Skip to content

Instantly share code, notes, and snippets.

View egernst's full-sized avatar

Eric Ernst egernst

77 followers · 9 following
View GitHub Profile
@egernst
egernst / quic
Last active January 2, 2019 19:47
v2-shim kata quick start
sudo apt-get update
### INSTALL KATA
#QEMU KATA:
ARCH=$(arch)
sudo sh -c "echo 'deb http://download.opensuse.org/repositories/home:/katacontainers:/releases:/${ARCH}:/master/xUbuntu_$(lsb_release -rs)/ /' > /etc/apt/sources.list.d/kata-containers.list"
curl -sL http://download.opensuse.org/repositories/home:/katacontainers:/releases:/${ARCH}:/master/xUbuntu_$(lsb_release -rs)/Release.key | sudo apt-key add -
sudo -E apt-get update
sudo -E apt-get -y install kata-runtime kata-proxy kata-shim
@egernst
egernst / kata-fc.md
Last active April 18, 2025 10:16
Getting Started with Kata with Firecracker

Kata Containers with Firecracker hypervisor

The 1.5.0-rc2 release of Kata Containers introduced support for the Firecracker hypervisor. While we do not yet have packages available for Firecracker, we do have the built binary included as part of our release tarball. A Firecracker specific tarball was created which includes all of the configurations and binaries required for running Kata+Firecracker.

This is a quick guide to show how to quickly start playing with Kata + Firecracker in docker. This is the initial introduction, and we have plenty of work around optimizations, but I expect users to be able to use block based volumes (up to 7 per container right now) as well as multiple network interfaces with these containers.

I plan to update kata-deploy's container image to allow users a quick daemonset for installing and configuring Kata (with both QEMU and Firecracker) in a Kubernetes cluster which utilizes containerd and/o

@egernst
egernst / measure.sh
Last active September 25, 2018 16:26
debug script for measuring some perf stats ..
#!/bin/bash
idx=0;
iterations=$2
sleeptime=$1
# If we're in L1, let's measure vhost/qemu specifically
nestedlevel=$3
echo "Nested Level: L$3"
if [ $nestedlevel == 1 ]
@egernst
egernst / onetwoone.md
Last active August 31, 2018 23:01

Release 1.2.1

agent Changes

Shortlog

48cd03d release: Kata Containers 1.2.1 ae3d9c3 protocols: increase dial timeout 38ee07a agent: enable memory hierarchical account

proxy Changes

@egernst
egernst / kata-vpp.md
Last active August 17, 2018 18:21
Testing VPP and Kata

Testing VPP with Kata

Directions below are executed on a Ubuntu 18.04 on an Azure VM (standard D2s v3 node)

Install Docker:

Install latest stable docker:

sudo -E apt-get -y install apt-transport-https ca-certificates software-properties-common
curl -sL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
arch=$(dpkg --print-architecture)
@egernst
egernst / iptables-cheatsheet.md
Last active May 9, 2025 01:10 — forked from mcastelino/iptables-cheatsheet.md
iptables-cheatsheet

The netfilter hooks in the kernel and where they hook in the packet flow

The figure below calls out

  • The netfilter hooks
  • The order of table traversal
@egernst
egernst / debug.md
Last active August 9, 2018 04:26 
$ sudo kata-runtime list
ID                                                                 PID         STATUS      BUNDLE                                                                                                                 CREATED                          OWNER
f9c27becce8ce678523313eca093ae64c45bf51d67a7493190de3048e3a45dac   22859       running     /run/containers/storage/overlay-containers/f9c27becce8ce678523313eca093ae64c45bf51d67a7493190de3048e3a45dac/userdata   2018-08-09T04:15:38.169158318Z   #0
296c0247716df5c89663c07fc0383f346933aa7214ab5234b2809f7eb66bef44   22972       stopped     /run/containers/storage/overlay-containers/296c0247716df5c89663c07fc0383f346933aa7214ab5234b2809f7eb66bef44/userdata   2018-08-09T04:15:39.411160174Z   #0
a64f8601f98eb3c9171505713aca2cce6e53b271a607690b8c72f4fd418e7863   24169       running     /run/containers/storage/overlay-containers/a64f8601f98eb3c9171505713aca2cce6e53b271a607690b8c72f4fd418e7863/userdata   2018-08-09T04:17:24.713274953Z   #0
f51cba19
@egernst
egernst / debug.md
Last active July 30, 2018 18:26
cassandra connectivity debug

runc for server:

listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
18:24:09.613883 IP eernstworkstation.jf.intel.com.43538 > da1195437397.9042: Flags [S], seq 1860814498, win 29200, options [mss 1460,sackOK,TS val 124369660 ecr 0,nop,wscale 7], length 0
18:24:09.613936 IP da1195437397.9042 > eernstworkstation.jf.intel.com.43538: Flags [S.], seq 1124812268, ack 1860814499, win 43440, options [mss 1460,sackOK,TS val 1315418715 ecr 124369660,nop,wscale 13], length 0
18:24:09.614438 IP da1195437397.47272 > corpdns.intel.com.domain: 44776+ PTR? 165.200.7.10.in-addr.arpa. (43)
18:24:09.614459 IP eernstworkstation.jf.intel.com.43538 > da1195437397.9042: Flags [.], ack 1, win 229, options [nop,nop,TS val 124369661 ecr 1315418715], length 0
18:24:09.615015 IP corpdns.intel.com.domain > da1195437397.47272: 44776* 1/0/0 PTR eernstworkstation.jf.intel.com. (87)
18:24:09.615279 IP da1195437397.35770 > corpdns.intel.com.domain: 616+ PTR? 1.2.248.10.in-addr.arpa. (41)
18:24:09.615874 IP corpdns.i
@egernst
egernst / containerd-dnf
Created June 19, 2018 03:04
echo "Install Utilities"
sudo dnf -y install tc go git wget unzip vim
echo 'export GOPATH="$HOME/go"' | sudo tee -a /etc/profile
echo 'export PATH="$PATH:$GOPATH/bin"' | sudo tee -a /etc/profile
source /etc/profile
VERSION="1.1.0"
echo "Install Containerd ${VERSION}"
wget -q https://storage.googleapis.com/cri-containerd-release/cri-containerd-${VERSION}.linux-amd64.tar.gz
sudo tar -C / -xzf cri-containerd-${VERSION}.linux-amd64.tar.gz
@egernst
egernst / kata-deploy.yaml
Created June 12, 2018 23:02
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: kubelet-runtime-labeler
namespace: kube-system
spec:
selector:
matchLabels:
name: kubelet-runtime-labeler