-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for running macOS guests. #148
Conversation
Hi @williamtheaker. Thanks for your PR. I'm waiting for a crc-org member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
/ok-to-test |
I've fixed this in https://github.com/cfergeau/vfkit/tree/wt.macos_guests |
Do you have an example of the json file used by macosvm or tart?
I'll try to look at this today! |
macosvm {
"serial": true,
"os": "macos",
"hardwareModel": "YnBsaXN0MDDTAQIDBAUGXxAZRGF0YVJlcHJlc2VudGF0aW9uVmVyc2lvbl8QD1BsYXRmb3JtVmVyc2lvbl8QEk1pbmltdW1TdXBwb3J0ZWRPUxQAAAAAAAAAAAAAAAAAAAABEAKjBwgIEA0QAAgPKz1SY2VpawAAAAAAAAEBAAAAAAAAAAkAAAAAAAAAAAAAAAAAAABt",
"storage": [
{
"type": "disk",
"file": "disk.img"
},
{
"type": "aux",
"file": "aux.img"
}
],
"ram": 4294967296,
"machineId": "YnBsaXN0MDDRAQJURUNJRBMlAGfNcIpmowgLEAAAAAAAAAEBAAAAAAAAAAMAAAAAAAAAAAAAAAAAAAAZ",
"displays": [
{
"dpi": 200,
"height": 1600,
"width": 2560
}
],
"version": 1,
"cpus": 2,
"networks": [
{
"type": "nat"
}
],
"audio": false
} Tart {
"macAddress" : "c2:0e:15:c5:6e:25",
"memorySizeMin" : 4294967296,
"display" : {
"width" : 1024,
"height" : 768
},
"hardwareModel" : "YnBsaXN0MDDTAQIDBAUGXxAZRGF0YVJlcHJlc2VudGF0aW9uVmVyc2lvbl8QD1BsYXRmb3JtVmVyc2lvbl8QEk1pbmltdW1TdXBwb3J0ZWRPUxQAAAAAAAAAAAAAAAAAAAABEAKjBwgIEA0QAAgPKz1SY2VpawAAAAAAAAEBAAAAAAAAAAkAAAAAAAAAAAAAAAAAAABt",
"cpuCount" : 4,
"os" : "darwin",
"ecid" : "YnBsaXN0MDDRAQJURUNJRBQAAAAAAAAAAMSGIoemH\/\/VCAsQAAAAAAAAAQEAAAAAAAAAAwAAAAAAAAAAAAAAAAAAACE=",
"version" : 1,
"memorySize" : 4294967296,
"arch" : "arm64",
"cpuCountMin" : 2
} You can see the hardwareModel is identical in both files. It's a binary plist containing I'm still trying to figure out whether it makes sense to add the ability to create/install macOS VMs with vfkit, which will influence how to provide these values, whether as strings or files on disk. |
Thanks! Should I merge your architecture-specific files commit into my branch? |
Sure, you can do whatever you see fit with them, cherry-pick, squash, rewrite, ... :) |
I added a few more commits to https://github.com/cfergeau/vfkit/tree/wt.macos_guests to pass the args to NewMacPlatformConfiguration.
Same answer as in the previous paragraph, I'll need to look closer at this. My gut feeling is that it would make sense to offer this, it's (a bit) similar to #124 / #123 |
If the code is this PR is enough to be able to start and use an already installed macos VM, I think we should work on merging this first. The other missing features can be added on top of this in separate PRs, no need to block the merging of this until everything is done. |
I merged in your commits and fixed some linting issues. I think this is ready to be reviewed. |
There's another tool using the Virtualization Framework called Orka, which, like Tart, stores images and "layers" (not sure how closely they match Linux container functionality) in an OCI format. The software is proprietary and it uses nonstandard mediatypes, but we can still look at their config file layout. Here's the config from this Orka base image: {
"UID": "882B4402-E965-43E4-9570-EA01EEDCE5AA",
"cpuCount": 4,
"diskSizeGB": 90,
"displayDPI": 96,
"displayHeight": 1080,
"displayWidth": 1920,
"graphicalConsole": false,
"hardwareModel": "YnBsaXN0MDDTAQIDBAUGXxAZRGF0YVJlcHJlc2VudGF0aW9uVmVyc2lvbl8QD1BsYXRmb3JtVmVyc2lvbl8QEk1pbmltdW1TdXBwb3J0ZWRPUxQAAAAAAAAAAAAAAAAAAAABEAKjBwgIEA0QAAgPKz1SY2VpawAAAAAAAAEBAAAAAAAAAAkAAAAAAAAAAAAAAAAAAABt",
"installed": true,
"machineIdentifier": "YnBsaXN0MDDRAQJURUNJRBMT1iLyrVR8AggLEAAAAAAAAAEBAAAAAAAAAAMAAAAAAAAAAAAAAAAAAAAZ",
"memorySize": 4294967296,
"memorySizeMB": 4096,
"restoreImage": "default",
"serialConsole": true,
"version": "8C89B5C1-3D6E-4B80-A45B-51EE97B6C0EB"
} Looks like everyone is using the same generic hardwareModel string 😅 |
This hardware model string is not really special/magic:
However, I guess Apple does not document it, so better to treat it as an opaque blob. |
There's a comment in |
This rewords a few things, adds clarifications, fixes typos and formatting, ...
fce1401
to
028f373
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Finally got back to this PR, I squashed/split the commits a bit, and dropped the comments which were asking questions about potential fixes.
I've force-pushed these changes to this PR, I'm fine to merge these as they are.
README.md
Outdated
@@ -17,6 +17,9 @@ brew tap cfergeau/crc | |||
brew install vfkit | |||
``` | |||
|
|||
### Building | |||
|
|||
From the root direction of this repository, run `make`. You will need a valid Apple Developer certificate to sign the binaries with the required entitlements. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A valid Apple Developer certificate is not required to sign the binary, the Makefile uses codesign -s -
aka ad hoc signing ( https://ss64.com/mac/codesign.html ), which works without any Apple certificate.
doc/quickstart.md
Outdated
@@ -5,14 +5,14 @@ | |||
vfkit is a macOS command-line-based hypervisor, which uses [Apple's Virtualization Framework](https://developer.apple.com/documentation/virtualization?language=objc) to run virtual machines. | |||
You start a virtual machine by running vfkit with a set of arguments describing the virtual machine configuration/hardware. | |||
When vfkit stops, the virtual machine stops running. | |||
It requires macOS 11 or newer, and runs on both x86_64 and aarch64 Macs. | |||
It requires macOS 11 or newer, and runs on both x86_64 and arm64 Macs. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I usually use either amd64
/arm64
which is the go naming, or x86_64
/aarch64
which is the linux naming, x86_64
+arm64
is imo weirdly inconsistent. We can use Intel and Apple silicon Macs
which is the naming used by Apple.
```HTTP | ||
GET /vm/inspect | ||
``` | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for all the typo/formatting/... fixes, I've split them to their own commit.
pkg/vf/virtio.go
Outdated
@@ -328,6 +340,7 @@ func (dev *USBMassStorage) AddToVirtualMachineConfig(vmConfig *VirtualMachineCon | |||
return nil | |||
} | |||
|
|||
// Move these to top of file? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've removed this comment, but yeah it would make sense to group all hte public structs at the top of the file.
pkg/vf/vm_arm64.go
Outdated
) | ||
|
||
func NewMacPlatformConfiguration(machineIdentifierVar, hardwareModelVar, auxiliaryStorageVar string) (vz.PlatformConfiguration, error) { | ||
// var HardwareModelVar =[]byte( "YnBsaXN0MDDTAQIDBAUGXxAZRGF0YVJlcHJlc2VudGF0aW9uVmVyc2lvbl8QD1BsYXRmb3JtVmVyc2lvbl8QEk1pbmltdW1TdXBwb3J0ZWRPUxQAAAAAAAAAAAAAAAAAAAABEAKjBwgIEA0QAAgPKz1SY2VpawAAAAAAAAEBAAAAAAAAAAkAAAAAAAAAAAAAAAAAAABt") // Binary plist with {"DataRepresentationVersion":1,"MinimumSupportedOS":[13,0,0],"PlatformVersion":2} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've kept the comment, but explained a bit more what this is about:
// The following string is common for the hardware model:
// `YnBsaXN0MDDTAQIDBAUGXxAZRGF0YVJlcHJlc2VudGF0aW9uVmVyc2lvbl8QD1BsYXRmb3JtVmVyc2lvbl8QEk1pbmltdW1TdXBwb3J0ZWRPUxQAAAAAAAAAAAAAAAAAAAABEAKjBwgIEA0QAAgPKz1SY2VpawAAAAAAAAEBAAAAAAAAAAkAAAAAAAAAAAAAAAAAAABt`
// It is a base64-encoded binary plist with this content: `{"DataRepresentationVersion":1,"MinimumSupportedOS":[13,0,0],"PlatformVersion":2}`
cmd/vfkit/main.go
Outdated
@@ -172,7 +172,8 @@ func runVirtualMachine(vmConfig *config.VirtualMachine, vm *vf.VirtualMachine) e | |||
log.Debugf("%v", err) | |||
} | |||
|
|||
log.Infof("waiting for VM to stop") | |||
// Is this print statement necessary? It gives the impression that any running VM is in the process of stopping | |||
log.Infof("Waiting for VM to stop") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've dropped these changes for now, but I agree this could be improved.
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cfergeau The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
This PR implements running macOS guests with vfkit, which requires an arm64/Apple silicon device running macOS 12 or later. Thank you cfergeau for your assistance in developing this feature.
Core concepts
The macOS in QEMU (ARM edition) talk explains this in more detail, but booting a macOS guest image requires three components:
These files can be created with Apple's sample InstallationTool code or by building and running the installation example in the vz repo.
Tested working
Host running 14.5 (23F79) and guest running 14.4.1 (23E224):
/var/db/dhcpd_leases
./dev/tty.virtio
.Unimplemented
Todo
Figure out how to handle metadata. Other projects like macosvm and Tart create .json files with the VM's hardwareModel and MachineIdentifier values. Maybe this would be a good use for #28 too?
Closes #139