From 9152ff5a48762d6ac2f5927e54238766163d1fc3 Mon Sep 17 00:00:00 2001 From: Yash Date: Thu, 22 Jan 2026 14:57:07 +0530 Subject: [PATCH] feat(deployment): add urunc configuration file and update install script Signed-off-by: Yash --- deployment/urunc-deploy/Dockerfile | 1 + deployment/urunc-deploy/config.toml | 19 +++++ deployment/urunc-deploy/scripts/install.sh | 87 +++++++++++----------- docs/tutorials/How-to-urunc-on-k8s.md | 9 ++- 4 files changed, 68 insertions(+), 48 deletions(-) create mode 100644 deployment/urunc-deploy/config.toml diff --git a/deployment/urunc-deploy/Dockerfile b/deployment/urunc-deploy/Dockerfile index 19ccac03..64b83383 100644 --- a/deployment/urunc-deploy/Dockerfile +++ b/deployment/urunc-deploy/Dockerfile @@ -95,6 +95,7 @@ COPY --from=intermediate /urunc-artifacts /urunc-artifacts COPY --from=intermediate /usr/bin/jq /usr/bin/jq COPY --from=intermediate /usr/bin/kubectl /usr/bin/kubectl COPY scripts/install.sh /urunc-artifacts/scripts/install.sh +COPY config.toml /urunc-artifacts/config.toml RUN apk update && \ apk add --no-cache bash curl py3-pip && \ pip install --no-cache-dir --break-system-packages yq==3.2.3 && \ diff --git a/deployment/urunc-deploy/config.toml b/deployment/urunc-deploy/config.toml new file mode 100644 index 00000000..e054b141 --- /dev/null +++ b/deployment/urunc-deploy/config.toml @@ -0,0 +1,19 @@ +# urunc configuration file +# Installed by urunc-deploy + +[monitors.qemu] +path = "/opt/urunc/bin/qemu-system-x86_64" +data_path = "/opt/urunc/share" + +[monitors.firecracker] +path = "/opt/urunc/bin/firecracker" + +[monitors.hvt] +path = "/opt/urunc/bin/solo5-hvt" + +[monitors.spt] +path = "/opt/urunc/bin/solo5-spt" + +[extra_binaries.virtiofsd] +path = "/opt/urunc/libexec/virtiofsd" + diff --git a/deployment/urunc-deploy/scripts/install.sh b/deployment/urunc-deploy/scripts/install.sh index f7cb6f7e..2b451aa8 100644 --- a/deployment/urunc-deploy/scripts/install.sh +++ b/deployment/urunc-deploy/scripts/install.sh @@ -44,10 +44,13 @@ function install_artifact() { function install_artifacts() { echo "copying urunc artifacts onto host" - mkdir -p /host/usr/local/bin + local urunc_base_dir="/host/opt/urunc" + mkdir -p "${urunc_base_dir}/bin" + mkdir -p "${urunc_base_dir}/libexec" + mkdir -p "${urunc_base_dir}/share" - install_artifact /urunc-artifacts/urunc /host/usr/local/bin/urunc - install_artifact /urunc-artifacts/containerd-shim-urunc-v2 /host/usr/local/bin/containerd-shim-urunc-v2 + install_artifact /urunc-artifacts/urunc "${urunc_base_dir}/bin/urunc" + install_artifact /urunc-artifacts/containerd-shim-urunc-v2 "${urunc_base_dir}/bin/containerd-shim-urunc-v2" # install only the hypervisors found in the HYPERVISORS environment variable echo "Installing hypervisors: ${HYPERVISORS}" @@ -55,26 +58,22 @@ function install_artifacts() { case "$hypervisor" in qemu) echo "Installing qemu" - if which "qemu-system-$(uname -m)" >/dev/null 2>&1; then - echo "QEMU is already installed." - else - install_artifact /urunc-artifacts/hypervisors/qemu-system-$(uname -m) /host/usr/local/bin/qemu-system-$(uname -m) - install_artifact /urunc-artifacts/libexec/virtiofsd /host/usr/libexec/virtiofsd - mkdir -p /host/usr/local/share/qemu/ - cp -r /urunc-artifacts/opt/kata/share/kata-qemu/qemu /host/usr/local/share - fi + install_artifact /urunc-artifacts/hypervisors/qemu-system-$(uname -m) "${urunc_base_dir}/bin/qemu-system-$(uname -m)" + install_artifact /urunc-artifacts/libexec/virtiofsd "${urunc_base_dir}/libexec/virtiofsd" + mkdir -p "${urunc_base_dir}/share/qemu/" + cp -r /urunc-artifacts/opt/kata/share/kata-qemu/qemu "${urunc_base_dir}/share/" ;; firecracker) echo "Installing firecracker" - install_artifact /urunc-artifacts/hypervisors/firecracker /host/usr/local/bin/firecracker + install_artifact /urunc-artifacts/hypervisors/firecracker "${urunc_base_dir}/bin/firecracker" ;; solo5-spt) echo "Installing solo5-spt" - install_artifact /urunc-artifacts/hypervisors/solo5-spt /host/usr/local/bin/solo5-spt + install_artifact /urunc-artifacts/hypervisors/solo5-spt "${urunc_base_dir}/bin/solo5-spt" ;; solo5-hvt) echo "Installing solo5-hvt" - install_artifact /urunc-artifacts/hypervisors/solo5-hvt /host/usr/local/bin/solo5-hvt + install_artifact /urunc-artifacts/hypervisors/solo5-hvt "${urunc_base_dir}/bin/solo5-hvt" ;; *) echo "Unsupported hypervisor: $hypervisor" @@ -83,38 +82,35 @@ function install_artifacts() { done } +function install_urunc_config() { + echo "Installing urunc configuration file" + local urunc_config_dir="/host/etc/urunc" + local urunc_config_file="${urunc_config_dir}/config.toml" + local arch=$(uname -m) + + mkdir -p "${urunc_config_dir}" + + # Copy the static config file and replace architecture placeholder if needed + cp /urunc-artifacts/config.toml "${urunc_config_file}" + + # Replace architecture placeholder in qemu path (x86_64 -> actual arch) + if [ "${arch}" != "x86_64" ]; then + sed -i "s/qemu-system-x86_64/qemu-system-${arch}/g" "${urunc_config_file}" + fi + + echo "urunc configuration file installed at ${urunc_config_file}" +} + function remove_artifacts() { - rm -f /host/usr/local/bin/urunc - rm -f /host/usr/local/bin/containerd-shim-urunc-v2 - local hypervisors="${HYPERVISORS:-"firecracker qemu solo5-hvt solo5-spt"}" - for hypervisor in $hypervisors; do - case "$hypervisor" in - qemu) - if [ -e "/host/usr/local/bin/qemu-system-$(uname -m)" ]; then - rm -f "/host/usr/local/bin/qemu-system-$(uname -m)" - rm -rf /host/usr/local/share/qemu - fi - ;; - firecracker) - if [ -e "/host/usr/local/bin/firecracker" ]; then - rm -f "/host/usr/local/bin/firecracker" - fi - ;; - solo5-spt) - if [ -e "/host/usr/local/bin/solo5-spt" ]; then - rm -f "/host/usr/local/bin/solo5-spt" - fi - ;; - solo5-hvt) - if [ -e "/host/usr/local/bin/solo5-hvt" ]; then - rm -f "/host/usr/local/bin/solo5-hvt" - fi - ;; - *) - echo "Unsupported hypervisor: $hypervisor" - ;; - esac - done + local urunc_base_dir="/host/opt/urunc" + # Remove urunc base directory and all its contents + if [ -d "${urunc_base_dir}" ]; then + rm -rf "${urunc_base_dir}" + fi + # Also remove urunc configuration file + if [ -f "/host/etc/urunc/config.toml" ]; then + rm -f "/host/etc/urunc/config.toml" + fi } @@ -377,6 +373,7 @@ function main() { fi fi install_artifacts + install_urunc_config configure_cri_runtime "$runtime" kubectl label node "$NODE_NAME" --overwrite urunc.io/urunc-runtime=true echo "urunc-deploy completed successfully" diff --git a/docs/tutorials/How-to-urunc-on-k8s.md b/docs/tutorials/How-to-urunc-on-k8s.md index 12001dc6..7839982a 100644 --- a/docs/tutorials/How-to-urunc-on-k8s.md +++ b/docs/tutorials/How-to-urunc-on-k8s.md @@ -179,18 +179,21 @@ During installation, the following steps take place: - A RBAC role is created to allow `urunc-deploy` to run with privileged access. - The `urunc-deploy` Pod is deployed with privileges on the host, and the `containerd` configuration is mounted inside the Pod. - `urunc-deploy` performs the following tasks: - * Copies `urunc` and hypervisor binaries to the host under `usr/local/bin`. + * Copies `urunc` and hypervisor binaries to the host under `/opt/urunc/bin`. + * Installs `virtiofsd` to `/opt/urunc/libexec` and QEMU data files to `/opt/urunc/share`. + * Installs the urunc configuration file at `/etc/urunc/config.toml` with paths pointing to `/opt/urunc`. * Creates a backup of the current `containerd` configuration file. * Edits the `containerd` configuration file to add `urunc` as a supported runtime. * Restarts `containerd`, if necessary. * Labels the Node with label `urunc.io/urunc-runtime=true`. - Finally, `urunc` is added as a runtime class in k8s. -> Note: `urunc-deploy` will install a static version of QEMU in `/usr/local/bin/` along with the QEMU BIOS files in `/usr/local/share/`. Therefore, files with the same names under these directories will get overwritten. +> Note: `urunc-deploy` installs all artifacts under `/opt/urunc` to avoid overwriting existing system files. The urunc configuration file is installed as a static file that points to these locations. During cleanup, these changes are reverted: -- The `urunc` and hypervisor binaries are deleted. +- The `/opt/urunc` directory and all its contents are removed. +- The urunc configuration file at `/etc/urunc/config.toml` is removed. - The `containerd` configuration file is restored to the pre-`urunc-deploy` state. - The `urunc.io/urunc-runtime=true` label is removed from the Node. - The RBAC role, the `urunc-deploy` Pod and the runtime class are removed.