ||
.map_err(|e| anyhow!("Error parsing CPU flags, file {:?}, {:?}", PROC_CPUINFO, e))?; | ||
|
||
// perform checks | ||
// TODO: Perform checks based on hypervisor type | ||
// TODO: Add more information to output (see kata-check in go tool); adjust formatting | ||
let missing_cpu_attributes = check::check_cpu_attribs(&cpu_info, CPU_ATTRIBS_INTEL)?; | ||
if missing_cpu_attributes.len() > 0 { | ||
eprintln!("WARNING: Missing CPU attributes {:?}", missing_cpu_attributes); | ||
} | ||
let missing_cpu_flags = check::check_cpu_flags(&cpu_flags, CPU_FLAGS_INTEL)?; | ||
if missing_cpu_flags.len() > 0 { | ||
eprintln!("WARNING: Missing CPU flags {:?}", missing_cpu_flags); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The log
crate is a good option for handling logging with different verbose levels, say 'warn', 'error', 'debug', etc. It can also be exposed by a CLI parameter for users to decide the logging level.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@likebreath - thanks. I've raised an issue to use the Kata logging crate (which uses slog
):
/test |
Make this file conform to the standard rust layout conventions and simplify the code as recommended by `clippy`. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Revert to the 2018 edition of rust for consistency with other rust components. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
/test |
As shown on #4499 (comment), we've been developing a replacement for the
kata-runtime
utility command, written in rust.We'd now like the community to get actively involvement in this project, so this PR is a roll-up of the PRs developed on a separate branch.
Caveat emptor:
kata-ctl
is still a work in progress. This PR is simply moving the code into themain
branch, so that we can accelerate development.kata-ctl
is not yet a replacement for the existing golangkata-runtime
utility command.For further details, see:
The original issue
The
kata-ctl
GitHub tracking projectIf you'd like to get involved, tal at the issues in the project and assign yourself or add a comment! 😄
Fixes: #4499, #5334, #5351.
Signed-off-by: James O. D. Hunt james.o.hunt@intel.com