[WIP] feat: expose mmds

cmd/ignite/cmd/vmcmd/create.go

@@ -70,6 +70,7 @@ func addCreateFlags(fs *pflag.FlagSet, cf *run.CreateFlags) {
 	// Register flags for simple types (int, string, etc.)
 	fs.Uint64Var(&cf.VM.Spec.CPUs, "cpus", cf.VM.Spec.CPUs, "VM vCPU count, 1 or even numbers between 1 and 32")
 	fs.StringVar(&cf.VM.Spec.Kernel.CmdLine, "kernel-args", cf.VM.Spec.Kernel.CmdLine, "Set the command line for the kernel")
+	fs.StringVar(&cf.VM.Spec.Metadata, "metadata", cf.VM.Spec.Metadata, "Enable MMDS and use this JSON value for creation metadata")
 
 	// Register more complex flags with their own flag types
 	cmdutil.SizeVar(fs, &cf.VM.Spec.Memory, "memory", "Amount of RAM to allocate for the VM")

cmd/ignite/run/create.go

@@ -1,6 +1,7 @@
 package run
 
 import (
+	"encoding/json"
 	"fmt"
 	"path"
 	"strings"
@@ -55,6 +56,13 @@ func (cf *CreateFlags) constructVMFromCLI(args []string) error {
 		return err
 	}
 
+	if cf.VM.Spec.Metadata != "" {
+		var dummy interface{}
+		if err := json.Unmarshal([]byte(cf.VM.Spec.Metadata), &dummy); err != nil {
+			return err
+		}
+	}
+
 	// Parse the given port mappings
 	if cf.VM.Spec.Network.Ports, err = meta.ParsePortMappings(cf.PortMappings); err != nil {
 		return err

docs/cli/ignite/ignite_create.md

@@ -41,6 +41,7 @@ ignite create <OCI image> [flags]
       --kernel-args string       Set the command line for the kernel (default "console=ttyS0 reboot=k panic=1 pci=off ip=dhcp")
   -k, --kernel-image oci-image   Specify an OCI image containing the kernel at /boot/vmlinux and optionally, modules (default weaveworks/ignite-kernel:4.19.47)
       --memory size              Amount of RAM to allocate for the VM (default 512.0 MB)
+      --metadata string          Enable MMDS and use this JSON value for creation metadata
   -n, --name string              Specify the name
       --net network-mode         Networking mode to use. Available options are: [cni docker-bridge] (default docker-bridge)
   -p, --ports strings            Map host ports to VM ports

docs/cli/ignite/ignite_run.md

@@ -36,6 +36,7 @@ ignite run <OCI image> [flags]
       --kernel-args string       Set the command line for the kernel (default "console=ttyS0 reboot=k panic=1 pci=off ip=dhcp")
   -k, --kernel-image oci-image   Specify an OCI image containing the kernel at /boot/vmlinux and optionally, modules (default weaveworks/ignite-kernel:4.19.47)
       --memory size              Amount of RAM to allocate for the VM (default 512.0 MB)
+      --metadata string          Enable MMDS and use this JSON value for creation metadata
   -n, --name string              Specify the name
       --net network-mode         Networking mode to use. Available options are: [cni docker-bridge] (default docker-bridge)
   -p, --ports strings            Map host ports to VM ports

docs/cli/ignite/ignite_vm_create.md

@@ -41,6 +41,7 @@ ignite vm create <OCI image> [flags]
       --kernel-args string       Set the command line for the kernel (default "console=ttyS0 reboot=k panic=1 pci=off ip=dhcp")
   -k, --kernel-image oci-image   Specify an OCI image containing the kernel at /boot/vmlinux and optionally, modules (default weaveworks/ignite-kernel:4.19.47)
       --memory size              Amount of RAM to allocate for the VM (default 512.0 MB)
+      --metadata string          Enable MMDS and use this JSON value for creation metadata
   -n, --name string              Specify the name
       --net network-mode         Networking mode to use. Available options are: [cni docker-bridge] (default docker-bridge)
   -p, --ports strings            Map host ports to VM ports

docs/cli/ignite/ignite_vm_run.md

@@ -36,6 +36,7 @@ ignite vm run <OCI image> [flags]
       --kernel-args string       Set the command line for the kernel (default "console=ttyS0 reboot=k panic=1 pci=off ip=dhcp")
   -k, --kernel-image oci-image   Specify an OCI image containing the kernel at /boot/vmlinux and optionally, modules (default weaveworks/ignite-kernel:4.19.47)
       --memory size              Amount of RAM to allocate for the VM (default 512.0 MB)
+      --metadata string          Enable MMDS and use this JSON value for creation metadata
   -n, --name string              Specify the name
       --net network-mode         Networking mode to use. Available options are: [cni docker-bridge] (default docker-bridge)
   -p, --ports strings            Map host ports to VM ports

pkg/apis/ignite/types.go

@@ -185,7 +185,8 @@ type VMSpec struct {
 	// Specifying a path in SSH.Generate means "use this public key"
 	// If SSH.PublicKey is set, this struct will marshal as a string using that path
 	// If SSH.Generate is set, this struct will marshal as a bool => true
-	SSH *SSH `json:"ssh,omitempty"`
+	SSH      *SSH   `json:"ssh,omitempty"`
+	Metadata string `json:"metadata,omitempty"`
 }
 
 type VMImageSpec struct {

pkg/container/firecracker.go

@@ -22,12 +22,15 @@ import (
 // ExecuteFirecracker executes the firecracker process using the Go SDK
 func ExecuteFirecracker(vm *api.VM, dhcpIfaces []DHCPInterface) error {
 	drivePath := vm.SnapshotDev()
+	mmdsData := os.Getenv("FC_META")
+	enableMmds := mmdsData != ""
 
 	networkInterfaces := make([]firecracker.NetworkInterface, 0, len(dhcpIfaces))
 	for _, dhcpIface := range dhcpIfaces {
 		networkInterfaces = append(networkInterfaces, firecracker.NetworkInterface{
 			MacAddress:  dhcpIface.MACFilter,
 			HostDevName: dhcpIface.VMTAP,
+			AllowMMDS:   enableMmds,
 		})
 	}
 
@@ -83,6 +86,12 @@ func ExecuteFirecracker(vm *api.VM, dhcpIfaces []DHCPInterface) error {
 		// TODO: We could use /dev/null, but firecracker-go-sdk issues Mkfifo which collides with the existing device
 		LogFifo:     logSocketPath,
 		MetricsFifo: metricsSocketPath,
+		VsockDevices: []firecracker.VsockDevice{
+			{
+				CID:  3,
+				Path: "vsock",
+			},
+		},
 	}
 
 	// Add the volumes to the VM
@@ -119,19 +128,23 @@ func ExecuteFirecracker(vm *api.VM, dhcpIfaces []DHCPInterface) error {
 	m, err := firecracker.NewMachine(ctx, cfg, firecracker.WithProcessRunner(cmd))
 	if err != nil {
 		return fmt.Errorf("failed to create machine: %s", err)
-	}
-
-	//defer os.Remove(cfg.SocketPath)
 
-	//if opts.validMetadata != nil {
-	//	m.EnableMetadata(opts.validMetadata)
-	//}
+	}
 
 	if err := m.Start(ctx); err != nil {
 		return fmt.Errorf("failed to start machine: %v", err)
 	}
-	defer m.StopVMM()
 
+	if enableMmds {
+		//cfg.KernelArgs = fmt.Sprintf("%s -device vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=3")
+		if err := m.SetMetadata(ctx, mmdsData); err != nil {
+			return fmt.Errorf("failed to PUT metadata to MMDS: %v", err)
+		}
+	}
+
+	//defer os.Remove(cfg.SocketPath)
+
+	defer m.StopVMM()
 	installSignalHandlers(ctx, m)
 
 	// wait for the VMM to exit

pkg/operations/start.go

@@ -49,6 +49,7 @@ func StartVM(vm *api.VM, debug bool) error {
 	config := &runtime.ContainerConfig{
 		Cmd:    []string{fmt.Sprintf("--log-level=%s", logs.Logger.Level.String()), vm.GetUID().String()},
 		Labels: map[string]string{"ignite.name": vm.GetName()},
+		Env:    []string{fmt.Sprintf("FC_META=%s", vm.Spec.Metadata)},
 		Binds: []*runtime.Bind{
 			{
 				HostPath:      vmDir,
@@ -74,6 +75,8 @@ func StartVM(vm *api.VM, debug bool) error {
 			runtime.BindBoth("/dev/net/tun"),        // Needed for creating TAP adapters
 			runtime.BindBoth("/dev/kvm"),            // Pass through virtualization support
 			runtime.BindBoth(vm.SnapshotDev()),      // The block device to boot from
+			runtime.BindBoth("/dev/vhost-vsock"),
+			runtime.BindBoth("/dev/vsock"),
 		},
 		StopTimeout:  constants.STOP_TIMEOUT + constants.IGNITE_TIMEOUT,
 		PortBindings: vm.Spec.Network.Ports, // Add the port mappings to Docker

pkg/runtime/docker/client.go

@@ -127,12 +127,12 @@ func (dc *dockerClient) RunContainer(image string, config *runtime.ContainerConf
 	}
 
 	stopTimeout := int(config.StopTimeout)
-
 	c, err := dc.client.ContainerCreate(context.Background(), &container.Config{
 		Hostname:    config.Hostname,
 		Tty:         true, // --tty
 		OpenStdin:   true, // --interactive
 		Cmd:         config.Cmd,
+		Env:         config.Env,
 		Image:       image,
 		Labels:      config.Labels,
 		StopTimeout: &stopTimeout,

pkg/runtime/types.go

@@ -43,6 +43,7 @@ type ContainerConfig struct {
 	AutoRemove   bool
 	NetworkMode  string
 	PortBindings meta.PortMappings
+	Env          []string
 }
 
 type Interface interface {