Skip to content
This repository has been archived by the owner on May 12, 2021. It is now read-only.

Virtio network interfaces failed to be bound back to the driver #612

Closed
linxiulei opened this issue Aug 21, 2018 · 9 comments
Closed

Virtio network interfaces failed to be bound back to the driver #612

linxiulei opened this issue Aug 21, 2018 · 9 comments

Comments

@linxiulei
Copy link

Description of problem

In case of physical network interface, the driver would be virtio_net if using a vm as the host (nested virtualized). After the teardown of container, kata tried to bind interfaces back to virtio_net, but there was no path of /sys/bus/pci/drivers/virtio_net/ (actually it should be /sys/bus/virtio/drivers/virtio_net/). There are two ways fixing that:

  1. Whenever using a virtio_ driver, we try to use /sys/bus/pci/drivers/virtio-pci/{bind, unbind} to manipulate interfaces and drivers
  2. Whenever using a virtio_ driver, we try to replace bus type from pci to virtio, that is, /sys/bus/virtio/drivers/virtio_net/{bind, unbind}
@devimc
Copy link

devimc commented Aug 21, 2018

cc @sboeuf @amshinde @mcastelino @egernst

@mcastelino mcastelino mentioned this issue Aug 21, 2018
Closed
@amshinde
Copy link
Member

@linxiulei Yes, our assumption here was the device was a PCI device here. I can take a look at this. Is there a plugin I can use to test this end to end?

@linxiulei
Copy link
Author

@amshinde Sorry, it produced at our complex environment. I guess you could create a script which implements setting a virtio interface into container namespace as cni plugin and put the script to hook of oci spec. Good luck~

@linxiulei
Copy link
Author

@amshinde any progress? thanks

amshinde added a commit to amshinde/kata-runtime that referenced this issue Oct 23, 2018
@amshinde
vfio: Change the way the driver is fetched
31cf6fb 
Instead of using ethtool for getting the driver for network
devices, use sysfs instead. This is because in case of virtio
devices, ethtool returns virtio-net instead of virtio-pci for
virtio network devices. We need to bind/unbind from virtio-pci
driver in case of virtio-net devices.

Fixes kata-containers#612

Signed-off-by: Archana Shinde <[email protected]>
@amshinde amshinde mentioned this issue Oct 23, 2018
Merged
@amshinde
Copy link
Member

@linxiulei This fell off my radar, sorry for the delay. I think have a fix that should solve your issue : #851

I did test out binding and unbinding a virtio-net device in a VM with the above patch.
In case of virtio-net devices, turns out the device driver should be virtio-pci and not virtio-net.
Can you build using the above fix and let me know if it works out for you.

@linxiulei
Copy link
Author

@amshinde it worked, cheers

@amshinde
Copy link
Member

@linxiulei Great, glad that worked. We had mainly tested with PCI devices in the past, so I am curious about your use-case for using virtio devices with vfio. Do you mind sharing some details about your usage?

@linxiulei
Copy link
Author

@amshinde Sure, my use-case is pretty simple, in which I used Alibaba Cloud ECS virtual machine and setup k8s/kata-runtime within, therefore a cni plugin working with Alibaba Cloud ECS virtual network interface was deployed. As a result, a virtual network interface was set into network namespace when a pod was created and kata-runtime would consider it as a passthrough-able interface, unfortunnately I ran into this bug.

@amshinde
Copy link
Member

thanks @linxiulei
cc @mcastelino @egernst

zklei pushed a commit to zklei/runtime that referenced this issue Nov 22, 2018
@amshinde @zklei
vfio: Change the way the driver is fetched
63d186e 
Instead of using ethtool for getting the driver for network
devices, use sysfs instead. This is because in case of virtio
devices, ethtool returns virtio-net instead of virtio-pci for
virtio network devices. We need to bind/unbind from virtio-pci
driver in case of virtio-net devices.

Fixes kata-containers#612

Signed-off-by: Archana Shinde <[email protected]>
egernst pushed a commit to egernst/runtime that referenced this issue Feb 9, 2021
Merge pull request kata-containers#612 from marcov/rootfs
dafbf7a 
agent: make NoPivotRoot config depend on `/` fs type
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@linxiulei @amshinde @devimc