Skip to content

Instantly share code, notes, and snippets.

View egernst's full-sized avatar

Eric Ernst egernst

88 followers · 9 following
View GitHub Profile
@egernst
egernst / measure.sh
Last active September 25, 2018 16:26
debug script for measuring some perf stats ..
#!/bin/bash
idx=0;
iterations=$2
sleeptime=$1
# If we're in L1, let's measure vhost/qemu specifically
nestedlevel=$3
echo "Nested Level: L$3"
if [ $nestedlevel == 1 ]
@egernst
egernst / kata-fc.md
Last active October 28, 2025 14:50
Getting Started with Kata with Firecracker

Kata Containers with Firecracker hypervisor

The 1.5.0-rc2 release of Kata Containers introduced support for the Firecracker hypervisor. While we do not yet have packages available for Firecracker, we do have the built binary included as part of our release tarball. A Firecracker specific tarball was created which includes all of the configurations and binaries required for running Kata+Firecracker.

This is a quick guide to show how to quickly start playing with Kata + Firecracker in docker. This is the initial introduction, and we have plenty of work around optimizations, but I expect users to be able to use block based volumes (up to 7 per container right now) as well as multiple network interfaces with these containers.

I plan to update kata-deploy's container image to allow users a quick daemonset for installing and configuring Kata (with both QEMU and Firecracker) in a Kubernetes cluster which utilizes containerd and/o

@egernst
egernst / quic
Last active January 2, 2019 19:47
v2-shim kata quick start
sudo apt-get update
### INSTALL KATA
#QEMU KATA:
ARCH=$(arch)
sudo sh -c "echo 'deb http://download.opensuse.org/repositories/home:/katacontainers:/releases:/${ARCH}:/master/xUbuntu_$(lsb_release -rs)/ /' > /etc/apt/sources.list.d/kata-containers.list"
curl -sL http://download.opensuse.org/repositories/home:/katacontainers:/releases:/${ARCH}:/master/xUbuntu_$(lsb_release -rs)/Release.key | sudo apt-key add -
sudo -E apt-get update
sudo -E apt-get -y install kata-runtime kata-proxy kata-shim
@egernst
egernst / demo-magic-kata-fc-qemu-k8s
Last active January 5, 2019 06:43
demo-magic: kata+crio+k8s with FC and QEMU
#!/usr/bin/env bash
########################
# include the magic
########################
. ./demo-magic.sh
########################
# Configure the options
@egernst
egernst / configuration_fc.toml
Created January 9, 2019 23:51
kata + firecracker reference configuration
# Copyright (c) 2017-2018 Intel Corporation
#
# SPDX-License-Identifier: Apache-2.0
#
[hypervisor.firecracker]
path = "/opt/kata/bin/firecracker"
kernel = "/opt/kata/share/kata-containers/vmlinux.container"
image = "/opt/kata/share/kata-containers/kata-containers.img"
kernel_params = ""
@egernst
egernst / lvm-dm.md
Created March 7, 2019 00:09
lvm/dm gist

LVM / DM discussion

Performance results

ext4, thin-provisioning, LVM

BenchmarkLVM/run-88 1 4464814810 ns/op 37.58 MB/s BenchmarkLVM/prepare 1 2569627045 ns/op BenchmarkLVM/write 1 1887356260 ns/op

@egernst
egernst / ports.md
Last active March 11, 2019 23:06
port forward and tunneling fun

Reverse Tunneling, or "how can I access that machine that is behind another network?"

Let's say we have a few test machines sitting behind a workstation router

Assuming the 'router' will forward traffic out, we can facilitate SSH'ing 'directly' to a test machine beind the router by leveraging reverse tunneling:

ssh -f -N -R 19999:localhost:22 <username>@<users host>

where:

@egernst
egernst / kata_dind.md
Last active March 12, 2019 16:46
Docker in Docker with Kata

directions as provided from Atlassian developers

Create a custom kernel

Get the code

go get github.com/kata-containers/tests
cd $GOPATH/src/github.com/kata-containers/tests/.ci
@egernst
egernst / stateful.yaml
Created March 22, 2019 22:30
stateful set example
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: test-datastore
labels:
app: test
component: test-datastore
spec:
selector:
@egernst
egernst / two-pod.yaml
Created April 3, 2019 22:01
apiVersion: v1
kind: Pod
metadata:
name: two-containers-kata-guaranteed
spec:
runtimeClassName: kata
restartPolicy: Never
volumes:
- name: shared-data