-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathrun-microvm.sh
More file actions
executable file
·121 lines (99 loc) · 3.73 KB
/
run-microvm.sh
File metadata and controls
executable file
·121 lines (99 loc) · 3.73 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
#!/usr/bin/env bash
#################################################################################
# Parameters
#################################################################################
# Kernel Image
KERNEL=$PWD/images/hello-vmlinux.bin
# Root Filesystem (rootfs) Image
ROOTFS=$PWD/images/web-server-rootfs.ext4
# Number of vCPUs to allocate for the microvm
VCPU_COUNT=1
# Memory Size (MB) to allocate for the microvm. This sample allocates only 128 MB
MEM_SIZE_MIB=128
# Unix socket to communicate with Firecracker.
# This should match the socket parameter in the script used to run firecracker (start-firecracker.sh)
FIRECRACKER_SOCK=/tmp/firecracker-web-server.sock
# Firecracker's log
FIRECRACKER_LOG=/tmp/firecracker-web-server-log.fifo
# Make sure Firecracker log is clean
rm -f $FIRECRACKER_LOG
# Create named pipe (FIFO) for log
mkfifo $FIRECRACKER_LOG
# Firecracker's metrics
FIRECRACKER_METRICS=/tmp/firecracker-web-server-metrics.fifo
# Make sure Firecracker metrics is clean
rm -f $FIRECRACKER_METRICS
# Create named pipe (FIFO) for metrics
mkfifo $FIRECRACKER_METRICS
#################################################################################
# Setup networking on host
# ################################################################################
sudo ip tuntap add tap0 mode tap
sudo ip addr add 172.16.0.1/24 dev tap0
sudo ip link set tap0 up
sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i tap0 -o eth0 -j ACCEPT
#################################################################################
# Call Firecracker APIs to configure and run the micro vm
#################################################################################
# Configure logging
curl --unix-socket $FIRECRACKER_SOCK -i \
-X PUT 'http://localhost/logger' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"log_fifo":"'$FIRECRACKER_LOG'",
"metrics_fifo":"'$FIRECRACKER_METRICS'",
"level": "Error",
"show_level": true,
"show_log_origin": false
}'
# Configure the machine
curl --unix-socket $FIRECRACKER_SOCK -i \
-X PUT 'http://localhost/machine-config' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"vcpu_count":'$VCPU_COUNT',
"mem_size_mib":'$MEM_SIZE_MIB'
}'
# Configure the network
curl --unix-socket $FIRECRACKER_SOCK -i \
-X PUT 'http://localhost/network-interfaces/eth0' \
-H 'Accept: application/json' \
-H 'Content-Type:application/json' \
-d '{
"iface_id": "eth0",
"guest_mac": "AA:FC:00:00:00:01",
"host_dev_name": "tap0"
}'
# Set the guest kernel
curl --unix-socket $FIRECRACKER_SOCK -i \
-X PUT 'http://localhost/boot-source' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"kernel_image_path": "'$KERNEL'",
"boot_args": "console=ttyS0 reboot=k panic=1 pci=off"
}'
# Set the guest rootfs
curl --unix-socket $FIRECRACKER_SOCK -i \
-X PUT 'http://localhost/drives/rootfs' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"drive_id": "rootfs",
"path_on_host": "'$ROOTFS'",
"is_root_device": true,
"is_read_only": false
}'
# Start the guest machine:
curl --unix-socket $FIRECRACKER_SOCK -i \
-X PUT 'http://localhost/actions' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"action_type": "InstanceStart"
}'