Giter Site home page Giter Site logo

cloudkernels / firecracker Goto Github PK

View Code? Open in Web Editor NEW

This project forked from firecracker-microvm/firecracker

2.0 2.0 2.0 19.08 MB

Secure and fast microVMs for serverless computing.

Home Page: http://firecracker-microvm.io

License: Apache License 2.0

Rust 81.77% Python 16.79% C 0.42% Shell 1.03%

firecracker's People

Contributors

acatangiu avatar aghecenco avatar alexandruag avatar alexandrucihodaru avatar alexbranciog avatar alindima avatar andreeaflorescu avatar blitz avatar damienstanton avatar dhrgit avatar dianpopa avatar fristonio avatar georgepisaltu avatar ioanachirca avatar ionitb avatar jiangliu avatar karthiknedunchezhiyan avatar kzys avatar lauralt avatar luminitavoicu avatar mswilson avatar raduiliescu avatar raduweiss avatar rn avatar sandreim avatar shioyama18 avatar tamionv avatar tim-deegan-aws avatar tnotw avatar xiekeyang avatar

Stargazers

avatar avatar

Watchers

avatar

Forkers

abducktnet demetresalx

firecracker's Issues

Code organization

For building the crypto backend-driver we created several functions for handling DescriptorChains which could probably go in the DescriptorChain implementation itself.

Needless (?) data copying in the back-end virtio-crypto driver

When receiving a request at the back-end virtio-crypto driver we copy the guest buffers in firecracker memory and then pass that memory to the host cryptodev driver.

We should investigate if there is a way to pass the guest memory directly to the host driver and avoid the intermediate copy. In this case, we should be careful, since in some cases the front-end is passing us vlf buffers in multiple segments. In these cases we can't avoid copying.

Automate building for aarch64

Currently, we automatically build a firecracker binary for every pull request. We want to do the same for aarch64.

The building of Firecracker already uses docker containers for building. Upstream Firecracker already includes Dockerfile for both architectures, which have been changed to include the vAccelRT as a dependency.

For the case of x86_64 we have created our own image, and we changed the script used to build the Firecracker.

What we need to do:

  • Automate the construction of the docker container images for x86_64 & aarch64. This will require actions for changes in the Dockerfiles only. This needs to be done for both x86_64 & aarch64.
  • Automate the building and publishing of artifacts for every Pull Request against our supported versions (at the moment vaccel-v0.23) for both architectures. At the moment, we do it only for x86_64.

Try vaccel front-end driver

At the moment, we implement the back-end virtio-crypto driver as described in the specs.

Ultimately, what we want is to try out the vaccel-virtio implementation. vaccel-virtio is based on virtio-crypto, so our back-end driver should, at least, be able to keep the same structure for virtqueues.

What changes is the actual requests we will receive from the front-end how these will be parsed and forwarded to the vaccel runtime

crypto ioctls fail due to seccomp filters

At the moment, we need to disable seccomp filtering when using a host crypto device. If not, ioctls run on that device crash the VM.

The proper solution is to white list the particular ioctls to the cryptodev device.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.