Linux VM builder refactor

[aleasims]

This PR contains a big Linux VM builder refactor.

Motivation

• Make the code more solid and extendable
• Remove the need of sudo
• Improve logging and error messaging
• Calculate the size of VM automatically (no need to guess --size)
• Remove the need of extlinux installed

Changes

Most of the code is located in src/builders_v2. Most of commits are representing a single entity addition to new builder.

Code structure

• core.rs - implements pipeline and context logic for builder.
• linux_vm/mod.rs - is the main entrypoint for Linux VM builder. Pipeline steps are configured there. Build options are also defined there.
• linux_vm/*.rs - other modules. Each module contains helping data types (normally they will be stored in Context) and Step implementations. Most of the step implementations are dramatically reworked from older SkopeoSyslinuxBuilder.
• linux_vm/data - contains some auxiliary data for builder, which will be baked into gvltctl executable.

Changes overview

• Added option to specify container backend (podman or docker). But docker is still untested :)
• Added FUSE support (no more sudo for mounting!). R.n. it is enabled with --fuse option, however in the future this should be the default behavior and this option will be replaced with --no-fuse.
• Size of the VM is now calculated automatically by the size of all the artifacts to install into VM (see linux_vm/resize.rs). However --size option is still available to overwrite this behavior.
• Instead of creating VM image from scratch, there is a base image, which contains:
  • MBR partitions
  • filesystem EXT4
  • EXTLINUX bootloader
    This doesn't boost performance a lot, however eliminates the need of EXTLINUX for user. To create an image from scratch added --from-scratch option. This will require root however, because EXTLINUX installation doesn't support FUSE filesystems. So using --from-scratch is almost the same as SkopeoSyslinuxBuilder.
• Base image can be generated with --generate-base-image option.
• Some ways to extend the code are left there: e.g. FileSystemHandler trait allows to add other filesystems (EXT3 or else). Same with MountHandler trait. The same is possible for partition table handling, but for now I use only MBR.
• NVIDIA drivers now building and installing in separate steps (to retrieve their size on time)
• MBR partitions are handled with mbrman crate. MBR limits our filesystem size and in the future we will probably need to change it. However I haven't find a nice read-write API for GPT in Rust.
• Added CI workflow to test VM building. It takes quite a lot of time to run, so for now it is triggered only manually.

Notes

• Since this builder is still considered unstable, all the changes to builder are gated with vm-builder-v2. To use new builder, compile gvltctl with this feature enabled. Without this feature everything is working as it was before.
• When we will be happy with this builder, we can remove this feature and make this implementation a default one. By design it is including the previous version facilities.
• MacOS is not implemented yet (sorry)
• Something may not work, it's still rough, but since it is hidden under feature, we can even safely merge it.

Example

Simple VM test is added to tests/vm_builder/simple_vm. You can install required runtime dependencies (described in README) and run it:

cargo build --features vm-builder-v2
cd tests/vm_builder/simple_vm
../../../target/debug/gvltctl build -f ./Containerfile --fuse --no-gevulot-runtime
qemu-system-x86_64 -machine q35 -enable-kvm -nographic --hda disk.img

You should see "Hello world" printed by main application in the VM.

Future work

• Implement everything left for MacOS support (basically filesystem/FUSE handling)
• Test new builder intensively and figure out all the bugs
• Run tests on CI
• Work on proper NVIDIA drivers installation to allow running inside container (without podman-in-podman)
• Improve caching for Linux kernel, MIA, NVIDIA drivers etc.
• Consider switching to GPT from MBR.
• All the TODOs left in the code

[trusch]

❤️

[trusch]

Love it

[aleasims]

Update on CI

I've added a proper workflow for testing VM builder (works with --features vm-builder-v2).

• First step simply builds gvltctl and should be used in the future as a replacement to existing workflow, because it has caching.
• Second step builds test VM image (with precompiled HelloWorld and kernel) and runs it with QEMU

(Sorry for force-pushing, I messed up merging master somehow)

[tuommaki]

Given we clear out the licensing question, otherwise this looks very good to me 🙌

[tuommaki]

Is the intention here to only prepare for later package installations or actually upgrade all packages? apt-get update only updates the package index. apt-get upgrade upgrades packages themselves 🙂

[aleasims]

Yep, just preparing for future installations.

[tuommaki]

Hmm... This is slightly in grey area. After a quick peek, it seems that the syslinux/extlinux and it's mbr are under GPL. When embedding pre-compiled binary inside a binary, does it count as redistribution or linking (legally)? At least the copyright and license should probably be present somewhere.

[aleasims]

Tbh I have absolutely no idea what we should do here :) Does it mean that we have to include GPL to our repo?

[aleasims]

This include is removed in the following commits.