socat + kata + cgroup

debug console  connect qemu serial 

Connect to the virtual machine using the debug console

sudo sed -i -e 's/^kernel_params = "\(.*\)"/kernel_params = "\1 agent.debug_console"/g' "${kata_configuration_file}"

 

 

sed -i -e 's/^# *\(enable_debug\).*=.*$/\1 = true/g'    configuration.toml

 

 

 
 root@ubuntu:~# id=$(sudo docker ps -q --no-trunc)
root@ubuntu:~# console="/var/run/vc/vm/${id}/console.sock"
root@ubuntu:~# echo $console
/var/run/vc/vm/4491cde0777ac6886102e4315558dd8acbf23d56c89f5ef72c217a0057280a41/console.sock
root@ubuntu:~# socat "stdin,raw,echo=0,escape=0x11" "unix-connect:${console}"
root@ubuntu:~# socat "stdin,raw,echo=0,escape=0x11" "unix-connect:${console}"

 

Note: You need to press the RETURN key to see the shell prompt.

To disconnect from the virtual machine, type CONTROL+q (hold down the CONTROL key and press q).

 

 

 

 

 in this case the console.sock is not created 

root@ubuntu:/etc/containerd# ps -elf | grep qemu | grep cfc757af4a2c91862632fba8a1d1884183a23c9cc7dacfe9ca521ea0dc2a27
7 S root     59005 58943  0  80   0 - 756221 sys_po 19:03 ?       00:00:03 /usr/share/kata-containers/binary/qemu-system-aarch64 -name sandbox-ebcfc757af4a2c91862632fba8a1d1884183a23c9cc7dacfe9ca521ea0dc2a27 -uuid ec167176-b5a6-4fc7-b71c-3dc89c452d31 -machine virt,usb=off,accel=kvm,gic-version=host -cpu host,pmu=off -qmp unix:/run/vc/vm/ebcfc757af4a2c91862632fba8a1d1884183a23c9cc7dacfe9ca521ea0dc2a27/qmp.sock,server,nowait -m 2048M,slots=10,maxmem=257176M -device pcie-pci-bridge,bus=pcie.0,id=pcie-bridge-0,addr=2,romfile= -device virtio-serial-pci,disable-modern=false,id=serial0,romfile= -device virtconsole,chardev=charconsole0,id=console0 -chardev socket,id=charconsole0,path=/run/vc/vm/ebcfc757af4a2c91862632fba8a1d1884183a23c9cc7dacfe9ca521ea0dc2a27/console.sock,server,nowait -device virtio-blk-pci,disable-modern=false,drive=image-4b25ba9226229203,scsi=off,config-wce=off,romfile=,share-rw=on -drive id=image-4b25ba9226229203,file=/usr/share/kata-containers/binary/kata-containers.img,aio=threads,format=raw,if=none,readonly -device virtio-scsi-pci,id=scsi0,disable-modern=false,romfile= -object rng-random,id=rng0,filename=/dev/urandom -device virtio-rng-pci,rng=rng0,romfile= -device virtserialport,chardev=charch0,id=channel0,name=agent.channel.0 -chardev socket,id=charch0,path=/run/vc/vm/ebcfc757af4a2c91862632fba8a1d1884183a23c9cc7dacfe9ca521ea0dc2a27/kata.sock,server,nowait -device virtio-9p-pci,disable-modern=false,fsdev=extra-9p-kataShared,mount_tag=kataShared,romfile= -fsdev local,id=extra-9p-kataShared,path=/run/kata-containers/shared/sandboxes/ebcfc757af4a2c91862632fba8a1d1884183a23c9cc7dacfe9ca521ea0dc2a27/shared,security_model=none -netdev tap,id=network-0,vhost=on,vhostfds=3,fds=4 -device driver=virtio-net-pci,netdev=network-0,mac=02:42:ac:11:00:02,disable-modern=false,mq=on,vectors=4,romfile= -rtc base=utc,driftfix=slew,clock=host -global kvm-pit.lost_tick_policy=discard -vga none -no-user-config -nodefaults -nographic --no-reboot -daemonize -kernel /usr/share/kata-containers/binary/vmlinuz-5.4.34-88 -append console=hvc0 console=hvc1 iommu.passthrough=0 root=/dev/vda1 rootflags=data=ordered,errors=remount-ro ro rootfstype=ext4 quiet systemd.show_status=false panic=1 nr_cpus=64 agent.use_vsock=false systemd.unit=kata-containers.target systemd.mask=systemd-networkd.service systemd.mask=systemd-networkd.socket scsi_mod.scan=none agent.log=debug initcall_debug -pidfile /run/vc/vm/ebcfc757af4a2c91862632fba8a1d1884183a23c9cc7dacfe9ca521ea0dc2a27/pid -smp 1,cores=1,threads=1,sockets=64,maxcpus=64
root@ubuntu:/etc/containerd# lsof -n -p 59005 |grep sock
qemu-syst 59005 root   15u     sock                0,9       0t0 11890517 protocol: UNIX
qemu-syst 59005 root   16u     sock                0,9       0t0 11890518 protocol: UNIX
qemu-syst 59005 root   17u     sock                0,9       0t0 11890519 protocol: UNIX
qemu-syst 59005 root   30u     unix 0xffff80af9373c800       0t0 11890535 /run/vc/vm/ebcfc757af4a2c91862632fba8a1d1884183a23c9cc7dacfe9ca521ea0dc2a27/kata.sock type=STREAM

 

docker run --rm -it --runtime kata-runtime nginx

 

 

 

sed -i -e 's/^kernel_params = "\(.*\)"/kernel_params = "\1 agent.debug_console"/g' configuration-qemu.toml
  grep agent.debug_console configuration-qemu.toml
 sed -i -e 's/^# *\(enable_debug\).*=.*$/\1 = true/g'    configuration.toml

root@ubuntu:/usr/share/defaults/kata-containers# grep agent.debug_console configuration-qemu.toml
kernel_params = " agent.debug_console"
root@ubuntu:/usr/share/defaults/kata-containers# grep enable_debug configuration-qemu.toml
#enable_debug = true
#enable_debug = true
#enable_debug = true
#enable_debug = true
#enable_debug = true
#enable_debug = true
root@ubuntu:/usr/share/defaults/kata-containers#

 

time="2020-11-11T08:01:08.12149426Z" level=debug msg="request end" debug_console=true duration="24.52µs" name=kata-agent pid=50 request=/grpc.AgentService/ReadStdout resp="data:\"11-11 16:01:08.119    12    12 W         : debuggerd: handling request: pid=2874 uid=1000 gid=1003 tid=2874\\r\\n11-11 16:01:08.120    12    12 W         : Failed to open /proc/2874/exe Permission denied\\r\\n\" " sandbox=4dd0d555336e7c3f5f258a048e13c8988d697fb548d77369cd9e5512a412a71b source=agent
time="2020-11-11T08:01:08.1220967Z" level=debug msg="new request" debug_console=true name=kata-agent pid=50 req="container_id:\"4dd0d555336e7c3f5f258a048e13c8988d697fb548d77369cd9e5512a412a71b\" exec_id:\"4dd0d555336e7c3f5f258a048e13c8988d697fb548d77369cd9e5512a412a71b\" len:32768 " request=/grpc.AgentService/ReadStdout sandbox=4dd0d555336e7c3f5f258a048e13c8988d697fb548d77369cd9e5512a412a71b source=agent
time="2020-11-11T08:01:08.13722366Z" level=debug msg="request end" debug_console=true duration=14.97434ms name=kata-agent pid=50 request=/grpc.AgentService/ReadStdout resp="data:\"11-11 16:01:08.136  2882  2882 E         : debuggerd: ptrace attach failed: Operation not permitted\\r\\n\" " sandbox=4dd0d555336e7c3f5f258a048e13c8988d697fb548d77369cd9e5512a412a71b source=agent
time="2020-11-11T08:01:08.13789104Z" level=debug msg="new request" debug_console=true name=kata-agent pid=50 req="container_id:\"4dd0d555336e7c3f5f258a048e13c8988d697fb548d77369cd9e5512a412a71b\" exec_id:\"4dd0d555336e7c3f5f258a048e13c8988d697fb548d77369cd9e5512a412a71b\" len:32768 " request=/grpc.AgentService/ReadStdout sandbox=4dd0d555336e7c3f5f258a048e13c8988d697fb548d77369cd9e5512a412a71b source=agent
time="2020-11-11T08:01:08.13847064Z" level=debug msg="request end" debug_console=true duration="433.6µs" name=kata-agent pid=50 request=/grpc.AgentService/ReadStdout resp="data:\"11-11 16:01:08.137    12    12 W         : debuggerd: resuming target 2874\\r\\n\" " sandbox=4dd0d555336e7c3f5f258a048e13c8988d697fb548d77369cd9e5512a412a71b source=agent
time="2020-11-11T08:01:08.13907684Z" level=debug msg="new request" debug_console=true name=kata-agent pid=50 req="container_id:\"4dd0d555336e7c3f5f258a048e13c8988d697fb548d77369cd9e5512a412a71b\" exec_id:\"4dd0d555336e7c3f5f258a048e13c8988d697fb548d77369cd9e5512a412a71b\" len:32768 " request=/grpc.AgentService/ReadStdout sandbox=4dd0d555336e7c3f5f258a048e13c8988d697fb548d77369cd9e5512a412a71b source=agent

 

 

root@ubuntu:/opt/gopath/src/github.com/kata-containers/runtime# kata-runtime   kata-env | grep -i target
  Parameters = "systemd.unit=kata-containers.target systemd.mask=systemd-networkd.service systemd.mask=systemd-networkd.socket scsi_mod.scan=none agent.log=debug agent.debug_console"
root@ubuntu:/opt/gopath/src/github.com/kata-containers/runtime# 

 

 

 

root@ubuntu:~# ps -elf | grep qemu | grep e1c6d5c9e62052a873c3f3783ce5aeda
7 S root      3470  3415  5  80   0 - 737529 sys_po 11:53 ?       00:00:01 /usr/share/kata-containers/binary/qemu-system-aarch64 -name sandbox-e1c6d5c9e62052a873c3f3783ce5aedafeb37b7374244bc3b486bb181b8513a8 -uuid 443a8c47-9495-4a2a-8a2c-ff295fba0eb3 -machine virt,usb=off,accel=kvm,gic-version=host -cpu host,pmu=off -qmp unix:/run/vc/vm/e1c6d5c9e62052a873c3f3783ce5aedafeb37b7374244bc3b486bb181b8513a8/qmp.sock,server,nowait -m 2048M,slots=10,maxmem=257176M -device pcie-pci-bridge,bus=pcie.0,id=pcie-bridge-0,addr=2,romfile= -device virtio-serial-pci,disable-modern=false,id=serial0,romfile= -device virtconsole,chardev=charconsole0,id=console0 -chardev socket,id=charconsole0,path=/run/vc/vm/e1c6d5c9e62052a873c3f3783ce5aedafeb37b7374244bc3b486bb181b8513a8/console.sock,server,nowait -device virtio-blk-pci,disable-modern=false,drive=image-2a299a6352aba9b7,scsi=off,config-wce=off,romfile=,share-rw=on -drive id=image-2a299a6352aba9b7,file=/usr/share/kata-containers/binary/kata-containers.img,aio=threads,format=raw,if=none,readonly -device virtio-scsi-pci,id=scsi0,disable-modern=false,romfile= -object rng-random,id=rng0,filename=/dev/urandom -device virtio-rng-pci,rng=rng0,romfile= -device virtserialport,chardev=charch0,id=channel0,name=agent.channel.0 -chardev socket,id=charch0,path=/run/vc/vm/e1c6d5c9e62052a873c3f3783ce5aedafeb37b7374244bc3b486bb181b8513a8/kata.sock,server,nowait -device virtio-9p-pci,disable-modern=false,fsdev=extra-9p-kataShared,mount_tag=kataShared,romfile= -fsdev local,id=extra-9p-kataShared,path=/run/kata-containers/shared/sandboxes/e1c6d5c9e62052a873c3f3783ce5aedafeb37b7374244bc3b486bb181b8513a8/shared,security_model=none -netdev tap,id=network-0,vhost=on,vhostfds=3,fds=4 -device driver=virtio-net-pci,netdev=network-0,mac=02:42:ac:11:00:02,disable-modern=false,mq=on,vectors=4,romfile= -rtc base=utc,driftfix=slew,clock=host -global kvm-pit.lost_tick_policy=discard -vga none -no-user-config -nodefaults -nographic --no-reboot -daemonize -kernel /usr/share/kata-containers/binary/vmlinuz-5.4.34-88 -append console=hvc0 console=hvc1 iommu.passthrough=0 root=/dev/vda1 rootflags=data=ordered,errors=remount-ro ro rootfstype=ext4 debug systemd.show_status=true systemd.log_level=debug panic=1 nr_cpus=64 agent.use_vsock=false systemd.unit=kata-containers.target systemd.mask=systemd-networkd.service systemd.mask=systemd-networkd.socket scsi_mod.scan=none agent.log=debug agent.debug_console -pidfile /run/vc/vm/e1c6d5c9e62052a873c3f3783ce5aedafeb37b7374244bc3b486bb181b8513a8/pid -D /run/vc/vm/e1c6d5c9e62052a873c3f3783ce5aedafeb37b7374244bc3b486bb181b8513a8/qemu.log -smp 1,cores=1,threads=1,sockets=64,maxcpus=64
root@ubuntu:~# lsof -n -p 3470  | grep sock
qemu-syst 3470 root   15u     sock                0,9       0t0 37541051 protocol: UNIX
qemu-syst 3470 root   16u     sock                0,9       0t0 37541052 protocol: UNIX
qemu-syst 3470 root   17u     sock                0,9       0t0 37541053 protocol: UNIX
qemu-syst 3470 root   30u     unix 0xffff802d1c357400       0t0 37541069 /run/vc/vm/e1c6d5c9e62052a873c3f3783ce5aedafeb37b7374244bc3b486bb181b8513a8/kata.sock type=STREAM
root@ubuntu:~# id=$(sudo docker ps -q --no-trunc)
root@ubuntu:~#  console="/var/run/vc/vm/${id}/console.sock"
root@ubuntu:~# socat "stdin,raw,echo=0,escape=0x11" "unix-connect:${console}"       -----输入回车

root@25a725e7599e:/# 

 

root@ubuntu:~# docker run -tid  --runtime kata-runtime nginx
fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
root@ubuntu:~# id=$(sudo docker ps -q --no-trunc)
root@ubuntu:~# console="/var/run/vc/vm/${id}/console.sock"
root@ubuntu:~# socat "stdin,raw,echo=0,escape=0x11" "unix-connect:${console}"

root@25a725e7599e:/# ps -elf | grep nginx
4 S root        71    50  0  80   0 -  2069 arm64_ 03:59 ?        00:00:00 nginx: master process nginx -g daemon off;
5 S systemd+    99    71  0  80   0 -  2164 ep_pol 03:59 ?        00:00:00 nginx: worker process
0 S root       102    57  0  80   0 -   676 pipe_w 03:59 hvc0     00:00:00 grep --color=auto nginx
root@25a725e7599e:/# cat /proc/99/cgroup 
10:freezer:/docker/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
9:devices:/docker/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
8:cpuset:/docker/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
7:memory:/docker/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
6:cpu,cpuacct:/docker/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
5:perf_event:/docker/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
4:pids:/docker/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
3:blkio:/docker/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
2:net_cls,net_prio:/docker/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
1:name=systemd:/docker/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
0::/system.slice/kata-agent.service
root@25a725e7599e:/# 

root@25a725e7599e:/# ls  /sys/fs/cgroup
blkio        cpuacct  freezer  net_cls,net_prio  pids
cpu          cpuset   memory   net_prio          systemd
cpu,cpuacct  devices  net_cls  perf_event        unified
root@25a725e7599e:/# 

 

root@25a725e7599e:/# ls  /sys/fs/cgroup
blkio        cpuacct  freezer  net_cls,net_prio  pids
cpu          cpuset   memory   net_prio          systemd
cpu,cpuacct  devices  net_cls  perf_event        unified
root@25a725e7599e:/# ls  /sys/fs/cgroup/systemd/
cgroup.clone_children  docker             release_agent
cgroup.procs           init.scope         system.slice
cgroup.sane_behavior   notify_on_release  tasks
root@25a725e7599e:/# ls  /sys/fs/cgroup/systemd/docker/
cgroup.clone_children
cgroup.procs
fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
notify_on_release
tasks
root@25a725e7599e:/#

 

root@25a725e7599e:/# ls
bin   dev  home  lost+found  mnt  proc  run   srv  tmp  var
boot  etc  lib   media       opt  root  sbin  sys  usr
root@25a725e7599e:/# ls run/
kata-containers  libcontainer  lock  mount  sandbox-ns  systemd
root@25a725e7599e:/# ls run/mount/
utab
root@25a725e7599e:/# mount
/dev/vda1 on / type ext4 (ro,relatime,errors=remount-ro,data=ordered)
devtmpfs on /dev type devtmpfs (rw,relatime,size=1024756k,nr_inodes=256189,mode=755)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,mode=755)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)
cgroup on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,name=systemd)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=24,pgrp=1,timeout=0,minproto=5,maxproto=5,direct)
mqueue on /dev/mqueue type mqueue (rw,relatime)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,pagesize=2M)
tmpfs on /tmp type tmpfs (rw,nosuid,nodev)
fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
nsfs on /run/sandbox-ns/ipc type nsfs (rw)
nsfs on /run/sandbox-ns/uts type nsfs (rw)
kataShared on /run/kata-containers/shared/containers type 9p (rw,nodev,relatime,dirsync,mmap,access=client,trans=virtio)
shm on /run/kata-containers/sandbox/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)
tmpfs on /etc/resolv.conf type tmpfs (rw,nosuid,nodev,mode=755)
root@25a725e7599e:/# 

 

root@25a725e7599e:/run# ls /run/kata-containers/shared/containers -al
total 12
drwxr-x--- 2 root root  40 Oct 31 03:59 .
drwxr-xr-x 3 root root  60 Oct 31 03:59 ..
drwxr-xr-x 3 root root  60 Oct 31 03:59 fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
-rw-r--r-- 1 root root 720 Oct 31 03:59 fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-15b9d563e9b4a684-resolv.conf
-rw-r--r-- 1 root root  13 Oct 31 03:59 fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-48f051befa69947e-hostname
-rw-r--r-- 1 root root 174 Oct 31 03:59 fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-cf113b785d45ec35-hosts
root@25a725e7599e:/run# 

 

root@25a725e7599e:/run# ls -i kata-containers/shared/containers/ -l
total 12
    1314 drwxr-xr-x 3 root root  60 Oct 31 03:59 fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
12195812 -rw-r--r-- 1 root root 720 Oct 31 03:59 fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-15b9d563e9b4a684-resolv.conf
12195813 -rw-r--r-- 1 root root  13 Oct 31 03:59 fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-48f051befa69947e-hostname
12195811 -rw-r--r-- 1 root root 174 Oct 31 03:59 fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-cf113b785d45ec35-hosts

 

host上

root@ubuntu:/run/kata-containers/shared# find ./ -name fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a*
./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/mounts/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-cf113b785d45ec35-hosts
./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/mounts/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-48f051befa69947e-hostname
./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/mounts/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-15b9d563e9b4a684-resolv.conf
./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/mounts/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/shared/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-cf113b785d45ec35-hosts
./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/shared/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-48f051befa69947e-hostname
./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/shared/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-15b9d563e9b4a684-resolv.conf
./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/shared/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a
root@ubuntu:/run/kata-containers/shared#

 

root@ubuntu:/run/kata-containers/shared# find ./ -name fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a* | xargs ls -i
12195810 ./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/mounts/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-15b9d563e9b4a684-resolv.conf
12195811 ./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/mounts/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-48f051befa69947e-hostname
12195809 ./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/mounts/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-cf113b785d45ec35-hosts
12195810 ./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/shared/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-15b9d563e9b4a684-resolv.conf
12195811 ./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/shared/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-48f051befa69947e-hostname
12195809 ./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/shared/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-cf113b785d45ec35-hosts

./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a:
1302 mounts 1302 shared

./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/mounts/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a:
8389125 rootfs

./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/shared/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a:
8389125 rootfs
root@ubuntu:/run/kata-containers/shared# ls -i ./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/mounts/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-cf113b785d45ec35-hosts
12195809 ./sandboxes/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a/mounts/fa55c7478feb846f8ea41fe52cb13252afb0df1ee09b4cc7a1d58218ed4c782a-cf113b785d45ec35-hosts
root@ubuntu:/run/kata-containers/shared#

 

 

 

root@25a725e7599e:/# ls run/
kata-containers  libcontainer  lock  mount  sandbox-ns  systemd
root@25a725e7599e:/# ls
bin   dev  home  lost+found  mnt  proc  run   srv  tmp  var
boot  etc  lib   media       opt  root  sbin  sys  usr
root@25a725e7599e:/# touch kata1.txt ---------不可以创建
touch: cannot touch 'kata1.txt': Read-only file system
root@25a725e7599e:/# cd run/
root@25a725e7599e:/run# touch kata1.txt
root@25a725e7599e:/run# 

 

主机上看不到

root@ubuntu:/run/kata-containers# ls
containers-mapping  shared
root@ubuntu:/run/kata-containers# cd shared/
root@ubuntu:/run/kata-containers/shared# ls
sandboxes
root@ubuntu:/run/kata-containers/shared# cd sandboxes/
root@ubuntu:/run/kata-containers/shared/sandboxes# find ./ -name kata1.txt
root@ubuntu:/run/kata-containers/shared/sandboxes# find ./ -name  kata1.txt
root@ubuntu:/run/kata-containers/shared/sandboxes# cd ..
root@ubuntu:/run/kata-containers/shared# find ./ -name  kata1.txt
root@ubuntu:/run/kata-containers/shared# 

 

case debugConsoleVPortFlag:
                port, err := strconv.ParseUint(split[valuePosition], 10, 32)
                if err != nil {
                        return err
                }
                debugConsole = true

 

func setupDebugConsole(ctx context.Context, debugConsolePath string) error {
        if !debugConsole {
                return nil
        }

        if debugConsoleVSockPort != uint32(0) {
                return setupDebugConsoleForVsock(ctx)
        }

        var shellPath string
        for _, s := range supportedShells {
                var err error
                if _, err = os.Stat(s); err == nil {
                        shellPath = s
                        break
                }
                agentLog.WithError(err).WithField("shell", s).Warn("Shell not found")
        }

        if shellPath == "" {
                return fmt.Errorf("No available shells (checked %v)", supportedShells)
        }

        cmd := exec.Command(shellPath)
        cmd.Env = os.Environ()
        f, err := os.OpenFile(debugConsolePath, os.O_RDWR, 0600)
        if err != nil {
                return err
        }

        cmd.Stdin = f
        cmd.Stdout = f
        cmd.Stderr = f

        cmd.SysProcAttr = &syscall.SysProcAttr{
                // Create Session
                Setsid: true,
                // Set Controlling terminal to Ctty
                Setctty: true,
                Ctty:    int(f.Fd()),
        }

        go func() {
                for {
                        select {
                        case <-ctx.Done():
                                // stop the thread
                                return
                        default:
                                dcmd := *cmd
                                if err := dcmd.Run(); err != nil {
                                        agentLog.WithError(err).Warn("failed to start debug console")
                                }
                        }
                }
        }()

        return nil
}