Runcvm Versions Save

RunCVM (Run Container VM) is an experimental open-source Docker container runtime, for launching standard container workloads - as well as Systemd, Docker, even OpenWrt - in VMs using 'docker run`

v1.3.0

4 months ago

This release brings:

Improved support for cgroupfs and Systemd.
- Previously, a RunCVM VM image would be responsible for mounting cgroupfs filesystems. This is a good model for system images like those running systemd, but for non-systemd images it is more convenient if an appropriate cgroupfs is automatically mounted, so that for example dockerd can be run immediately.
- This release introduces automatic detection of the most suitable default cgroupfs behaviour for the image, and an environment variable RUNCVM_CGROUPFS which allows that default to be overridden.
More tolerant 'docker exec' during container+VM startup
- Rather than fail immediately on absence of dropbear sshd key or network parameters, docker exec now retries checking for these up to 30x every 0.5s, providing better results when RunCVM is used as a Dockside runtime
- In the event these prerequisites are not found immediately, an extra 2s delay is allowed before making the ssh connection to the VM, to allow time for the dropbear sshd to launch
/.dockerenv renamed on VM startup so that systemd-detect-virt does not return docker, allowing systemd to run units normally prevented from running in a container environment
New 'System workload' examples demonstrate running:
1. Ubuntu running Systemd and Docker with the Sysbox runtime
2. Ubuntu running Systemd and Docker with RunCVM runtime installed - running RunCVM in RunCVM, a nested RunCVM demo
3. OpenWrt
Document the process for testing RunCVM installation and/execution using nested RunCVM

Short log

2e9d7e6fb9eb4f3fdbca3fa504b7571de79f31df Document process for testing RunCVM within a RunCVM VM 8ceee8f1339b30fb9b40fcd8cd036505c8201860 Improve readability of system workload examples, link to Asciinema replays 42c60ba90cd5724d7fb87734a0d58290aa057a21 Improve 'Quick start' documentation clarity 9edb8b2c5d0684cc9aa40620bd7d6c3b4f6e3c7e Update README.md with Asciinema cast c1546b2c4d377b0b514fb701c0c2300da54a8ed7 Bugfix: make 'docker exec' more tolerant during container+VM startup a7296189599049d0fbb8ff2b264ef5aa24bb0edd Add README examples for two system loads cf4c3a6c6d5c30da7c33b06d7f8eaab41d77f3f6 Make 'docker exec' more tolerant during container+VM startup 946feab355fb99ba3e96a64edb730b3074a413c9 Suppress unneeded logging when mounting fstab filesystems (incl. any RUNCVM_DISKS) eb7b7a8276179c4f0bd268693611197dbde6babd Enable systemd startup logging by default (on systemd-enabled systems) 29eb7321a98af1f60e63832b13d1770b7ee364cc Suppress unneeded mke2fs logging a04673529221ad73d626a489e31bd2dc336ffca9 Rename /.dockerenv, improving systemd support 6377890ab206841742a54b2f4068106bcced54ae Add '--no-dockerd' option to installer to allow installation where dockerd is not present, e.g. via 'docker build' 99f0e91e94dde8f838cfeeaa1fa5686c7ea02d76 cgroupfs v1 and v2 support for better integration with Docker and Systemd a3477f07c2ab67c3ca04048c9e5da7422329986b Correctly add not just files but any subdirectories 6cb1e19f69daf10b01b6835665f76b799f8fb082 Support OpenWRT 53a334fdaf4af6297aae0bbad1a3c53f26ee5a6f Update README.md to explain RunCVM/Kata motivations

Full Changelog: https://github.com/newsnowlabs/runcvm/compare/v1.2.0...v1.3.0

v1.2.0

5 months ago

This release makes RunCVM 'reentrant'. In other words, an 'inner' RunCVM container/VM guest can now be launched by Docker running within an 'outer' RunCVM container/VM guest. No major tricks are needed to effect this, except that RunCVM code is now mounted and ran from a different location within the guest (/.runcvm/guest) than on the host (still /opt/runcvm), so that in the case where a guest is also a host, RunCVM can be safely freshly installed on the guest without interfering with the RunCVM code bind-mounted from its host.

This will allow testing RunCVM development releases within a RunCVM guest launched on a host using a production release.

This change is facilitated by upgrades to elf-patcher.sh to support creating fully relocatable ELF binaries (i.e. binaries where all paths to dynamic libraries are relative) designed to run natively within the guest, and using ld to run the same binaries when needed on the host.

This release also:

Adds RunCVM vs Kata comparison documentation to README (closing #9)
Fixes various issues including missing terminfo database, and several minor bugs
Upgrades alpine and debian kernels both to varients of Linux v6
Improves alpine boot speed by several seconds
Adds new integration tests and refactors existing tests
Refactors the qemu command line arguments to group related options together and make the arguments altogther much easier to parse by eye, replace serial console with virtconsole, and to explicitly configure VM CPU sockets == specified vCPUs (with --cpus)

Short log

dda9328befc7c12bcec5c1a0e96572879d15eefc Fix: correct integration test logging e80f2edeb2155f5f215c5e922b6f2c9f7b3bf4f3 Integration test resilience improvement 204e99f4d8fc5b2afbf8e3e31cb1cf8dd598a6a9 Fix footnote formatting 9233e97767df8c0d84fde7b7f96b391e704ee257 Fix: Run cleanup within each test so correct per-test resources get cleaned 891f82505e6c75139152d585b59adf73b7836c91 Fix: Call error-resistant cleanup on EXIT 5325da599c20f371c7fc3bb760f836d156296625 RunCVM vs Kata comparison documentation 1814043c6b884f0f827782d9ffc2a3952e36e4cf New integration test, testing docker run/exec env vars 0f0afadf97432e9687a3273c8143ec71cd224b51 New integration test, testing docker run/exec with -u and -w 74516722312f821653f0621beb87fa95aa26f58b Refactor out common logic from integration test into framework.sh 015c83ad31c6733a41dd314845d8c558270e0e5f Whitespace change: break out arguments to separate lines a2848e2bc56df034954736597b55d56c4bca1130 Fix: Never assign fallible expressions in local var declarations 3990691475afcdf400b2a60b498fca996038631a Install terminfo database for QEMU curses library 20d3ceaea568a7d166616158d81fa707b242525c Mount /opt/runcvm in-container to /.runcvm/guest 2a8b493c2be5fd061fb99e3260ad0fabb481bafc Add timestamp to runtime debug logs 89d2758bf22eed04351cfbf4f7189943d5d9b6dc elf-patcher.sh improvements for alternative architectures and relocatable binaries df143a76d042327af00134f69b3ec056c833cfe0 Refactored VM launch 38a1d0f008acac74e54b6a072ace3444cdc57f5b Tidy and identify experimental virtiofsd options b426140355a29e384765e1aea7b14afca7ec2d3c New test exit codes c880ac5a65c90e0feaaa011b2e45ebd2a2307c1a Bump Debian kernel version to Bookworm's 6.1.0 7fcc8545907aaeb93deb291352a791ac96781d75 Improve alpine kernel boot speed e395bf55c58bb30067fbd3fd90a310544febb4db Bump alpine build system and kernel to 3.18 e1bfcb2d838525f817099c37981aa09889c4c9af Fix memory allocated to Docker swarm nodes

v1.1.2

6 months ago

This release fixes several issues:

issue with Alpine-based images' /dev ownership and permissions (https://github.com/newsnowlabs/runcvm/issues/10)
issue with internal sshd used for 'docker exec' blocking use of port 22 (https://github.com/newsnowlabs/runcvm/issues/11)
inability to launch using a file-backed disk on the container's [overlay2] filesystem

It also substantially upgrades the Docker swarm integration test and adds experimental support for hugetlb-backed memory.

Short log

e1bfcb2d838525f817099c37981aa09889c4c9af Fix memory allocated to Docker swarm nodes a00d389e9c8459dd18a7be52f8a727f6a2dbf90d Update README d7bbc929b3ff598214c68b68a019508de706536a Update README.md quick start examples 0be5e0b71c5605107803ba41f4d17a386ba15c54 Update docs re /var/lib/docker disk backing files b27dea7afc311544660167b0db5a9d2137289a36 Fix Alpine /dev ownership and permissions d11559a72205be78a5a7b3fd2d0e7bbebd260252 Enable nodes' Docker's use of overlay2 storage driver, by default b84b1662d3f65a696b897e5f3305e8a8c7af7b6d Enable use of registry mirror REGISTRY_MIRROR d2ef1610cfe9861d6d335c5600f8acb403e09c6d Make internal sshd used for 'docker exec' listen on port 22222 0e90e5923b6c2cbffec7c5483dd6271f2b271c34 Create directory for disk backing file, if needed f482ef9028b71c985ebfd8a174b594ab339f295e Extend Docker swarm test to support Docker Ingress Routing Daemon 0dca2923f41a34e839b6d2c2fd594be6b4633dc0 New experimental --env=RUNCVM_HUGETLB=1 option

Full Changelog: https://github.com/newsnowlabs/runcvm/compare/v1.1.1...v1.1.2

v1.1.1

7 months ago

This release addresses a significant shortcoming of the initial release, namely support for containers connected to multiple networks, including overlay networks and those with multiple subnets.

The improved networking logic also provides support for docker networks with custom MTUs, and the docker swarm integration test has been thoroughly updated and refactored to test custom MTUs in a Docker ingress network.

a3ef555 - Support for containers connected to multiple networks, including those with multiple subnets
f9fe1ab - Refactor docker swarm test and add support for modified MTU
0424996 - Refactor networking logic and add support for modified MTU

Additional improvements:

f7ec8ee - Disable IPv6 at kernel boot time
74c239f - Change QEMU monitor escape key from CTRL-A to CTRL-T

Fixes:

c5b9d37 - Output error message to stderr not stdout
fe5c86e - Fix ubuntu kernel build to use Ubuntu jammy
c92d916 - Bugfix substituting APPEND array to kernel command line

Full Changelog: https://github.com/newsnowlabs/runcvm/compare/v1.0.0...v1.1.1

v1.0.0

7 months ago

This is the initial stable release of RunCVM, released on 24 April 2023.