Skip to content

Instantly share code, notes, and snippets.

@radu-matei

radu-matei/runwasi.md

Created February 20, 2024 17:17
Show Gist options
  • Save radu-matei/391fd61d238356596b1e425c907ccebb to your computer and use it in GitHub Desktop.
Save radu-matei/391fd61d238356596b1e425c907ccebb to your computer and use it in GitHub Desktop.
Download ZIP
Raw
runwasi.md

Local development setup

Prerequisites:

  • Linux OS (I think you can get this running within a container on Docker Desktop, BUT if you need to compile...)
  • containerd 1.7.7+ moved to /usr/bin and
  • update the /etc/containerd/config.toml file with the Spin v2 runtime:
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.spin]
  runtime_type = "io.containerd.spin.v2"

Aliases

alias killshim='sudo ctr --address /tmp/containerd-temp.sock task kill $1 --all --signal 9'
alias ctr='sudo ctr --address /tmp/containerd-temp.sock'
alias containerd='sudo containerd --address /tmp/containerd-temp.sock'

Building the Spin shim

  • clone the Spin shim:
$ git clone https://github.com/spinkube/containerd-shim-spin
  • build the Spin shim for your current architecture:
$ cargo build --release
  • move the binary to /usr/bin:
$ sudo mv target/release/containerd-shim-spin-v2 /usr/bin

Running a Spin application using the shim

  • start containerd (on a separate socket so it doesn't interfere with your Docker setup -- see the aliases section):
$ containerd
  • pull the Spin application locally from the OCI registry:
$ ctr image pull ttl.sh/spin-perf:24h
  • start the application locally using ctr:
$ ctr run --rm --net-host --runtime io.containerd.spin.v2 ttl.sh/spin-perf:24h perf nonexistent-required-entrypoint-arg

Serving http://0.0.0.0:80
Available Routes:
  perf: http://0.0.0.0:80 (wildcard)

  • the application is accessible on port 80 because we're using the host network

  • stopping an application running with the shim requires passing the --signal 9 (ongoing issue in runwasi):

# killshim <name of task>
$ killshim perf

Appendix

In the /usr/bin directory you need the following binaries:

 40M 4 months /usr/bin/containerd
6.4M 4 months /usr/bin/containerd-shim
8.1M 4 months /usr/bin/containerd-shim-runc-v1
 12M 4 months /usr/bin/containerd-shim-runc-v2
 43M 4 days   /usr/bin/containerd-shim-spin-v2
 19M 4 months /usr/bin/containerd-stress
 20M 4 months /usr/bin/ctr
@vdice
Copy link

vdice commented Feb 21, 2024

I had success today using a lima vm (on my M1 mac) for building/testing the shim.

Here's the lima vm config (based on their ubuntu-lts template):

# This template requires Lima v0.7.0 or later.
images:
# Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months.
- location: "https://cloud-images.ubuntu.com/releases/22.04/release-20240126/ubuntu-22.04-server-cloudimg-amd64.img"
  arch: "x86_64"
  digest: "sha256:9f8a0d84b81a1d481aafca2337cb9f0c1fdf697239ac488177cf29c97d706c25"
- location: "https://cloud-images.ubuntu.com/releases/22.04/release-20240126/ubuntu-22.04-server-cloudimg-arm64.img"
  arch: "aarch64"
  digest: "sha256:dddfb1741f16ea9eaaaeb731c5c67dd2cb38a4768b2007954cb9babfe1008e0d"
# Fallback to the latest release image.
# Hint: run `limactl prune` to invalidate the cache
- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-amd64.img"
  arch: "x86_64"
- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-arm64.img"
  arch: "aarch64"

mounts:
- location: "~"
- location: "/tmp/lima"
  writable: true

vmType: "vz"
# rosetta:
#   # Enable Rosetta for Linux.
#   # Hint: try `softwareupdate --install-rosetta` if Lima gets stuck at `Installing rosetta...`
#   enabled: true
#   # Register rosetta to /proc/sys/fs/binfmt_misc
#   binfmt: true

networks:
# The "vzNAT" IP address is accessible from the host, but not from other guests.
- vzNAT: true

provision:
- mode: system
  script: |
    #!/bin/sh
    sudo apt-get install -y \
      build-essential \
      cargo \
      libseccomp-dev \
      libssl-dev \
      make \
      pkg-config \
      protobuf-compiler

    mkdir -p /tmp/lima/containerd
    sudo containerd config default > /tmp/lima/containerd/config.toml

    cat << EOF | sudo tee -a /tmp/lima/containerd/config.toml
    [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.spin]
      runtime_type = "io.containerd.spin.v2"
    EOF

    alias killshim='sudo ctr --address /tmp/containerd-temp.sock task kill $1 --all --signal 9'

Then the steps I followed:

# lima vm steps
limactl start --name=shimvm ~/scratch/lima/configs/containerd-shim-spin.yaml
limactl shell shimvm

# build shim
cargo build --release --target-dir /tmp/lima/target
sudo mv /tmp/lima/target/release/containerd-shim-spin-v2 /usr/bin

## run containerd (in one terminal)
sudo containerd -c /tmp/lima/containerd/config.toml 

## run app via shim
sudo ctr image pull docker.io/vdice/static-fileserver:latest
sudo ctr run --rm --net-host --runtime io.containerd.spin.v2 docker.io/vdice/static-fileserver:latest static bogus-arg

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment