microvm.nix
microvm.nix copied to clipboard
astro
Implement vmm.notify_socket
Systemd supports receiving a vmm.notify_socket credential so it can notify the host when the VM has finished loading: https://www.freedesktop.org/software/systemd/man/latest/systemd.system-credentials.html#vmm.notify_socket
If we implement this then the microvm@ service can accurately reflect the VM status
This might actually be surprisingly easy, for cloud hypervisor the interface is that you create a unix socket on the host and then that gets bound to a vsock on the guest: https://github.com/cloud-hypervisor/cloud-hypervisor/blob/845bdfb1b24a6a86d1ab7e819ca155faf314c9f7/docs/vsock.md#connecting-from-guest-to-host
The unix socket for Type=notify is passed through $NOTIFY_SOCKET so we need to:
ln -sfn $NOTIFY_SOCKET /tmp/notify.vsock_1234- Pass
--vsock cid=3,socket=/tmp/notify.vsockto cloud-hypervisor - Set
vmm.notify_sockettovsock:2:1234by passing--platform oem_strings=[io.systemd.credential:vmm.notify_socket=vsock:2:1234]tocloud-hypervisor
And then I think it might work?
I tried to do this, but unfortunately cloud-hypervisor doesn't support datagram vsock: https://github.com/cloud-hypervisor/cloud-hypervisor/issues/6307 which is what systemd uses for notifications
Figured it out, systemd can actually use a vsock-stream: notification socket, see: https://github.com/astro/microvm.nix/pull/219
Very cool, thank you!
Of course I am interested in having support for that feature for the other hypervisors. Are you going to add them?
@bouk do you know if this definitely breaks when using different systemd version on the host and in the hypervisor? eg 255 on the host and 256 in the vm?
