firecracker 添加 网卡

https://github.com/firecracker-microvm/firecracker/issues/711

https://medium.com/@Pawlrus/aws-firecracker-how-to-configure-production-worthy-networking-using-libvirt-545dab16a393

网络配置

https://m.yisu.com/zixun/22225.html

firecracker没有网卡

 

Create a tap device.

sudo ip tuntap add veth0 mode tap

You may need to add user $(id -u) or group $(id -g) depending on how permissions are setup on your distro.

ip tuntap add tap0 mode tap # user $(id -u) group $(id -g)

tap='ftap0' 
br='virbr1'
#Change whoami if needed, should be the user firecracker runs as
#ip tuntap add dev $tap mode tap user $(whoami)
#Add the TAP interface to the bridge:
#brctl addbr $br
ip link set $tap master $br
#bring up interfaces
ip link set dev $br up
ip link set dev $tap up

root@ubuntu:~# brctl show
bridge name     bridge id               STP enabled     interfaces
virbr1          8000.cedad4f6fb17       no              ftap0
root@ubuntu:~# curl --unix-socket /tmp/firecracker.socket 
> -X PUT 'http://localhost/network-interfaces/eth0' 
> -H 'accept:application/json' 
> -H 'Content-Type:application/json' 
> -d '{
> "iface_id": "eth0",
> "guest_mac": "AA:FC:00:00:00:AB",
> "host_dev_name": "ftap0"
> }'
{"fault_message":"The requested operation is not supported after starting the microVM."}root@ubuntu:~# 
root@ubuntu:~#

关掉机器

root@ubuntu:~# curl --unix-socket /tmp/firecracker.socket -X PUT 'http://localhost/network-interfaces/eth0' -H 'accept:application/json' -H 'Content-Type:application/json' -d '{
"iface_id": "eth0",
"guest_mac": "AA:FC:00:00:00:AB",
"host_dev_name": "ftap0"
}'
curl: (7) Couldn't connect to server

root@ubuntu:~# ./firecracker --api-sock /tmp/firecracker.socket
2020-09-27T14:09:25.888854032 [anonymous-instance:ERROR:src/firecracker/src/main.rs:67] Firecracker panicked at 'Error creating the HTTP server: IOError(Os { code: 98, kind: AddrInUse, message: "Address in use" })', src/libcore/result.rs:1165:5
2020-09-27T14:09:25.890928361 [anonymous-instance:ERROR:src/firecracker/src/main.rs:77]    0: firecracker::main::{{closure}}
   1: std::panicking::rust_panic_with_hook
   2: std::panicking::continue_panic_fmt
   3: rust_begin_unwind
   4: core::panicking::panic_fmt
   5: core::result::unwrap_failed
   6: api_server::ApiServer::bind_and_run
   7: std::sys_common::backtrace::__rust_begin_short_backtrace

Aborted (core dumped)
root@ubuntu:~# 

删掉

root@ubuntu:~# ls  /tmp/firecracker.socket
/tmp/firecracker.socket
root@ubuntu:~# rm -f /tmp/firecracker.socket
root@ubuntu:~# ./firecracker --api-sock /tmp/firecracker.socket

root@ubuntu:~# kernel_path=$(pwd)"/rootfs/vmlinux.bin"
root@ubuntu:~# rootfs_path=$(pwd)"/rootfs/xenial.rootfs.ext4"
root@ubuntu:~# curl --unix-socket /tmp/firecracker.socket -i 
>       -X PUT 'http://localhost/boot-source'   
>       -H 'Accept: application/json'           
>       -H 'Content-Type: application/json'     
>       -d "{
>             "kernel_image_path": "${kernel_path}",
>             "boot_args": "keep_bootcon console=ttyS0 reboot=k panic=1 pci=off"
>        }"
HTTP/1.1 204 
Server: Firecracker API
Connection: keep-alive

root@ubuntu:~# curl --unix-socket /tmp/firecracker.socket -i 
>   -X PUT 'http://localhost/drives/rootfs' 
>   -H 'Accept: application/json'           
>   -H 'Content-Type: application/json'     
>   -d "{
>         "drive_id": "rootfs",
>         "path_on_host": "${rootfs_path}",
>         "is_root_device": true,
>         "is_read_only": false
>    }"
HTTP/1.1 204 
Server: Firecracker API
Connection: keep-alive
----添加网卡
root@ubuntu:~# curl --unix-socket /tmp/firecracker.socket 
> -X PUT 'http://localhost/network-interfaces/eth0' 
> -H 'accept:application/json' 
> -H 'Content-Type:application/json' 
> -d '{
> "iface_id": "eth0",
> "guest_mac": "AA:FC:00:00:00:AB",
> "host_dev_name": "ftap0"
> }'
root@ubuntu:~# curl --unix-socket /tmp/firecracker.socket -i 
>   -X PUT 'http://localhost/actions'       
>   -H  'Accept: application/json'          
>   -H  'Content-Type: application/json'    
>   -d '{
>       "action_type": "InstanceStart"
>    }'
HTTP/1.1 204 
Server: Firecracker API
Connection: keep-alive

root@ubuntu:~#

root@fadfdd4af58a:~# ip a     
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether aa:fc:00:00:00:ab brd ff:ff:ff:ff:ff:ff
    inet 10.10.104.83/24 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::a8fc:ff:fe00:ab/64 scope link 
       valid_lft forever preferred_lft forever
root@fadfdd4af58a:~# 

root@fadfdd4af58a:~# ip a add 10.10.104.83/24 dev eth0   
root@fadfdd4af58a:~# ping 10.10.104.82
-bash: ping: command not found
root@fadfdd4af58a:~# /usr/bin/
Display all 286 possibilities? (y or n)
root@fadfdd4af58a:~# /usr/bin/
-bash: /usr/bin/: Is a directory
root@fadfdd4af58a:~# /usr/bin/p
pager         perl          pr            pyclean       python2
partx         perl5.26.1    print         pycompile     python2.7
passwd        pgrep         printenv      pydoc         pyversions
paste         pinky         printf        pydoc2.7      
pathchk       pkill         prlimit       pygettext     
pdb           pldd          ptx           pygettext2.7  
pdb2.7        pmap          pwdx          python        
root@fadfdd4af58a:~# find /  -type f  -name ping      
root@fadfdd4af58a:~# find /  -type f  -name ls   
/bin/ls
root@fadfdd4af58a:~# ls /bin/p
pidof  ps     pwd    

6: ftap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master virbr1 state UP group default qlen 1000
    link/ether ce:da:d4:f6:fb:17 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::ccda:d4ff:fef6:fb17/64 scope link 
       valid_lft forever preferred_lft forever
7: virbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether ce:da:d4:f6:fb:17 brd ff:ff:ff:ff:ff:ff
    inet 10.10.104.82/24 scope global virbr1
       valid_lft forever preferred_lft forever
    inet6 fe80::ccda:d4ff:fef6:fb17/64 scope link 
       valid_lft forever preferred_lft forever
root@ubuntu:~# brctl show
bridge name     bridge id               STP enabled     interfaces
virbr1          8000.cedad4f6fb17       no              ftap0
root@ubuntu:~# 

root@ubuntu:~# ping 10.10.104.83 -I 10.10.104.82
PING 10.10.104.83 (10.10.104.83) from 10.10.104.82 : 56(84) bytes of data.
64 bytes from 10.10.104.83: icmp_seq=1 ttl=64 time=1.08 ms
64 bytes from 10.10.104.83: icmp_seq=2 ttl=64 time=0.085 ms
^C
--- 10.10.104.83 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.085/0.583/1.081/0.498 ms
root@ubuntu:~# ip n | grep 10.10.104.83
10.10.104.83 dev virbr1 lladdr aa:fc:00:00:00:ab STALE