scripts for kernel dev with KVM

Signed-off-by: Kornilios Kourtis <[email protected]>

Author: kkourt

README.md

@@ -0,0 +1,87 @@
+
+First, we can edit the `conf` file for the various env variables.
+
+# Images
+
+Next, we need to build the root fs:
+
+```
+$ ./scripts/mkroot.sh
+```
+
+
+After that, we install `kubeadm`:
+```
+$ ./scripts/mkkubeadm.sh
+```
+
+Next, build the images for the two vms:
+```
+./scripts/mkkvm.sh 0
+./scripts/mkkvm.sh 1
+```
+
+# Networking
+
+(Proper scripts to be added)
+
+There are multiple ways to setup networking. I opted for using a bridge device,
+and attach a NIC for all VMs there. (to be automated)
+
+```
+# sudo ip link add kvm-br type bridge
+# sudo ip addr add 10.33.33.100/24 dev kvm-br
+```
+
+And then, masquarade traffic from the VMs to the outside world
+
+```
+# sudo sh -c 'echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables'
+# sudo modprobe br_netfilter
+# sudo sysctl -w net.ipv4.ip_forward=1
+# sudo iptables -t nat -A POSTROUTING  -o enxa0cec8e6e64c  -j MASQUERADE
+# sudo iptables -A FORWARD -i enxa0cec8e6e64c -o kvm-br -m state --state RELATED,ESTABLISHED -j ACCEPT
+# sudo iptables -A FORWARD -i  kvm-br -o enxa0cec8e6e64c -j ACCEPT
+```
+
+I use a simple `dnsmasq.conf`:
+
+```
+interface=kvm-br
+port=0 # no dns
+
+dhcp-option=option:router,10.33.33.100
+dhcp-option=option:dns-server,8.8.8.8
+
+dhcp-range=10.33.33.0,static
+dhcp-host=52:54:00:12:34:01,kvm1,10.33.33.1
+dhcp-host=52:54:00:12:34:02,kvm2,10.33.33.2
+
+```
+
+That I  run in debug mode:
+```
+sudo dnsmasq --conf-file=dnsmasq.conf -d
+```
+
+# Kernel image
+
+The kernel image is expected to be in `KERNEL_SOURCE` in `conf`. Run
+`./scripts/installmods.sh` to install modules.
+
+
+# start vms
+
+```
+./scripts/runkvm 0
+```
+
+```
+./scripts/runkvm 1
+```
+
+
+# Notes
+
+`0` and `1` in `runkvm` and `mkkvm` scripts are used as indices to respective
+bash arrays.

conf

@@ -0,0 +1,17 @@
+
+NBDDEV="/dev/nbd0"
+
+ROOTIMG="./images/rootfs.qcow2"
+ROOTDIR="./rootfs"
+PACKAGES=("less" "vim" "sudo" "openssh-server" "python3" "docker.io" "curl")
+
+KUBEADMIMG="./images/kubeadmfs.qcow2"
+KUBEADMDIR="./kubeadmfs"
+
+BRIDGE_IFACE="kvm-br"
+VM_IMAGES=("./images/kvm1.qcow2" "./images/kvm2.qcow2")
+VM_NAMES=("kvm1" "kvm2")
+VM_DIRS=("kvm1fs" "kvm2fs")
+VM_NICS_MACS=("52:54:00:12:34:01" "52:54:00:12:34:02")
+
+KERNEL_SOURCE=/usr/src/linux.kvm

dnsmasq.conf

@@ -0,0 +1,15 @@
+# only listen to the specified interface to avoid conflicts
+interface=kvm-br
+bind-interfaces
+#port=5353 # custom port not needed
+no-daemon
+
+dhcp-option=option:router,10.33.33.100
+dhcp-option=option:dns-server,10.33.33.100
+
+dhcp-range=10.33.33.0,static
+dhcp-host=52:54:00:12:34:01,kvm1,10.33.33.1,infinite
+dhcp-host=52:54:00:12:34:02,kvm2,10.33.33.2,infinite
+
+address=/kvm1/10.33.33.1
+address=/kvm2/10.33.33.2

scripts/installmods.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+# vim:noexpandtab
+
+set -eu -o pipefail
+set -x
+
+CONF_DIR="$(realpath $(dirname "${BASH_SOURCE[0]}")/..)"
+source $CONF_DIR/conf
+
+sudo make -C $KERNEL_SOURCE INSTALL_MOD_PATH=$CONF_DIR/modules modules_install

scripts/mkkubeadm.sh

@@ -0,0 +1,67 @@
+#!/bin/bash
+# vim:noexpandtab
+
+set -eu -o pipefail
+set -x
+
+CONF_DIR="$(realpath $(dirname "${BASH_SOURCE[0]}")/..)"
+source $CONF_DIR/conf
+
+mkkubeadm() {
+	if [ -f "$KUBEADMIMG" ]; then
+		set +x
+		echo "file $KUBEADMIMG already exists. Bailing out"
+		exit 1
+	fi
+
+	sudo modprobe nbd
+	mkdir -p $KUBEADMDIR
+    sudo qemu-img create -f qcow2 -b $(basename $ROOTIMG) $KUBEADMIMG
+	sudo qemu-nbd -d $NBDDEV
+	sudo qemu-nbd -c $NBDDEV $KUBEADMIMG
+	sudo mount $NBDDEV $KUBEADMDIR
+}
+
+xinstall() {
+	sudo chroot $KUBEADMDIR sh <<- ENDCHROOT
+		set -e
+		set -x
+
+		cat <<-EOF | sudo tee /etc/sysctl.d/k8s.conf
+			net.bridge.bridge-nf-call-ip6tables = 1
+			net.bridge.bridge-nf-call-iptables = 1
+			net.ipv4.ip_forward = 1
+		EOF
+		sudo sysctl --system
+
+		sudo apt-get update && sudo apt-get install -y apt-transport-https curl gnupg
+		curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
+		cat <<-EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list
+			deb https://apt.kubernetes.io/ kubernetes-xenial main
+		EOF
+		sudo apt-get update
+
+		sudo apt-get install -y docker.io
+
+		sudo apt-get install -y kubelet kubeadm kubectl
+		sudo apt-mark hold kubelet kubeadm kubectl
+
+		#sudo systemctl enable docker.service
+		#sudo systemctl daemon-reload
+		#sudo systemctl restart kubelet
+	ENDCHROOT
+}
+
+cleanup() {
+	sudo umount $KUBEADMDIR
+	sudo qemu-nbd -d $NBDDEV
+}
+
+if [ -f $KUBEADMIMG ]; then
+	echo "file $KUBEADMIMG already exists: bailing out"
+	exit 1
+fi
+
+mkkubeadm
+xinstall
+cleanup

scripts/mkkvm.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+# vim:noexpandtab
+
+set -eu -o pipefail
+set -x
+
+CONF_DIR="$(realpath $(dirname "${BASH_SOURCE[0]}")/..)"
+source $CONF_DIR/conf
+
+mkkvm() {
+	local kvmimage=${VM_IMAGES[$1]}
+	local kvmdir=${VM_DIRS[$1]}
+
+	if [ -f "$kvmimage" ]; then
+		set +x
+		echo "file $kvmimage already exists. Bailing out"
+		exit 1
+	fi
+
+	sudo modprobe nbd
+	mkdir -p $kvmdir
+    #sudo qemu-img create -f qcow2 -b $(basename $KUBEADMIMG) $kvmimage
+	cp $KUBEADMIMG $kvmimage
+	sudo qemu-nbd -d $NBDDEV
+	sudo qemu-nbd -c $NBDDEV $kvmimage
+	sudo mount $NBDDEV $kvmdir
+}
+
+cleanup() {
+	local kvmdir=${VM_DIRS[$1]}
+	sync
+	sudo umount $kvmdir
+	sudo qemu-nbd -d $NBDDEV
+}
+
+xconfig() {
+	local xname=${VM_NAMES[$1]}
+	local kvmdir=${VM_DIRS[$1]}
+	sudo sh -c "echo $xname > $kvmdir/etc/hostname"
+}
+
+main() {
+	mkkvm $1
+	xconfig $1
+	cleanup $1
+}
+
+
+main $1

scripts/mkroot.sh

@@ -0,0 +1,88 @@
+#!/bin/bash
+# vim:noexpandtab
+
+set -eu -o pipefail
+set -x
+
+CONF_DIR="$(realpath $(dirname "${BASH_SOURCE[0]}")/..)"
+source $CONF_DIR/conf
+
+function mkimage() {
+	if [ -f "$ROOTIMG" ]; then
+		set +x
+		echo "file $ROOTIMG already exists. Bailing out"
+		exit 1
+	fi
+
+	sudo modprobe nbd
+	mkdir -p $ROOTDIR
+	mkdir -p $(dirname $ROOTIMG)
+	sudo qemu-img create -f qcow2 $ROOTIMG 8G
+	sudo qemu-nbd -d $NBDDEV
+	sudo qemu-nbd -c $NBDDEV $ROOTIMG
+	sudo mkfs.ext4 $NBDDEV
+	sudo mount $NBDDEV $ROOTDIR
+	sudo debootstrap --include=$(IFS=, ; echo "${PACKAGES[*]}")  sid $ROOTDIR
+}
+
+function mntimage() {
+	sudo modprobe nbd
+	mkdir -p $ROOTDIR
+	sudo qemu-nbd -d $NBDDEV
+	sudo qemu-nbd -c $NBDDEV $ROOTIMG
+	sudo mount $NBDDEV $ROOTDIR
+}
+
+function chrootconfig() {
+	sudo chroot $ROOTDIR sh <<- ENDCHROOT
+		apt-get update
+		apt-get upgrade
+		passwd -d root
+		update-alternatives --set iptables /usr/sbin/iptables-legacy
+	ENDCHROOT
+}
+
+function miscconfig() {
+
+	cat <<- ENDSSHDCONFIG | sudo tee -a  $ROOTDIR/etc/ssh/sshd_config
+	PermitRootLogin yes
+	ENDSSHDCONFIG
+
+	sudo mkdir $ROOTDIR/root/.ssh
+	cat ~/.ssh/id_rsa.pub | sudo tee -a $ROOTDIR/root/.ssh/authorized_keys
+
+	cat <<- ENDBASHRC | sudo tee -a  $ROOTDIR/root/.bashrc
+		alias k='kubectl'
+		alias ks='kubectl -n kube-system'
+		alias kslogs='kubectl -n kube-system logs -l k8s-app=cilium --tail=-1'
+		cilium_pod() {
+		    kubectl -n kube-system get pods -l k8s-app=cilium -o jsonpath="{.items[?(@.spec.nodeName == \"\$1\")].metadata.name}"
+		}
+	ENDBASHRC
+
+	cat <<- ENDFSTAB | sudo tee -a  $ROOTDIR/etc/fstab
+		modules  /lib/modules   9p  trans=virtio,ro 0   0
+	ENDFSTAB
+
+	cat <<- ENDIFACES | sudo tee -a $ROOTDIR/etc/network/interfaces
+		auto enp0s4
+		iface enp0s4 inet dhcp
+		auto enp0s3
+		iface enp0s3 inet dhcp
+	ENDIFACES
+}
+
+cleanup() {
+	sudo umount $ROOTDIR
+	sudo qemu-nbd -d $NBDDEV
+}
+
+if [ -f $ROOTIMG ]; then
+	echo "file $ROOTIMG already exists: bailing out"
+	exit 1
+fi
+
+mkimage
+chrootconfig
+miscconfig
+cleanup

scripts/runkvm.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+# vim:noexpandtab
+
+set -eu -o pipefail
+set -x
+
+CONF_DIR="$(realpath $(dirname "${BASH_SOURCE[0]}")/..)"
+source $CONF_DIR/conf
+
+kvm() {
+	local image=${VM_IMAGES[$1]}
+	local netdev_mac=${VM_NICS_MACS[$1]}
+	local netdev="e1000"
+	#local netdev="virtio-net"
+
+	declare -a qemu_opts=("-enable-kvm" "-m" "2G" "-smp" "2")
+	qemu_opts+=("-kernel" "$KERNEL_SOURCE/arch/x86/boot/bzImage")
+	qemu_opts+=("-append" "root=/dev/vda rw console=hvc0")
+	qemu_opts+=("-drive" "file=$image,media=disk,if=virtio")
+	qemu_opts+=("-chardev" "stdio,id=stdio,mux=on,signal=off")
+	qemu_opts+=("-device" "virtio-serial-pci")
+	qemu_opts+=("-device" "virtconsole,chardev=stdio")
+	qemu_opts+=("-mon" "chardev=stdio")
+	qemu_opts+=("-display" "none")
+	qemu_opts+=("-netdev" "bridge,br=${BRIDGE_IFACE},id=n0" "-device" "$netdev,netdev=n0,mac=$netdev_mac")
+	##qemu_opts+=("-net user,hostfwd=tcp:127.0.0.1:5001-:22")
+	qemu_opts+=("-fsdev" "local,id=fs1,path=/home,security_model=none")
+	qemu_opts+=("-device" "virtio-9p-pci,fsdev=fs1,mount_tag=home")
+	qemu_opts+=("-fsdev" "local,id=fs2,path=$CONF_DIR/modules/lib/modules,security_model=none")
+	qemu_opts+=("-device" "virtio-9p-pci,fsdev=fs2,mount_tag=modules")
+
+	sudo qemu-system-x86_64 "${qemu_opts[@]}"
+}
+
+kvm $1