Thursday, 2018-05-03

« Wednesday, 2018-05-02 Index Friday, 2018-05-04 »
*** zerocoolback has joined #kata-dev00:13
*** zerocoolback has quit IRC00:32
*** eocardon has quit IRC01:09
*** fuentess has quit IRC01:10
*** mylinux_ has joined #kata-dev01:11
*** mylinux_ has quit IRC01:15
*** fuentess1 has quit IRC01:42
*** mylinux has joined #kata-dev01:46
*** mylinux has quit IRC01:48
*** mylinux_ has joined #kata-dev01:54
*** mylinux has joined #kata-dev02:24
*** mylinux_ has quit IRC02:28
*** zerocoolback has joined #kata-dev03:00
*** mylinux has quit IRC03:03
*** zerocoolback has quit IRC03:18
*** zerocoolback has joined #kata-dev03:18
*** zerocoolback has joined #kata-dev03:19
*** zerocoolback has quit IRC03:19
*** zerocoolback has joined #kata-dev03:19
*** zerocoolback has joined #kata-dev03:20
*** zerocoolback has joined #kata-dev03:21
*** zerocoolback has quit IRC03:21
*** eernst has joined #kata-dev03:34
*** mylinux has joined #kata-dev03:36
*** mylinux has quit IRC03:40
*** eernst has quit IRC03:52
*** eernst has joined #kata-dev03:57
*** sjas_ has joined #kata-dev04:10
*** sjas has quit IRC04:14
*** eernst has quit IRC04:20
*** pabelanger has quit IRC04:31
*** pabelanger has joined #kata-dev04:32
*** mylinux has joined #kata-dev05:36
*** mylinux has quit IRC05:41
*** mylinux has joined #kata-dev07:06
*** mylinux has quit IRC07:11
*** zerocoolback has joined #kata-dev07:27
*** sameo has joined #kata-dev07:40
*** zerocoolback has quit IRC07:49
*** zerocoolback has joined #kata-dev07:49
*** zerocoolback has quit IRC07:50
*** zerocoolback has joined #kata-dev07:50
*** zerocoolback has quit IRC07:50
*** zerocoolback has joined #kata-dev07:51
*** sameo has quit IRC07:51
*** zerocoolback has quit IRC07:51
*** zerocoolback has joined #kata-dev07:52
*** zerocoolback has quit IRC07:52
*** zerocoolback has joined #kata-dev07:52
*** zerocoolback has quit IRC07:53
*** davidgiluk has joined #kata-dev07:56
*** gwhaley has joined #kata-dev08:00
*** gwhaley1 has joined #kata-dev08:09
*** gwhaley has quit IRC08:09
*** mylinux has joined #kata-dev09:07
*** mylinux has quit IRC09:12
*** yingjun has joined #kata-dev09:16
*** yingjun has quit IRC09:44
*** gwhaley1 has quit IRC10:58
*** sjas_ is now known as sjas11:02
*** mylinux has joined #kata-dev11:08
*** mylinux has quit IRC11:12
*** zerocoolback has joined #kata-dev11:53
*** zerocoolback has quit IRC12:22
*** gwhaley has joined #kata-dev12:25
*** devimc has joined #kata-dev12:32
*** fuentess has joined #kata-dev12:55
*** devimc has quit IRC12:57
*** devimc has joined #kata-dev13:39
*** mylinux has joined #kata-dev13:52
*** eernst has joined #kata-dev14:07
*** devimc has quit IRC14:10
*** devimc has joined #kata-dev14:17
*** pabelanger has quit IRC14:35
*** pabelanger has joined #kata-dev14:35
*** gabyc_ has joined #kata-dev14:42
*** devimc has quit IRC15:56
*** gabyc_ has quit IRC15:59
*** gabyc_ has joined #kata-dev16:02
*** mcastelino has joined #kata-dev16:04
*** gabyc_ has quit IRC17:06
*** gabyc_ has joined #kata-dev17:09
*** gabyc_1 has joined #kata-dev17:10
*** gabyc_ has quit IRC17:10
*** devimc has joined #kata-dev17:10
*** gwhaley has quit IRC17:56
*** mylinux has quit IRC18:11
*** mylinux has joined #kata-dev18:11
*** mylinux has quit IRC18:12
*** mylinux has joined #kata-dev18:12
*** mylinux has quit IRC18:23
*** mylinux has joined #kata-dev18:32
kata-dev-irc-bot<raravena80> fwiw, lots of issues with gVisor. I couldn't even get a hello world running on an AWS instance running Ubuntu 16.04. https://github.com/google/gvisor/issues/24  Lots of other issues reported in the last 24 hours too.18:48
stefanhaI saw quotes from Kata folks on the gVisor announcement.  Have any details of Kata + gVisor integration been announced?18:58
kata-dev-irc-bot<sebastien.boeuf> nothing in scope for now18:58
stefanhagVisor as it is pretty much replaces Kata as OCI runtime, but maybe a new "hypervisor" driver could be added to Kata?18:58
stefanhaThen gVisor would be a hypervisor option for Kata18:59
kata-dev-irc-bot<sebastien.boeuf> yes, but the first step would be to evaluate the stability/reliability of gVisor18:59
stefanhaI'm interested in performance results, the gVisor website is quite shy about that and it sounds like it might not be so good (the UML and ptrace references especially!).18:59
stefanhaIn KVM mode it should be quite fast but I'm not sure about the I/O proxying that gVisor does.19:00
stefanhaMaybe some (many?) of the syscalls can be handled in guest mode, but vmexit is expensive.19:01
kata-dev-irc-bot<sebastien.boeuf> not sure I understand how passing some devices would fit here, and I don't even think it is actually supported19:02
davidgilukstefanha: No, it's not obvious how the syscall-thing corresponds to their kvm-thing19:04
stefanhaIIUC the idea is to handle the syscalls inside the guest and then have a minimal paravirtualized interface to the host.19:04
stefanhaThere is a 9P proxy for file system access.19:04
stefanhaSo I think the file are still on the host - similar to virtio-9p in Kata19:04
stefanhaI think they do some /proc emulation inside the guest though19:05
kata-dev-irc-bot<eric.ernst> Yeah, it'll be interesting to learn more.19:06
kata-dev-irc-bot<raravena80> a lot of us went to the gVisor talk at KubeCon, slides are here: https://schd.ws/hosted_files/kccnceu18/47/Container%20Isolation%20at%20Scale.pdf  from 15 onwards19:07
kata-dev-irc-bot<eric.ernst> And as mentioned a bit yesterday, good to be able to leverage each other on tackling similar problems in this space (9p, ecosystem embracement of non-namespace based runtimes, etc)19:07
stefanhasebastian.boef: which type of devices are you thinking of?19:08
kata-dev-irc-bot<raravena80> they have a thing called Gofer that does 9p19:09
kata-dev-irc-bot<raravena80> mostly here looks like https://github.com/google/gvisor/tree/797cda301677abc8523d5a2a8d731312cc43bce4/pkg/sentry/fs/gofer19:11
kata-dev-irc-bot<sebastien.boeuf> stefanha: any PCI device that we pass inside the VM with Kata using virtio. How does this apply in gVisor context ?19:12
stefanha"Save/Restore is a first-class citizen" <-- I didn't catch that before!  Maybe people will use it just to get checkpoint/restore :)19:13
stefanhasebastien.boeuf: For applications like DPDK that want PCI passthrough (userspace drivers), gVisor would need to have a VFIO interface.19:14
stefanhasebastien.boeuf: For arbitrary devices (e.g. a graphics card) where the application expects to access /dev/* it won't work.19:14
stefanhaI doubt gofer is meant for that.  Forwarding ioctls is a nightmare (because they are per-driver and a huge attack surface).19:15
stefanhaI'm curious now how they implement mmap and page cache.19:15
kata-dev-irc-bot<sebastien.boeuf> thx for the explanation19:15
stefanhaFinally sound the kernel :) https://github.com/google/gvisor/blob/master/pkg/sentry/syscalls/linux/sys_mmap.go19:22
*** gabyc_1 has quit IRC19:30
*** davidgiluk has quit IRC19:31
*** gabyc_ has joined #kata-dev19:31
*** gabyc_ has quit IRC19:36
*** eernst has quit IRC20:36
*** eernst has joined #kata-dev20:36
*** devimc has quit IRC20:47
*** eernst has quit IRC22:11
*** eernst has joined #kata-dev22:16
*** mylinux has quit IRC23:15
*** mylinux has joined #kata-dev23:43
*** eernst has quit IRC23:47
« Wednesday, 2018-05-02 Index Friday, 2018-05-04 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!