runwasi: Use youki to fully support OCI runtime spec in wasmedge#78
runwasi: Use youki to fully support OCI runtime spec in wasmedge#78cpuguy83 merged 10 commits intocontainerd:mainfrom
Conversation
|
Current Status. $ cargo test --no-run --message-format=json | jq -r "select(.profile.test == true) | .filenames[]" | while read -r bin; do;
sudo LD_LIBRARY_PATH=/home/utam0k/.wasmedge/lib "$bin"
done
[...]
running 3 tests
test instance::tests::test_maybe_open_stdio ... ok
test instance::wasitest::test_delete_after_create ... ok
test instance::wasitest::test_wasi ... ok
test result: ok. 3 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.14s |
ae4cd5c to
deb4bee
Compare
ipuustin
left a comment
There was a problem hiding this comment.
Looks cool! Couple of questions:
- You say this partially fixes #23 -- can you tell which parts will be missing?
- Does this cause any functional changes outside of the spec? I mean, does Youki use the three-process model now for running the VM? Is the namespace isolation the same?
I was preparing some seccomp support in https://github.com/ipuustin/runwasi/commits/seccomp. I'm thinking I'll probably pause that work until this PR merges and then add the unit tests and other potentially useful stuff on top of this PR.
| let vm = prepare_module(engine, &spec, stdin, stdout, stderr) | ||
| .map_err(|e| Error::Others(format!("error setting up module: {}", e)))?; | ||
|
|
||
| let cg = oci::get_cgroup(&spec)?; |
There was a problem hiding this comment.
Are the oci functions such as get_cgroup, setup_cgroup etc. used elsewhere, or can we drop them too?
There was a problem hiding this comment.
Since libcontainer supports set-up cgroup, I think don't need to take care of cgroup by runwasi.
|
👋 Hi, @ipuustin. Thanks for your comment. We need to support wasmtime after this PR.
Basically the same. Youki implements the oci-spec following runc's implementation, but more simply.
I agree with you. Sorry for the inconvenience.
|
|
@utam0k Awesome! Sorry I didn't respond earlier, I didn't really have the time to go deep into this issue. Thanks! |
Signed-off-by: utam0k <k0ma@utam0k.jp>
|
@rumpl PTAL |
Signed-off-by: utam0k <k0ma@utam0k.jp>
410e6d7 to
7edd970
Compare
|
I just tested this with docker and I have a new error: ➜ ~ docker run --runtime=io.containerd.wasmedge.v1 was
docker: Error response from daemon: failed to load spec: unknown.
ERRO[0000] error waiting for container: I'll try and find some time today to see if I can find the issue |
|
Same result here:
The last thing that is executed is the ContainerBuilder[...].build()?; when using docker. However, when running the same container with only containerd it is working. @utam0k, could it be something in the bundle causing that? |
|
Note: I did try to run the same image with docker and the wasmtime runtime and it worked |
|
Just spent some more time with this, is annoying that anyhow only shows the last error in the chain, the actual error I get is: |
|
@rumpl, You're right, bug hunting it's a bit cumbersome. Fortunately, the error you're mentioning was the last that blocks the container from running. Now I have at least a simple Wasm container running with moby. @utam0k, I don't know what implications the version change has for youki but when I disable the version check it is working for me. Shall we open an issue for youki to support |
Signed-off-by: utam0k <k0ma@utam0k.jp>
|
LGTM, I'm able to run a simple Wasm container with Moby v24.0.0-beta.1 on Ubuntu 22.10 x64. The log is looking similar to the old containerd-shim-wasmedge version: Well done! 🥳 I'll test it with different Kubernetes distributions on Tuesday, but when it is working with Docker there should not be a big problem. |
cpuguy83
left a comment
There was a problem hiding this comment.
LGTM
We can follow up with any necessary fixes.
|
@cpuguy83 Thanks for the hard PR review 🙇 |
|
Thanks for putting in all the effort! Great work. |
Partially Fix: #23 (After this PR, I'm planning to create a PR to address wasmtime.)
Remaining issues