feat: working configuration

Author: ranjankuldeep

Makefile

@@ -1,6 +1,6 @@
 build: 
-	@go build -o bin/firetest
+	go build -o bin/firetest
 run: build
-	@sudo -E ./bin/firetest
+	sudo ./bin/firetest
 test: 
-	@go test ./...
+	go test ./...

bin/firetest

@@ -7,7 +7,10 @@ toolchain go1.22.3
 require (
 	github.com/docker/docker v27.0.3+incompatible
 	github.com/firecracker-microvm/firecracker-go-sdk v1.0.0
+	github.com/freddierice/go-losetup v0.0.0-20170407175016-fc9adea44124
 	github.com/sirupsen/logrus v1.9.3
+	github.com/vishvananda/netlink v1.1.1-0.20210330154013-f5de75959ad5
+	github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f
 	github.com/weaveworks/ignite v0.10.0
 )
 
@@ -50,8 +53,6 @@ require (
 	github.com/opencontainers/image-spec v1.0.2 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/vishvananda/netlink v1.1.1-0.20210330154013-f5de75959ad5 // indirect
-	github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f // indirect
 	go.mongodb.org/mongo-driver v1.8.3 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect
 	go.opentelemetry.io/otel v1.28.0 // indirect

go.mod

@@ -331,6 +331,7 @@ github.com/fluxcd/toolkit v0.0.1-beta.2/go.mod h1:NqDXj2aeVMbVkrCHeP/r0um+edXXye
 github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
 github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
 github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k=
+github.com/freddierice/go-losetup v0.0.0-20170407175016-fc9adea44124 h1:TVfi5xMshZAXzVXozESk8bi0JSTPwHkx7qtLOkkcu/c=
 github.com/freddierice/go-losetup v0.0.0-20170407175016-fc9adea44124/go.mod h1:zAk7fcFx45euzK9Az14j6Hd9n8Cwhnjp/NBfhSIAmFg=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
 github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=

go.sum

@@ -1,8 +1,45 @@
 package main
 
-import "ranjankuldeep/test/methods"
+import (
+	"fmt"
+	"log"
+	"os"
+	"ranjankuldeep/test/snapshot"
+)
 
 func main() {
-	methods.ExampleJailerConfig_enablingJailer()
+	baseFile := "../ubuntu-22.04.ext4"
+	overlayDir := "../overlays"
+	uid := 123
+	gid := 100
+
+	device, err := snapshot.CreateDeviceMapper(baseFile, overlayDir)
+	if err != nil {
+		log.Fatalf("Failed to create device mapper: %v", err)
+	}
+	defer func() {
+		if err := device.Cleanup(); err != nil {
+			log.Fatalf("Failed to cleanup device mapper: %v", err)
+		}
+	}()
+
+	if err := os.Chown(device.OverlayFilename, uid, gid); err != nil {
+		log.Fatalf("Failed to change ownership of overlay file: %v", err)
+	}
+
+	fmt.Printf("Ownership of overlay file %s changed to UID: %d and GID: %d\n", device.OverlayFilename, uid, gid)
+
+	fmt.Printf("Device Mapper created:\n")
+	fmt.Printf("Base Device: %s\n", device.BaseDev.Path())
+	fmt.Printf("Overlay Device: %s\n", device.OverlayDev.Path())
+	fmt.Printf("Base Name: %s\n", device.BaseName)
+	fmt.Printf("Overlay Name: %s\n", device.OverlayName)
+	fmt.Printf("Overlay Filename: %s\n", device.OverlayFilename)
+
+	// The overlay device you will pass to Firecracker
+	overlayDevicePath := fmt.Sprintf("/dev/mapper/%s", device.OverlayName)
+	fmt.Printf("Overlay Device Path: %s\n", overlayDevicePath)
+
+	// methods.ExampleJailerConfig_enablingJailer()
 	select {}
 }

main.go

@@ -50,7 +50,7 @@ func CreateContainer(name string) (string, error) {
 	hostConfig := &container.HostConfig{
 		AutoRemove:  true,
 		NetworkMode: container.NetworkMode(networkResp.ID),
-	}
+	} 
 
 	// Create the container
 	containerResp, err := cli.ContainerCreate(

methods/container.go

@@ -2,17 +2,23 @@ package methods
 
 import (
 	"context"
-	"fmt"
 	"log"
 	"net"
 	"os"
+	"os/exec"
+	"path/filepath"
 
 	"github.com/firecracker-microvm/firecracker-go-sdk"
 	models "github.com/firecracker-microvm/firecracker-go-sdk/client/models"
-	"github.com/weaveworks/ignite/pkg/logs"
 )
 
-// JAILER CONFIGURATION
+const (
+	CreateLogFilesHandlerName    = "create-log-files"
+	LinkFilesToRootFSHandlerName = "link-files-to-rootfs"
+	rootfsFolderName             = "root"
+	ErrMissingJailerConfig       = "missing jailer config"
+)
+
 func ExampleJailerConfig_enablingJailer() {
 	UID := 123
 	GID := 100
@@ -28,12 +34,28 @@ func ExampleJailerConfig_enablingJailer() {
 	vmmCtx, vmmCancel := context.WithCancel(ctx)
 	defer vmmCancel()
 
+	// jailerRootDir := "/srv/jailer/firecracker/4569/root/"
+	// mapperDir := filepath.Join(jailerRootDir, "dev/mapper")
+	// bindMountPoint := filepath.Join(mapperDir, filepath.Base(overlayDevice))
+
 	const id = "4569"
-	//
-	const kernelImagePath = "../vmlinux-5.10.210"
+	// err = os.MkdirAll(mapperDir, os.ModePerm)
+	// if err != nil {
+	// 	fmt.Printf("Error creating directory %s: %v\n", mapperDir, err)
+	// 	return
+	// }
+	// fmt.Printf("Directory %s created successfully\n", mapperDir)
+
+	// err = bindMount(overlayDevice, bindMountPoint)
+	// if err != nil {
+	// 	log.Fatalf("Error bind mounting overlay device: %v", err)
+	// }
+
+	// fmt.Println("Overlay device successfully bind mounted")
+
+	const kernelImagePath = "vmlinux-5.10.210"
 	networkIfaces := []firecracker.NetworkInterface{{
 		StaticConfiguration: &firecracker.StaticNetworkConfiguration{
-			// MacAddress:  "AA:FC:00:00:00:01", // potential bug here
 			MacAddress:  "52:54:00:ab:cd:ef",
 			HostDevName: "tap0",
 			IPConfiguration: &firecracker.IPConfiguration{
@@ -47,27 +69,27 @@ func ExampleJailerConfig_enablingJailer() {
 			},
 		},
 	}}
-	stdOutPath := "/dev/null"
-	stdout, err := os.OpenFile(stdOutPath, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0644)
-	if err != nil {
-		logs.Logger.Errorf("failed to create stdout file: %v", err)
-	}
-	stdErrPath := "/dev/null"
-	stderr, err := os.OpenFile(stdErrPath, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0644)
-	if err != nil {
-		logs.Logger.Errorf("failed to create stderr file: %v", err)
-	}
-	stdInPath := "/dev/null"
-	stdin, err := os.OpenFile(stdInPath, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0644)
-	if err != nil {
-		logs.Logger.Errorf("failed to create stderr file: %v", err)
-	}
+	// stdOutPath := "/dev/null"
+	// stdout, err := os.OpenFile(stdOutPath, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0644)
+	// if err != nil {
+	// 	logs.Logger.Errorf("failed to create stdout file: %v", err)
+	// }
+	// stdErrPath := "/dev/null"
+	// stderr, err := os.OpenFile(stdErrPath, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0644)
+	// if err != nil {
+	// 	logs.Logger.Errorf("failed to create stderr file: %v", err)
+	// }
+	// stdInPath := "/dev/null"
+	// stdin, err := os.OpenFile(stdInPath, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0644)
+	// if err != nil {
+	// 	logs.Logger.Errorf("failed to create stderr file: %v", err)
+	// }
 
 	fcCfg := firecracker.Config{
 		SocketPath:      socketPath,
 		KernelImagePath: kernelImagePath,
 		KernelArgs:      "console=ttyS0 reboot=k panic=1 pci=off",
-		Drives:          firecracker.NewDrivesBuilder("../ubuntu-22.04.ext4.3").Build(),
+		Drives:          firecracker.NewDrivesBuilder("drive_0").Build(),
 		LogLevel:        "Debug",
 		MachineCfg: models.MachineConfiguration{
 			VcpuCount:  firecracker.Int64(2),
@@ -82,33 +104,33 @@ func ExampleJailerConfig_enablingJailer() {
 			NumaNode:       firecracker.Int(0),
 			JailerBinary:   "../jailer",
 			ChrootBaseDir:  "/srv/jailer",
-			Stdin:          stdin,
-			Stdout:         stdout,
-			Stderr:         stderr,
+			Stdin:          os.Stdin,
+			Stdout:         os.Stdout,
+			Stderr:         os.Stderr,
 			CgroupVersion:  "2",
-			ChrootStrategy: firecracker.NewNaiveChrootStrategy(kernelImagePath),
+			ChrootStrategy: NewPrePlacedFilesStrategy(kernelImagePath),
 			ExecFile:       "../firecracker",
 		},
 		NetNS:             nsPath,
 		NetworkInterfaces: networkIfaces,
 	}
 
-	// Check if kernel image is readable
-	f, err := os.Open(fcCfg.KernelImagePath)
-	if err != nil {
-		panic(fmt.Errorf("failed to open kernel image: %v", err))
-	}
-	f.Close()
-
-	// Check each drive is readable and writable
-	for _, drive := range fcCfg.Drives {
-		drivePath := firecracker.StringValue(drive.PathOnHost)
-		f, err := os.OpenFile(drivePath, os.O_RDWR, 0666)
-		if err != nil {
-			panic(fmt.Errorf("failed to open drive with read/write permissions: %v", err))
-		}
-		f.Close()
-	}
+	// // Check if kernel image is readable
+	// f, err := os.Open(fcCfg.KernelImagePath)
+	// if err != nil {
+	// 	panic(fmt.Errorf("failed to open kernel image: %v", err))
+	// }
+	// f.Close()
+
+	// // Check each drive is readable and writable
+	// for _, drive := range fcCfg.Drives {
+	// 	drivePath := firecracker.StringValue(drive.PathOnHost)
+	// 	f, err := os.OpenFile(drivePath, os.O_RDWR, 0666)
+	// 	if err != nil {
+	// 		panic(fmt.Errorf("failed to open drive with read/write permissions: %v", err))
+	// 	}
+	// 	f.Close()
+	// }
 
 	m, err := firecracker.NewMachine(vmmCtx, fcCfg)
 	if err != nil {
@@ -128,3 +150,61 @@ func ExampleJailerConfig_enablingJailer() {
 		panic(err)
 	}
 }
+
+func bindMount(source, target string) error {
+	cmd := exec.Command("mount", "--bind", source, target)
+	return cmd.Run()
+}
+
+type PrePlacedFilesStrategy struct {
+	KernelImagePath string
+}
+
+func NewPrePlacedFilesStrategy(kernelImagePath string) PrePlacedFilesStrategy {
+	return PrePlacedFilesStrategy{
+		KernelImagePath: kernelImagePath,
+	}
+}
+
+func (s PrePlacedFilesStrategy) AdaptHandlers(handlers *firecracker.Handlers) error {
+	// if !handlers.FcInit.Has(CreateLogFilesHandlerName) {
+	// 	log.Println("ehllo")
+	// 	return firecracker.ErrRequiredHandlerMissing
+	// }
+
+	handlers.FcInit = handlers.FcInit.AppendAfter(
+		CreateLogFilesHandlerName,
+		LinkKernelImageHandler(filepath.Base(s.KernelImagePath)),
+	)
+
+	return nil
+}
+
+func LinkKernelImageHandler(kernelImageFileName string) firecracker.Handler {
+	log.Println(kernelImageFileName)
+	return firecracker.Handler{
+		Name: LinkFilesToRootFSHandlerName,
+		Fn: func(ctx context.Context, m *firecracker.Machine) error {
+			if m.Cfg.JailerCfg == nil {
+				return firecracker.ErrMissingJailerConfig
+			}
+
+			rootfs := filepath.Join(
+				m.Cfg.JailerCfg.ChrootBaseDir,
+				filepath.Base(m.Cfg.JailerCfg.ExecFile),
+				m.Cfg.JailerCfg.ID,
+				rootfsFolderName,
+			)
+
+			if err := os.Link(
+				m.Cfg.KernelImagePath,
+				filepath.Join(rootfs, kernelImageFileName),
+			); err != nil {
+				return err
+			}
+			log.Println(kernelImageFileName)
+			m.Cfg.KernelImagePath = kernelImageFileName
+			return nil
+		},
+	}
+}