Merge pull request #227 from microsoft/mahuber/kata-img

node-builder: Use image for Pod Sandboxing
microsoft · Sep 16, 2024 · f0c9bb2 · f0c9bb2
2 parents 0635146 + d31f369
commit f0c9bb2
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 17 deletions.
diff --git a/tools/osbuilder/node-builder/azure-linux/common.sh b/tools/osbuilder/node-builder/azure-linux/common.sh
@@ -34,8 +34,8 @@ else
 	INSTALL_PATH_PREFIX="/usr"
 	UVM_TOOLS_PATH_OSB="/opt/kata-containers/uvm/tools/osbuilder"
 	UVM_TOOLS_PATH_SRC="/opt/kata-containers/uvm/src"
-	UVM_PATH="/var/cache/kata-containers/osbuilder-images/kernel-uvm"
-	INITRD_FILE_NAME="kata-containers-initrd.img"
+	UVM_PATH="${INSTALL_PATH_PREFIX}/share/kata-containers"
+	IMG_FILE_NAME="kata-containers.img"
 	SHIM_CONFIG_PATH="${INSTALL_PATH_PREFIX}/share/defaults/kata-containers"
 	SHIM_CONFIG_FILE_NAME="configuration-clh.toml"
 	SHIM_CONFIG_INST_FILE_NAME="configuration.toml"

diff --git a/tools/osbuilder/node-builder/azure-linux/package_build.sh b/tools/osbuilder/node-builder/azure-linux/package_build.sh
@@ -84,10 +84,6 @@ if [ "${CONF_PODS}" == "yes" ]; then
 	sed -i "s|${IGVM_FILE_NAME}|${IGVM_DBG_FILE_NAME}|g" "${SHIM_DBG_CONFIG_FILE_NAME}"
 	sed -i '/^#enable_debug =/s|^#||g' "${SHIM_DBG_CONFIG_FILE_NAME}"
 	sed -i '/^#debug_console_enabled =/s|^#||g' "${SHIM_DBG_CONFIG_FILE_NAME}"
-else
-	# We currently use the default config snippet from upstream that defaults to IMAGEPATH/image for the config.
-	# If we shift to using an image for vanilla Kata, we can use IMAGEPATH to set the proper path (or better make sure the image file gets placed so that default values can be used).
-	sed -i -e "s|image = .*$|initrd = \"${UVM_PATH}/${INITRD_FILE_NAME}\"|" "${SHIM_CONFIG_FILE_NAME}"
 fi
 popd
 

diff --git a/tools/osbuilder/node-builder/azure-linux/package_tools_install.sh b/tools/osbuilder/node-builder/azure-linux/package_tools_install.sh
@@ -24,16 +24,14 @@ pushd "${repo_dir}"
 echo "Creating target directories"
 mkdir -p "${PREFIX}/${UVM_TOOLS_PATH_OSB}/scripts"
 mkdir -p "${PREFIX}/${UVM_TOOLS_PATH_OSB}/rootfs-builder/cbl-mariner"
+mkdir -p "${PREFIX}/${UVM_TOOLS_PATH_OSB}/image-builder"
 mkdir -p "${PREFIX}/${UVM_TOOLS_PATH_OSB}/node-builder/azure-linux/agent-install/usr/bin"
 mkdir -p "${PREFIX}/${UVM_TOOLS_PATH_OSB}/node-builder/azure-linux/agent-install/usr/lib/systemd/system"
 
 if [ "${CONF_PODS}" == "yes" ]; then
 	mkdir -p "${PREFIX}/${UVM_TOOLS_PATH_SRC}/kata-opa"
 	mkdir -p "${PREFIX}/${UVM_TOOLS_PATH_SRC}/tarfs"
-	mkdir -p "${PREFIX}/${UVM_TOOLS_PATH_OSB}/image-builder"
 	mkdir -p "${PREFIX}/${UVM_TOOLS_PATH_OSB}/igvm-builder/azure-linux"
-else
-	mkdir -p "${PREFIX}/${UVM_TOOLS_PATH_OSB}/initrd-builder"
 fi
 
 echo "Installing UVM build scripting"
@@ -42,6 +40,7 @@ cp -a --backup=numbered tools/osbuilder/scripts/lib.sh "${PREFIX}/${UVM_TOOLS_PA
 cp -a --backup=numbered tools/osbuilder/rootfs-builder/rootfs.sh "${PREFIX}/${UVM_TOOLS_PATH_OSB}/rootfs-builder/"
 cp -a --backup=numbered tools/osbuilder/rootfs-builder/cbl-mariner/config.sh "${PREFIX}/${UVM_TOOLS_PATH_OSB}/rootfs-builder/cbl-mariner/"
 cp -a --backup=numbered tools/osbuilder/rootfs-builder/cbl-mariner/rootfs_lib.sh "${PREFIX}/${UVM_TOOLS_PATH_OSB}/rootfs-builder/cbl-mariner/"
+cp -a --backup=numbered tools/osbuilder/image-builder/image_builder.sh "${PREFIX}/${UVM_TOOLS_PATH_OSB}/image-builder/"
 cp -a --backup=numbered tools/osbuilder/node-builder/azure-linux/Makefile "${PREFIX}/${UVM_TOOLS_PATH_OSB}/node-builder/azure-linux/"
 cp -a --backup=numbered tools/osbuilder/node-builder/azure-linux/clean.sh "${PREFIX}/${UVM_TOOLS_PATH_OSB}/node-builder/azure-linux/"
 cp -a --backup=numbered tools/osbuilder/node-builder/azure-linux/common.sh "${PREFIX}/${UVM_TOOLS_PATH_OSB}/node-builder/azure-linux/"
@@ -57,12 +56,9 @@ if [ "${CONF_PODS}" == "yes" ]; then
 	cp -a --backup=numbered src/kata-opa/allow-set-policy.rego "${PREFIX}/${UVM_TOOLS_PATH_SRC}/kata-opa/"
 	cp -a --backup=numbered src/tarfs/Makefile "${PREFIX}/${UVM_TOOLS_PATH_SRC}/tarfs/"
 	cp -a --backup=numbered src/tarfs/tarfs.c "${PREFIX}/${UVM_TOOLS_PATH_SRC}/tarfs/"
-	cp -a --backup=numbered tools/osbuilder/image-builder/image_builder.sh "${PREFIX}/${UVM_TOOLS_PATH_OSB}/image-builder/"
 	cp -a --backup=numbered tools/osbuilder/igvm-builder/igvm_builder.sh "${PREFIX}/${UVM_TOOLS_PATH_OSB}/igvm-builder/"
 	cp -a --backup=numbered tools/osbuilder/igvm-builder/azure-linux/config.sh "${PREFIX}/${UVM_TOOLS_PATH_OSB}/igvm-builder/azure-linux/"
 	cp -a --backup=numbered tools/osbuilder/igvm-builder/azure-linux/igvm_lib.sh "${PREFIX}/${UVM_TOOLS_PATH_OSB}/igvm-builder/azure-linux/"
-else
-	cp -a --backup=numbered tools/osbuilder/initrd-builder/initrd_builder.sh "${PREFIX}/${UVM_TOOLS_PATH_OSB}/initrd-builder/"
 fi
 
 popd
diff --git a/tools/osbuilder/node-builder/azure-linux/uvm_build.sh b/tools/osbuilder/node-builder/azure-linux/uvm_build.sh
@@ -65,9 +65,9 @@ if [ "${CONF_PODS}" == "yes" ]; then
 	sudo make igvm DISTRO=cbl-mariner IGVM_SVN=${IGVM_SVN}
 	popd
 else
-	echo "Creating initrd based on rootfs"
+	echo "Building image based on rootfs"
 	pushd tools/osbuilder
-	sudo -E PATH=$PATH make DISTRO=cbl-mariner TARGET_ROOTFS=${ROOTFS_PATH} initrd
+	sudo -E PATH=$PATH make DISTRO=cbl-mariner image
 	popd
 fi
 

diff --git a/tools/osbuilder/node-builder/azure-linux/uvm_install.sh b/tools/osbuilder/node-builder/azure-linux/uvm_install.sh
@@ -27,14 +27,14 @@ mkdir -p "${UVM_PATH}"
 
 echo "Installing UVM files to target directory"
 if [ "${CONF_PODS}" == "yes" ]; then
-	cp -a --backup=numbered "${IMG_FILE_NAME}" "${UVM_PATH}"
 	cp -a --backup=numbered "${IGVM_FILE_NAME}" "${UVM_PATH}"
 	cp -a --backup=numbered "${IGVM_DBG_FILE_NAME}" "${UVM_PATH}"
 	cp -a --backup=numbered "${UVM_MEASUREMENT_FILE_NAME}" "${UVM_PATH}"
 	cp -a --backup=numbered "${UVM_DBG_MEASUREMENT_FILE_NAME}" "${UVM_PATH}"
-else
-	cp -a --backup=numbered "${INITRD_FILE_NAME}" "${UVM_PATH}"
 fi
+
+cp -a --backup=numbered "${IMG_FILE_NAME}" "${UVM_PATH}"
+
 popd
 
 popd