I need run to OpenWRT Virtual Machine instance in the Linux Containers environment (Incus) running on top of Raspberry Pi 4B. This instance is the gateway utilizing a Mobile Network modem as a WAN interface.
Linux Container Image servers (nor Incus, nor Canonical LXD) do not provide OpenWRT VM images yet. However, I was able to make custom VM image and run in the Incus environment. VM works fine and I'm able to setup Mobile Data connection, and provide Internet Access to local devices.
But, there is an issue below.
Linux Container systems (Incus, LXD) manage and orchestrates containers and virtual machines using unified API, command-line and GUI interfaces. They run VMs utilizing qemu functionality. They also provide additional interface for setup OS in the VM instance, grant console access, report OS status in the VM, etc. via agent software injected to the VM instance. This agent communicates with the Linux Containers daemon via vsock interface (vsock.ko kernel module). Unfortunately, OpenWRT does not provide such module as kmod-* package, nor as pre-build module. OpwnWRT Kernel Module Selection (make kernel_menuconfig) does not allow to select it as well. How can I build kernlem module vsock for `OpenWRT' ?
How vmware ipc is supposed to solve your perceived problem outside vmware?
Containers are not able to load any kmods. By thre whole definition of them.
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
As I mentioned this is not a VMWare environment. OpenWRT VM runs under qemu and orchestrated by Incus daemon.
Actually Incus daemon pre-configures qemu execution environment (prepare VM from the image, prepares network interfaces, makes qemu VM config, etc.) and then start VM by launching it through qemu with parameters like below: /opt/incus/bin/qemu-system-aarch64 -S -name owrt-test-vm -uuid a70a72ef-ff3a-4066-b074-cac6c0f8b8bc -daemonize -cpu host -nographic -serial chardev:console -nodefaults -no-user-config -sandbox on,obsolete=deny,elevateprivileges=allow,spawn=allow,resourcecontrol=deny -readconfig /run/incus/infra_owrt-test-vm/qemu.conf -spice unix=on,disable-ticketing=on,addr=/run/incus/infra_owrt-test-vm/qemu.spice -pidfile /run/incus/infra_owrt-test-vm/qemu.pid -D /var/log/incus/infra_owrt-test-vm/qemu.log -smbios type=2,manufacturer=LinuxContainers,product=Incus -runas incus
What I'm looking for is how to make vsock kernel module for OpenWRT. This is standard kernel module which is not included to the OpenWRT build environment.
Your first message in this thread should have been more-ore-less that, I think. I think brada started skimming the text that read like a sales ad for "incus"
I would appreciate it if you point the solution (As you marked this topic as Solved already)
My question is simple - how to correctly compile standard Linux kernel module called vsock.ko if it not included to the OpewnWRT Build environment.
Unfortunately, I couldn't find the option nor in the kernel_menuconfig, nor in the kernel section in the .config file. As I see this module is the part of vmw_virtio kernel drivers in it not included into (or excluded from) OpenWRT kernel.
P.S.
By the way, not only VMWare, but other emulators/hypervisors use Virtual Socket interface to establish connection between host and guest.
I still dont see you describing the problem you are trying to solve. Stuffing barely ever used vmware module will not change qemu or cgroups or namespaces.
I'm not the OP, but AFAICT the VSOCK address family is used by most?all? modern Hypervisors these days. Vmware introduced it in 3.X times, but since Linux 4.something it's also been in use by qemu and others, IIRC.
One of the main? use-cases for it seems to be enabling "out-of-band" SSH access to VMs and containers. Another one would be to provide a fast channel for data, where UDP would be used in a non-localhost networking context.
To the OP: I have not done this myself yet, but there are many kmod_packages around, that also basically just "enable" one specific kernel module. Find a simple one, swap out the kernel module option line in the patch, and submit a PR upstream?
Dear brada4. I just asked for the help and I appreciate everyone who does help me.
Especially for you I can explain the problem I'm trying to solve in some additional details:
I do need to run OpenWRT VM in the Linux Containers environment. (Why I need a VM but not a container - it's another topic)
Linux Containers utilizes qemu to run VMs
Linux Containers requires lxd-agent or incus-agent process running in the VM to manage VM (getting VM processes, network, etc. statuses, executing commands, shutdown VM gracefully, etc.). The Linux Containers daemon communicates with the agent running in the VM through the kernel Virtual Socket protocol which requires vsock kernel module loaded in the guest VM.
It is one of running modes, just use openwrt tarballl to deploy
Does existing qemu-ga communicating over virtio_serial inside VM and unix socket outside fit the bill
Yes, it makes sense, just extra inter-vm communication channel makes little sense, you can have full bridges between VM-s, like micro-segmentation in rfc1918 space.
This is clear. I have not requested the official support yet.
I know how to build the image and how to integrate additional software and change configuration. The question was how to get the specific kernel module unavailable in the official builds.
. Image is building now.