开发环境
设备信息
操作系统:Centos 8 发行版
Hypervisor:VMWare
[root@localhost ~]# cat /etc/*release CentOS Linux release 8.2.2004 (Core) NAME="CentOS Linux" VERSION="8 (Core)" ID="centos" ID_LIKE="rhel fedora" VERSION_ID="8" PLATFORM_ID="platform:el8" PRETTY_NAME="CentOS Linux 8 (Core)" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:centos:centos:8" HOME_URL="https://www.centos.org/" BUG_REPORT_URL="https://bugs.centos.org/" CENTOS_MANTISBT_PROJECT="CentOS-8" CENTOS_MANTISBT_PROJECT_VERSION="8" REDHAT_SUPPORT_PRODUCT="centos" REDHAT_SUPPORT_PRODUCT_VERSION="8" CentOS Linux release 8.2.2004 (Core) CentOS Linux release 8.2.2004 (Core) [root@localhost ~]# [root@localhost ~]# uname -a Linux 192.168.72.138 4.18.0-193.el8.x86_64 #1 SMP Fri May 8 10:59:10 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux [root@localhost ~]# lscpu Architecture: x86_64 CPU op-mode(s): 32-bit, 64-bit Byte Order: Little Endian CPU(s): 2 On-line CPU(s) list: 0,1 Thread(s) per core: 1 Core(s) per socket: 2 Socket(s): 1 NUMA node(s): 1 Vendor ID: GenuineIntel CPU family: 6 Model: 142 Model name: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz Stepping: 9 CPU MHz: 2904.008 BogoMIPS: 5808.01 Virtualization: VT-x Hypervisor vendor: VMware Virtualization type: full L1d cache: 32K L1i cache: 32K L2 cache: 256K L3 cache: 4096K NUMA node0 CPU(s): 0,1 Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc cpuid aperfmperf pni pclmulqdq vmx ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch epb invpcid_single pti tpr_shadow vnmi ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid rdseed adx smap xsaveopt dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp [root@localhost ~]# free -h total used free shared buff/cache available Mem: 3.7Gi 1.1Gi 299Mi 4.0Mi 2.3Gi 2.3Gi Swap: 3.9Gi 16Mi 3.9Gi [root@localhost ~]# df -h Filesystem Size Used Avail Use% Mounted on devtmpfs 1.9G 0 1.9G 0% /dev tmpfs 1.9G 0 1.9G 0% /dev/shm tmpfs 1.9G 9.8M 1.9G 1% /run tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup /dev/mapper/cl-root 46G 11G 35G 24% / /dev/sda1 976M 193M 716M 22% /boot tmpfs 376M 1.2M 375M 1% /run/user/42 tmpfs 376M 4.0K 376M 1% /run/user/0 overlay 46G 11G 35G 24% /var/lib/docker/overlay2/dfa135f70d10d320af252c3773ed7a4d200f9378d5614a3220cfa3b8bc8e6765/merged [root@localhost ~]#
安装环境依赖组件
yum install -y gcc make git openssl
编译环境搭建
下载kata安装包
wget https://github.com/kata-containers/kata-containers/archive/refs/tags/2.0.2.tar.gz
安装golang开发环境
wget https://dl.google.com/go/go1.16.3.linux-amd64.tar.gz
解压golang安装包
tar -C /usr/local -xf go1.16.3.linux-amd64.tar.gz
配置golang开发环境
mkdir /root/go
echo "export GOROOT=/usr/local/go" >> /etc/profile
echo "export GOPATH=/root/go" >> /etc/profile
echo "export GO111MODULE=on" >> /etc/profile
echo "export PATH=$PATH:$GOPATH/bin" >> /etc/profile
source /etc/profile
安装rust环境
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
根据提示选择默认配置:1
安装完成后配置环境变量
source $HOME/.cargo/env
创建config文件,配置rust加速源
[root@localhost ~]# cat /root/.cargo/config
[source.crates-io]
registry = "https://github.com/rust-lang/crates.io-index"
replace-with = 'ustc'
[source.ustc]
registry = "git://mirrors.ustc.edu.cn/crates.io-index"
编译kata-containers v2
kata-containers release 2.0.2版本顶层目录make编译会因为rust编译失败,所以分别进入不同组件目录进行编译;或者编辑顶级目录的Makefile注释“TOOLS += agent-ctl”配置,取消agent-ctl编译可以编译出kata-runtime和kata-agent
编译kata-runtime
cd kata-containers-2.0.2/src/runtime
make
第一次编译会出现找不到yq命令错误提示:INFO: yq was not found, installing it
编译脚本会在golang环境中自动下载,编译完成后执行:make install 完成kata-runtime安装
安装完成后会显示二进制以及配置文件安装详情:
• Summary:
destination install path (DESTDIR) : /
binary installation path (BINDIR) : /usr/local/bin
binaries to install :
- /usr/local/bin/kata-runtime
- /usr/local/bin/containerd-shim-kata-v2
- /usr/local/bin/kata-monitor
- /usr/libexec/kata-containers/kata-netmon
- /usr/local/bin/data/kata-collect-data.sh
configs to install (CONFIGS) :
- cli/config/configuration-acrn.toml
- cli/config/configuration-clh.toml
- cli/config/configuration-fc.toml
- cli/config/configuration-qemu.toml
install paths (CONFIG_PATHS) :
- /usr/share/defaults/kata-containers/configuration-acrn.toml
- /usr/share/defaults/kata-containers/configuration-clh.toml
- /usr/share/defaults/kata-containers/configuration-fc.toml
- /usr/share/defaults/kata-containers/configuration-qemu.toml
alternate config paths (SYSCONFIG_PATHS) :
- /etc/kata-containers/configuration-acrn.toml
- /etc/kata-containers/configuration-clh.toml
- /etc/kata-containers/configuration-fc.toml
- /etc/kata-containers/configuration-qemu.toml
default install path for qemu (CONFIG_PATH) : /usr/share/defaults/kata-containers/configuration.toml
default alternate config path (SYSCONFIG) : /etc/kata-containers/configuration.toml
qemu hypervisor path (QEMUPATH) : /usr/bin/qemu-system-x86_64
cloud-hypervisor hypervisor path (CLHPATH) : /usr/bin/cloud-hypervisor
firecracker hypervisor path (FCPATH) : /usr/bin/firecracker
acrn hypervisor path (ACRNPATH) : /usr/bin/acrn-dm
assets path (PKGDATADIR) : /usr/share/kata-containers
shim path (PKGLIBEXECDIR) : /usr/libexec/kata-containers
执行kata-runtime kata-check检测kata-runtime运行环境是否正常,如果运行在vmware环境中会因为vmware加载了一些 vmware的模块并使用 vsock从而产生冲突
WARN[0000] modprobe insert module failed: modprobe: ERROR: could not insert 'vhost_vsock': Device or resource busy arch=amd64 error="exit status 1" module=vhost_vsock name= pid=159576 source=runtime
ERRO[0000] kernel property not found arch=amd64 description="Host Support for Linux VM Sockets" name=vhost_vsock pid=159576 source=runtime type=module
创建/etc/modprobe.d/blacklist-vmware.conf文件,限制系统启动加载vmware模块
blacklist vmw_vsock_virtio_transport_common
blacklist vmw_vsock_vmci_transport
编译kata-agent
cd kata-containers-2.0.2/src/agent
make
第一次编译出现如下错误:
error[E0463]: can't find crate for `core`
|
= note: the `x86_64-unknown-linux-musl` target may not be installed
rust安装x86_64-unknown-linux-musl:
rustup target add x86_64-unknown-linux-musl
重新编译
编译rootfs
编译rootfs过程会下载、安装依赖组件,最好使用docker环境进行编译避免安装过多组件在系统,所以在准备开发环境时卸载了podman,安装了docker
cd /root/katav2/kata-containers-2.0.2/tools/osbuilder/rootfs-builder
编译rootfs
script -fec 'sudo -E USE_DOCKER=true SECCOMP=no ./rootfs.sh centos'
编译过程中可能会因为网络原因导致编译失败:
Step 6/12 : RUN cd /tmp ; curl -OL https://storage.googleapis.com/golang/go1.14.4.linux-amd64.tar.gz
---> Running in 473c0ff8c147
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:21 --:--:-- 0
curl: (35) TCP connection reset by peer
重新编译
如果需要编译带console的镜像需要在制作镜像时指定添加额外的组件
script -fec 'USE_DOCKER=true EXTRA_PKGS="bash coreutils" ./rootfs.sh centos'
成功编译rootfs后会有如下提示,会在rootfs中自动安装kata-agent和kata-agent的systemd文件
Installing systemd unit files...
install -D -m 644 kata-agent.service /root/katav2/kata-containers-2.0.2/tools/osbuilder/rootfs-builder/rootfs/usr/lib/systemd/system/kata-agent.service || exit 1; install -D -m 644 kata-containers.target /root/katav2/kata-containers-2.0.2/tools/osbuilder/rootfs-builder/rootfs/usr/lib/systemd/system/kata-containers.target || exit 1;
~/katav2/kata-containers-2.0.2/tools/osbuilder/rootfs-builder
[OK] Agent installed
INFO: Check init is installed
[OK] init is installed
INFO: Create /etc/resolv.conf file in rootfs if not exist
INFO: Creating summary file
INFO: Created summary file '/var/lib/osbuilder/osbuilder.yaml' inside rootfs
Script done, file is typescript
编译rootfs image
进入编译image目录
cd /root/katav2/kata-containers-2.0.2/tools/osbuilder/image-builder
执行编译脚本
script -fec 'sudo -E USE_DOCKER=true ./image_builder.sh /root/katav2/kata-containers-2.0.2/tools/osbuilder/rootfs-builder/rootfs'
成功后如下提示
OK!
1+0 records in
1+0 records out
2097152 bytes (2.1 MB, 2.0 MiB) copied, 0.00454381 s, 462 MB/s
1044480+0 records in
1044480+0 records out
534773760 bytes (535 MB, 510 MiB) copied, 15.3046 s, 34.9 MB/s
Script done, file is typescript
编译kata kernel
cd /root/katav2/kata-containers-2.0.2/tools/packaging/kernel
配置kernel编译环境
./build-kernel.sh setup
出现如下错误是因为编译内核时找不到内核.config文件,原因是build-kernel.sh编译脚本中force_setup_generate_config变量默认false,导致没有执行到make oldconfig命令,所以没有.config文件
*** Configuration file ".config" not found!
***
*** Please run some configurator (e.g. "make oldconfig" or
*** "make menuconfig" or "make xconfig").
***
编译内核
./build-kernel.sh build
安装内核文件到/usr/share/kata-containers/目录
./build-kernel.sh install
1042
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
