From c4c6eb2cfe6941911d39b2fd4c89c0727cdd1f70 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Fri, 27 Jul 2018 13:26:33 +0200 Subject: [PATCH 01/22] Add rng device to api Signed-off-by: Petr Kotas --- pkg/api/v1/schema.go | 11 +++++++ pkg/virt-launcher/virtwrap/api/converter.go | 35 +++++++++++++++++++++ pkg/virt-launcher/virtwrap/api/schema.go | 22 ++++++++++--- 3 files changed, 64 insertions(+), 4 deletions(-) diff --git a/pkg/api/v1/schema.go b/pkg/api/v1/schema.go index ff0c118551a6..84e0e18442b8 100644 --- a/pkg/api/v1/schema.go +++ b/pkg/api/v1/schema.go @@ -188,6 +188,8 @@ type Devices struct { // Wheater to attach the default graphics device or not. // VNC will not be available if set to false. Defaults to true. AutoattachGraphicsDevice *bool `json:"autoattachGraphicsDevice,omitempty"` + // Whether to have random number generator from host + Rng *Rng `json:"rng,omitempty"` } // --- @@ -780,3 +782,12 @@ type PodNetwork struct { // Default 10.0.2.0/24 if not specified. VMNetworkCIDR string `json:"vmNetworkCIDR,omitempty"` } + +// Rng represents the random device passed from host +// --- +// +k8s:openapi-gen=true +type Rng struct { + Source string `json:"source"` + RateBytes *uint32 `json:"rateBytes,omitempty"` + RatePeriod *uint32 `json:"ratePeriod,omitempty"` +} diff --git a/pkg/virt-launcher/virtwrap/api/converter.go b/pkg/virt-launcher/virtwrap/api/converter.go index 8e5bb4346532..fe70cc1a51c0 100644 --- a/pkg/virt-launcher/virtwrap/api/converter.go +++ b/pkg/virt-launcher/virtwrap/api/converter.go @@ -242,6 +242,32 @@ func Convert_v1_Watchdog_To_api_Watchdog(source *v1.Watchdog, watchdog *Watchdog return fmt.Errorf("watchdog %s can't be mapped, no watchdog type specified", source.Name) } +func Convert_v1_Rng_To_api_Rng(source *v1.Rng, rng *Rng, _ *ConverterContext) error { + + // default rng model for KVM/QEMU virtualization + rng.Model = "virtio" + + // default backend model, random for /dev/random and /dev/urandom + rng.Backend.Model = "random" + + // the source used to get the entropy + if source.Source == "" { + return fmt.Errorf("rng can't be mapped, no source provided") + } + rng.Backend.Source = source.Source + + // limiting factor used to limit the access to rng device + // used to prevend ddos from guest machine + if source.RateBytes != nil { + rng.Rate.Bytes = *source.RateBytes + } + if source.RatePeriod != nil { + rng.Rate.Period = *source.RatePeriod + } + + return nil +} + func Convert_v1_Clock_To_api_Clock(source *v1.Clock, clock *Clock, c *ConverterContext) error { if source.UTC != nil { clock.Offset = "utc" @@ -435,6 +461,15 @@ func Convert_v1_VirtualMachine_To_api_Domain(vmi *v1.VirtualMachineInstance, dom domain.Spec.Devices.Watchdog = newWatchdog } + if vmi.Spec.Domain.Devices.Rng != nil { + newRng := &Rng{} + err := Convert_v1_Rng_To_api_Rng(vmi.Spec.Domain.Devices.Rng, newRng, c) + if err != nil { + return err + } + domain.Spec.Devices.Rng = newRng + } + if vmi.Spec.Domain.Clock != nil { clock := vmi.Spec.Domain.Clock newClock := &Clock{} diff --git a/pkg/virt-launcher/virtwrap/api/schema.go b/pkg/virt-launcher/virtwrap/api/schema.go index 489f3e97387c..11a591b6a498 100644 --- a/pkg/virt-launcher/virtwrap/api/schema.go +++ b/pkg/virt-launcher/virtwrap/api/schema.go @@ -249,6 +249,7 @@ type Devices struct { Serials []Serial `xml:"serial"` Consoles []Console `xml:"console"` Watchdog *Watchdog `xml:"watchdog,omitempty"` + Rng *Rng `xml:"rng,omitempty"` } // BEGIN Controller ----------------------------- @@ -573,16 +574,29 @@ type Ballooning struct { Model string `xml:"model,attr"` } -type RandomGenerator struct { -} - type Watchdog struct { Model string `xml:"model,attr"` Action string `xml:"action,attr"` Alias *Alias `xml:"alias,omitempty"` } -// TODO ballooning, rng, cpu ... +type Rng struct { + Model string `xml:"model,attr"` + Rate *RngRate `xml:"rate,omitempty"` + Backend *RngBackend `xml:"backend,omitempty"` +} + +type RngRate struct { + Period uint32 `xml:"period,attr"` + Bytes uint32 `xml:"bytes,attr"` +} + +type RngBackend struct { + Model string `xml:"model,attr"` + Source string `xml:",chardata"` +} + +// TODO ballooning, cpu ... type SecretUsage struct { Type string `xml:"type,attr"` From 02049f98de491be34bcb961c175a70d86d67fab5 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Fri, 27 Jul 2018 14:21:00 +0200 Subject: [PATCH 02/22] Add rng tests Signed-off-by: Petr Kotas --- pkg/virt-launcher/virtwrap/api/schema_test.go | 9 ++++++ tests/vmi_configuration_test.go | 30 +++++++++++++++++++ 2 files changed, 39 insertions(+) diff --git a/pkg/virt-launcher/virtwrap/api/schema_test.go b/pkg/virt-launcher/virtwrap/api/schema_test.go index 46a4186ae15e..c24c7cca6a0f 100644 --- a/pkg/virt-launcher/virtwrap/api/schema_test.go +++ b/pkg/virt-launcher/virtwrap/api/schema_test.go @@ -64,6 +64,10 @@ var exampleXML = ` + + + /dev/random + @@ -129,6 +133,11 @@ var _ = Describe("Schema", func() { Name: "mywatchdog", }, } + exampleDomain.Spec.Devices.Rng = &Rng{ + Model: "virtio", + Backend: &RngBackend{Source: "/dev/random", Model: "random"}, + Rate: &RngRate{Period: 2000, Bytes: 1234}, + } exampleDomain.Spec.Features = &Features{ ACPI: &FeatureEnabled{}, } diff --git a/tests/vmi_configuration_test.go b/tests/vmi_configuration_test.go index 2cd8f6cb16ed..c9170162f8e8 100644 --- a/tests/vmi_configuration_test.go +++ b/tests/vmi_configuration_test.go @@ -319,6 +319,36 @@ var _ = Describe("Configurations", func() { }) }) }) + + Context("with rng", func() { + var rngVmi *v1.VirtualMachineInstance + + BeforeEach(func() { + rngVmi = tests.NewRandomVMIWithEphemeralDisk(tests.RegistryDiskFor(tests.RegistryDiskAlpine)) + }) + + It("should have the virtio rng device present", func() { + rngVmi.Spec.Domain.Devices.Rng.Source = "/dev/urandom" + + By("Starting a VirtualMachineInstance") + rngVmi, err = virtClient.VirtualMachineInstance(tests.NamespaceTestDefault).Create(rngVmi) + Expect(err).ToNot(HaveOccurred()) + tests.WaitForSuccessfulVMIStart(rngVmi) + + By("Expecting the VirtualMachineInstance console") + expecter, err := tests.LoggedInAlpineExpecter(rngVmi) + Expect(err).ToNot(HaveOccurred()) + defer expecter.Close() + + By("Checking the virtio rng presence") + _, err = expecter.ExpectBatch([]expect.Batcher{ + &expect.BSnd{S: "grep -c ^virtio /sys/devices/virtual/misc/hw_random/rng_available\n"}, + &expect.BExp{R: "1"}, + }, 250*time.Second) + Expect(err).ToNot(HaveOccurred()) + }, 300) + + }) }) Context("with CPU spec", func() { From 4d9e553537cd165fa8cbb683d46838827f037633 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Fri, 27 Jul 2018 17:01:22 +0200 Subject: [PATCH 03/22] Fix nil reference Signed-off-by: Petr Kotas --- pkg/virt-launcher/virtwrap/api/converter.go | 8 ++++++-- tests/vmi_configuration_test.go | 4 +++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/pkg/virt-launcher/virtwrap/api/converter.go b/pkg/virt-launcher/virtwrap/api/converter.go index fe70cc1a51c0..55412d485505 100644 --- a/pkg/virt-launcher/virtwrap/api/converter.go +++ b/pkg/virt-launcher/virtwrap/api/converter.go @@ -248,7 +248,9 @@ func Convert_v1_Rng_To_api_Rng(source *v1.Rng, rng *Rng, _ *ConverterContext) er rng.Model = "virtio" // default backend model, random for /dev/random and /dev/urandom - rng.Backend.Model = "random" + rng.Backend = &RngBackend{ + Model: "random", + } // the source used to get the entropy if source.Source == "" { @@ -259,7 +261,9 @@ func Convert_v1_Rng_To_api_Rng(source *v1.Rng, rng *Rng, _ *ConverterContext) er // limiting factor used to limit the access to rng device // used to prevend ddos from guest machine if source.RateBytes != nil { - rng.Rate.Bytes = *source.RateBytes + rng.Rate = &RngRate{ + Bytes: *source.RateBytes, + } } if source.RatePeriod != nil { rng.Rate.Period = *source.RatePeriod diff --git a/tests/vmi_configuration_test.go b/tests/vmi_configuration_test.go index c9170162f8e8..69cf8cd0c9a0 100644 --- a/tests/vmi_configuration_test.go +++ b/tests/vmi_configuration_test.go @@ -328,7 +328,9 @@ var _ = Describe("Configurations", func() { }) It("should have the virtio rng device present", func() { - rngVmi.Spec.Domain.Devices.Rng.Source = "/dev/urandom" + rngVmi.Spec.Domain.Devices.Rng = &v1.Rng{ + Source: "/dev/urandom", + } By("Starting a VirtualMachineInstance") rngVmi, err = virtClient.VirtualMachineInstance(tests.NamespaceTestDefault).Create(rngVmi) From 835fda2575b22769352b3c04ef21f776153078eb Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Mon, 30 Jul 2018 18:13:36 +0200 Subject: [PATCH 04/22] Change test to the /dev/urandom Signed-off-by: Petr Kotas --- pkg/virt-launcher/virtwrap/api/schema_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/virt-launcher/virtwrap/api/schema_test.go b/pkg/virt-launcher/virtwrap/api/schema_test.go index c24c7cca6a0f..b36f1210c9a0 100644 --- a/pkg/virt-launcher/virtwrap/api/schema_test.go +++ b/pkg/virt-launcher/virtwrap/api/schema_test.go @@ -66,7 +66,7 @@ var exampleXML = ` - /dev/random + /dev/urandom @@ -135,7 +135,7 @@ var _ = Describe("Schema", func() { } exampleDomain.Spec.Devices.Rng = &Rng{ Model: "virtio", - Backend: &RngBackend{Source: "/dev/random", Model: "random"}, + Backend: &RngBackend{Source: "/dev/urandom", Model: "random"}, Rate: &RngRate{Period: 2000, Bytes: 1234}, } exampleDomain.Spec.Features = &Features{ From 6df0554f3ed6ad5125cf95e598d7b864b600078f Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Tue, 31 Jul 2018 13:50:13 +0200 Subject: [PATCH 05/22] Add generated files Signed-off-by: Petr Kotas --- api/openapi-spec/swagger.json | 21 +++++ manifests/generated/vm-resource.yaml | 12 +++ manifests/generated/vmi-resource.yaml | 12 +++ manifests/generated/vmipreset-resource.yaml | 12 +++ manifests/generated/vmirs-resource.yaml | 12 +++ pkg/api/v1/deepcopy_generated.go | 43 ++++++++++ pkg/api/v1/openapi_generated.go | 35 +++++++- pkg/api/v1/schema_swagger_generated.go | 7 ++ .../virtwrap/api/deepcopy_generated.go | 83 ++++++++++++++++--- .../virtwrap/api/deepcopy_test.go | 4 +- 10 files changed, 227 insertions(+), 14 deletions(-) diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index c2e850caa10d..25ac01c6ed6c 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -3383,6 +3383,10 @@ "$ref": "#/definitions/v1.Interface" } }, + "rng": { + "description": "Whether to have random number generator from host", + "$ref": "#/definitions/v1.Rng" + }, "watchdog": { "description": "Watchdog describes a watchdog device which can be added to the vmi.", "$ref": "#/definitions/v1.Watchdog" @@ -4292,6 +4296,23 @@ } } }, + "v1.Rng": { + "description": "Rng represents the random device passed from host", + "required": [ + "source" + ], + "properties": { + "rateBytes": { + "type": "integer" + }, + "ratePeriod": { + "type": "integer" + }, + "source": { + "type": "string" + } + } + }, "v1.ServerAddressByClientCIDR": { "description": "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.", "required": [ diff --git a/manifests/generated/vm-resource.yaml b/manifests/generated/vm-resource.yaml index 15a81d05d0d4..95669d20fcf1 100644 --- a/manifests/generated/vm-resource.yaml +++ b/manifests/generated/vm-resource.yaml @@ -132,6 +132,18 @@ spec: required: - name type: array + rng: + properties: + rateBytes: + format: int64 + type: integer + ratePeriod: + format: int64 + type: integer + source: + type: string + required: + - source watchdog: properties: i6300esb: diff --git a/manifests/generated/vmi-resource.yaml b/manifests/generated/vmi-resource.yaml index c61f92cde10a..9cec4e2befcf 100644 --- a/manifests/generated/vmi-resource.yaml +++ b/manifests/generated/vmi-resource.yaml @@ -125,6 +125,18 @@ spec: required: - name type: array + rng: + properties: + rateBytes: + format: int64 + type: integer + ratePeriod: + format: int64 + type: integer + source: + type: string + required: + - source watchdog: properties: i6300esb: diff --git a/manifests/generated/vmipreset-resource.yaml b/manifests/generated/vmipreset-resource.yaml index c04a87e47bb6..39b7292aa547 100644 --- a/manifests/generated/vmipreset-resource.yaml +++ b/manifests/generated/vmipreset-resource.yaml @@ -124,6 +124,18 @@ spec: required: - name type: array + rng: + properties: + rateBytes: + format: int64 + type: integer + ratePeriod: + format: int64 + type: integer + source: + type: string + required: + - source watchdog: properties: i6300esb: diff --git a/manifests/generated/vmirs-resource.yaml b/manifests/generated/vmirs-resource.yaml index 7a691a451d85..cc0ed3513017 100644 --- a/manifests/generated/vmirs-resource.yaml +++ b/manifests/generated/vmirs-resource.yaml @@ -136,6 +136,18 @@ spec: required: - name type: array + rng: + properties: + rateBytes: + format: int64 + type: integer + ratePeriod: + format: int64 + type: integer + source: + type: string + required: + - source watchdog: properties: i6300esb: diff --git a/pkg/api/v1/deepcopy_generated.go b/pkg/api/v1/deepcopy_generated.go index 06e851b6648c..1f3697cb4c08 100644 --- a/pkg/api/v1/deepcopy_generated.go +++ b/pkg/api/v1/deepcopy_generated.go @@ -222,6 +222,15 @@ func (in *Devices) DeepCopyInto(out *Devices) { **out = **in } } + if in.Rng != nil { + in, out := &in.Rng, &out.Rng + if *in == nil { + *out = nil + } else { + *out = new(Rng) + (*in).DeepCopyInto(*out) + } + } return } @@ -1212,6 +1221,40 @@ func (in *ResourceRequirements) DeepCopy() *ResourceRequirements { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Rng) DeepCopyInto(out *Rng) { + *out = *in + if in.RateBytes != nil { + in, out := &in.RateBytes, &out.RateBytes + if *in == nil { + *out = nil + } else { + *out = new(uint32) + **out = **in + } + } + if in.RatePeriod != nil { + in, out := &in.RatePeriod, &out.RatePeriod + if *in == nil { + *out = nil + } else { + *out = new(uint32) + **out = **in + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rng. +func (in *Rng) DeepCopy() *Rng { + if in == nil { + return nil + } + out := new(Rng) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Timer) DeepCopyInto(out *Timer) { *out = *in diff --git a/pkg/api/v1/openapi_generated.go b/pkg/api/v1/openapi_generated.go index 68e1d48cdd1b..3bb576458cb5 100644 --- a/pkg/api/v1/openapi_generated.go +++ b/pkg/api/v1/openapi_generated.go @@ -225,13 +225,17 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA Description: "Wheater to attach the default graphics device or not. VNC will not be available if set to false. Defaults to true.", Type: []string{"boolean"}, Format: "", + "rng": { + SchemaProps: spec.SchemaProps{ + Description: "Whether to have random number generator from host", + Ref: ref("kubevirt.io/kubevirt/pkg/api/v1.Rng"), }, }, }, }, }, Dependencies: []string{ - "kubevirt.io/kubevirt/pkg/api/v1.Disk", "kubevirt.io/kubevirt/pkg/api/v1.Interface", "kubevirt.io/kubevirt/pkg/api/v1.Watchdog"}, + "kubevirt.io/kubevirt/pkg/api/v1.Disk", "kubevirt.io/kubevirt/pkg/api/v1.Interface", "kubevirt.io/kubevirt/pkg/api/v1.Rng", "kubevirt.io/kubevirt/pkg/api/v1.Watchdog"}, }, "kubevirt.io/kubevirt/pkg/api/v1.Disk": { Schema: spec.Schema{ @@ -1191,6 +1195,35 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA Dependencies: []string{ "k8s.io/apimachinery/pkg/api/resource.Quantity"}, }, + "kubevirt.io/kubevirt/pkg/api/v1.Rng": { + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Rng represents the random device passed from host", + Properties: map[string]spec.Schema{ + "source": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", + }, + }, + "rateBytes": { + SchemaProps: spec.SchemaProps{ + Type: []string{"integer"}, + Format: "int64", + }, + }, + "ratePeriod": { + SchemaProps: spec.SchemaProps{ + Type: []string{"integer"}, + Format: "int64", + }, + }, + }, + Required: []string{"source"}, + }, + }, + Dependencies: []string{}, + }, "kubevirt.io/kubevirt/pkg/api/v1.Timer": { Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ diff --git a/pkg/api/v1/schema_swagger_generated.go b/pkg/api/v1/schema_swagger_generated.go index e2f5b66942aa..18a6d70a7a21 100644 --- a/pkg/api/v1/schema_swagger_generated.go +++ b/pkg/api/v1/schema_swagger_generated.go @@ -87,6 +87,7 @@ func (Devices) SwaggerDoc() map[string]string { "interfaces": "Interfaces describe network interfaces which are added to the vm.", "autoattachPodInterface": "Whether to attach a pod network interface. Defaults to true.", "autoattachGraphicsDevice": "Wheater to attach the default graphics device or not.\nVNC will not be available if set to false. Defaults to true.", + "rng": "Whether to have random number generator from host", } } @@ -369,3 +370,9 @@ func (PodNetwork) SwaggerDoc() map[string]string { "vmNetworkCIDR": "CIDR for vm network.\nDefault 10.0.2.0/24 if not specified.", } } + +func (Rng) SwaggerDoc() map[string]string { + return map[string]string{ + "": "Rng represents the random device passed from host", + } +} diff --git a/pkg/virt-launcher/virtwrap/api/deepcopy_generated.go b/pkg/virt-launcher/virtwrap/api/deepcopy_generated.go index 8553aa151959..bb90e52f3de6 100644 --- a/pkg/virt-launcher/virtwrap/api/deepcopy_generated.go +++ b/pkg/virt-launcher/virtwrap/api/deepcopy_generated.go @@ -590,6 +590,15 @@ func (in *Devices) DeepCopyInto(out *Devices) { (*in).DeepCopyInto(*out) } } + if in.Rng != nil { + in, out := &in.Rng, &out.Rng + if *in == nil { + *out = nil + } else { + *out = new(Rng) + (*in).DeepCopyInto(*out) + } + } return } @@ -1668,49 +1677,99 @@ func (in *OSType) DeepCopy() *OSType { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RandomGenerator) DeepCopyInto(out *RandomGenerator) { +func (in *ReadOnly) DeepCopyInto(out *ReadOnly) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RandomGenerator. -func (in *RandomGenerator) DeepCopy() *RandomGenerator { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReadOnly. +func (in *ReadOnly) DeepCopy() *ReadOnly { if in == nil { return nil } - out := new(RandomGenerator) + out := new(ReadOnly) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ReadOnly) DeepCopyInto(out *ReadOnly) { +func (in *Resource) DeepCopyInto(out *Resource) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReadOnly. -func (in *ReadOnly) DeepCopy() *ReadOnly { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Resource. +func (in *Resource) DeepCopy() *Resource { if in == nil { return nil } - out := new(ReadOnly) + out := new(Resource) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Resource) DeepCopyInto(out *Resource) { +func (in *Rng) DeepCopyInto(out *Rng) { + *out = *in + if in.Rate != nil { + in, out := &in.Rate, &out.Rate + if *in == nil { + *out = nil + } else { + *out = new(RngRate) + **out = **in + } + } + if in.Backend != nil { + in, out := &in.Backend, &out.Backend + if *in == nil { + *out = nil + } else { + *out = new(RngBackend) + **out = **in + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rng. +func (in *Rng) DeepCopy() *Rng { + if in == nil { + return nil + } + out := new(Rng) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RngBackend) DeepCopyInto(out *RngBackend) { *out = *in return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Resource. -func (in *Resource) DeepCopy() *Resource { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RngBackend. +func (in *RngBackend) DeepCopy() *RngBackend { if in == nil { return nil } - out := new(Resource) + out := new(RngBackend) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RngRate) DeepCopyInto(out *RngRate) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RngRate. +func (in *RngRate) DeepCopy() *RngRate { + if in == nil { + return nil + } + out := new(RngRate) in.DeepCopyInto(out) return out } diff --git a/pkg/virt-launcher/virtwrap/api/deepcopy_test.go b/pkg/virt-launcher/virtwrap/api/deepcopy_test.go index fd0b3409eaf5..940fe36ed969 100644 --- a/pkg/virt-launcher/virtwrap/api/deepcopy_test.go +++ b/pkg/virt-launcher/virtwrap/api/deepcopy_test.go @@ -75,7 +75,9 @@ var _ = Describe("Generated deepcopy functions", func() { &GraphicsListen{}, &Address{}, &Ballooning{}, - &RandomGenerator{}, + &Rng{}, + &RngBackend{}, + &RngRate{}, &Watchdog{}, &SecretUsage{}, &SecretSpec{}, From acad07ce02b38f28a7877d05476eb44ddcdc56b0 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Tue, 31 Jul 2018 14:32:23 +0200 Subject: [PATCH 06/22] Add API schema test Signed-off-by: Petr Kotas --- pkg/api/v1/schema_test.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkg/api/v1/schema_test.go b/pkg/api/v1/schema_test.go index f0a927343787..9ddc6212b5e0 100644 --- a/pkg/api/v1/schema_test.go +++ b/pkg/api/v1/schema_test.go @@ -166,7 +166,10 @@ var exampleJSON = `{ "name": "default", {{.InterfaceConfig}} } - ] + ], + "rng": { + "source": "/dev/urandom" + } } }, "volumes": [ @@ -262,6 +265,10 @@ var _ = Describe("Schema", func() { }, } + exampleVMI.Spec.Domain.Devices.Rng = &Rng{ + Source: "/dev/urandom", + } + exampleVMI.Spec.Volumes = []Volume{ { Name: "volume0", From f1861650880a0d5748e5035bb5a35a151d2a85b2 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Tue, 31 Jul 2018 14:32:45 +0200 Subject: [PATCH 07/22] Add virtio preset Signed-off-by: Petr Kotas --- cluster/examples/vmi-preset-virtiorng.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 cluster/examples/vmi-preset-virtiorng.yaml diff --git a/cluster/examples/vmi-preset-virtiorng.yaml b/cluster/examples/vmi-preset-virtiorng.yaml new file mode 100644 index 000000000000..4880262984de --- /dev/null +++ b/cluster/examples/vmi-preset-virtiorng.yaml @@ -0,0 +1,13 @@ +apiVersion: kubevirt.io/v1alpha2 +kind: VirtualMachineInstancePreset +metadata: + creationTimestamp: null + name: vmi-preset-virtiorng +spec: + domain: + devices: + rng: + source: /dev/urandom + selector: + matchLabels: + kubevirt.io/vmPreset: vmi-preset-virtiorng From 2ecaff3e3349aa1b0e9c4235f2c44a07cac0300b Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Tue, 31 Jul 2018 16:23:21 +0200 Subject: [PATCH 08/22] Add rng default Signed-off-by: Petr Kotas --- pkg/virt-launcher/virtwrap/api/converter.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pkg/virt-launcher/virtwrap/api/converter.go b/pkg/virt-launcher/virtwrap/api/converter.go index 55412d485505..9db87ceb55da 100644 --- a/pkg/virt-launcher/virtwrap/api/converter.go +++ b/pkg/virt-launcher/virtwrap/api/converter.go @@ -472,6 +472,15 @@ func Convert_v1_VirtualMachine_To_api_Domain(vmi *v1.VirtualMachineInstance, dom return err } domain.Spec.Devices.Rng = newRng + } else { + // if the Rng is not present in the config, provide sane default + newRng := &Rng{} + newRng.Backend = &RngBackend{ + Model: "random", + Source: "/dev/urandom", + } + newRng.Model = "virtio" + domain.Spec.Devices.Rng = newRng } if vmi.Spec.Domain.Clock != nil { From 22dfa296c92833a7cdd497d7b30362087db119d3 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Tue, 31 Jul 2018 16:26:44 +0200 Subject: [PATCH 09/22] Add struct comments Signed-off-by: Petr Kotas --- pkg/api/v1/schema.go | 12 ++++++++++-- pkg/virt-launcher/virtwrap/api/schema.go | 18 ++++++++++++++---- 2 files changed, 24 insertions(+), 6 deletions(-) diff --git a/pkg/api/v1/schema.go b/pkg/api/v1/schema.go index 84e0e18442b8..67dd3bbea5b1 100644 --- a/pkg/api/v1/schema.go +++ b/pkg/api/v1/schema.go @@ -189,6 +189,8 @@ type Devices struct { // VNC will not be available if set to false. Defaults to true. AutoattachGraphicsDevice *bool `json:"autoattachGraphicsDevice,omitempty"` // Whether to have random number generator from host + // Defaults to Rng enabled + // +optional Rng *Rng `json:"rng,omitempty"` } @@ -787,7 +789,13 @@ type PodNetwork struct { // --- // +k8s:openapi-gen=true type Rng struct { - Source string `json:"source"` - RateBytes *uint32 `json:"rateBytes,omitempty"` + // Source sets the host source used to provide entropy + Source string `json:"source"` + // RateBytes limit the amount of bytes that the VM can read from entropy source + // per period + // +optional + RateBytes *uint32 `json:"rateBytes,omitempty"` + // RatePeriod sets the length of a read period + // +optional RatePeriod *uint32 `json:"ratePeriod,omitempty"` } diff --git a/pkg/virt-launcher/virtwrap/api/schema.go b/pkg/virt-launcher/virtwrap/api/schema.go index 11a591b6a498..72c4ac021b57 100644 --- a/pkg/virt-launcher/virtwrap/api/schema.go +++ b/pkg/virt-launcher/virtwrap/api/schema.go @@ -580,19 +580,29 @@ type Watchdog struct { Alias *Alias `xml:"alias,omitempty"` } +// Rng represents the source of entropy from host to VM type Rng struct { - Model string `xml:"model,attr"` - Rate *RngRate `xml:"rate,omitempty"` + // Model attribute specifies what type of RNG device is provided + Model string `xml:"model,attr"` + // Rate element allows limiting the rate at which entropy can be consumed from the source + Rate *RngRate `xml:"rate,omitempty"` + // Backend specifies the source of entropy to be used Backend *RngBackend `xml:"backend,omitempty"` } +// RngRate sets the limiting factor how to read from entropy source type RngRate struct { + // Period define how long is the read period Period uint32 `xml:"period,attr"` - Bytes uint32 `xml:"bytes,attr"` + // Bytes define how many bytes can guest read from entropy source + Bytes uint32 `xml:"bytes,attr"` } +// RngBackend is the backend device used type RngBackend struct { - Model string `xml:"model,attr"` + // Model is source model + Model string `xml:"model,attr"` + // specifies the source of entropy to be used Source string `xml:",chardata"` } From a8dbd467d14a148edd9386a1eed1a6e1448dcb7c Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Thu, 2 Aug 2018 13:44:07 +0200 Subject: [PATCH 10/22] Add Rng enabled switch Signed-off-by: Petr Kotas --- pkg/api/v1/schema.go | 9 ++------- pkg/api/v1/schema_test.go | 4 +++- 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/pkg/api/v1/schema.go b/pkg/api/v1/schema.go index 67dd3bbea5b1..5b6be2830c79 100644 --- a/pkg/api/v1/schema.go +++ b/pkg/api/v1/schema.go @@ -789,13 +789,8 @@ type PodNetwork struct { // --- // +k8s:openapi-gen=true type Rng struct { + // Enabled defines whether use or do not use Virtio Rng + Enabled bool `json:"enabled"` // Source sets the host source used to provide entropy Source string `json:"source"` - // RateBytes limit the amount of bytes that the VM can read from entropy source - // per period - // +optional - RateBytes *uint32 `json:"rateBytes,omitempty"` - // RatePeriod sets the length of a read period - // +optional - RatePeriod *uint32 `json:"ratePeriod,omitempty"` } diff --git a/pkg/api/v1/schema_test.go b/pkg/api/v1/schema_test.go index 9ddc6212b5e0..f55ea129025b 100644 --- a/pkg/api/v1/schema_test.go +++ b/pkg/api/v1/schema_test.go @@ -168,6 +168,7 @@ var exampleJSON = `{ } ], "rng": { + "enabled": true, "source": "/dev/urandom" } } @@ -266,7 +267,8 @@ var _ = Describe("Schema", func() { } exampleVMI.Spec.Domain.Devices.Rng = &Rng{ - Source: "/dev/urandom", + Enabled: true, + Source: "/dev/urandom", } exampleVMI.Spec.Volumes = []Volume{ From 74610a652f69dffa0c79fca09e156f3516a199ac Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Thu, 2 Aug 2018 13:44:40 +0200 Subject: [PATCH 11/22] Add Rng defaulting Signed-off-by: Petr Kotas --- pkg/api/v1/defaults.go | 11 +++++++++++ pkg/api/v1/defaults_test.go | 8 ++++++++ 2 files changed, 19 insertions(+) diff --git a/pkg/api/v1/defaults.go b/pkg/api/v1/defaults.go index 25d4eadffa02..a8f1c2d98588 100644 --- a/pkg/api/v1/defaults.go +++ b/pkg/api/v1/defaults.go @@ -111,6 +111,12 @@ func SetDefaults_Firmware(obj *Firmware) { } } +func SetDefaults_Rng(obj *Rng) { + if obj.Source == "" { + obj.Source = "/dev/urandom" + } +} + func SetDefaults_VirtualMachineInstance(obj *VirtualMachineInstance) { // FIXME we need proper validation and configurable defaulting instead of this if _, exists := obj.Spec.Domain.Resources.Requests[v1.ResourceMemory]; !exists { @@ -128,6 +134,11 @@ func SetDefaults_VirtualMachineInstance(obj *VirtualMachineInstance) { if obj.Spec.Domain.Machine.Type == "" { obj.Spec.Domain.Machine.Type = "q35" } + if obj.Spec.Domain.Devices.Rng == nil { + obj.Spec.Domain.Devices.Rng = &Rng{ + Enabled: true, + } + } setDefaults_DiskFromMachineType(obj) SetDefaults_NetworkInterface(obj) } diff --git a/pkg/api/v1/defaults_test.go b/pkg/api/v1/defaults_test.go index c98fcfad9fad..8711f293a5af 100644 --- a/pkg/api/v1/defaults_test.go +++ b/pkg/api/v1/defaults_test.go @@ -244,6 +244,14 @@ var _ = Describe("Defaults", func() { Expect(*timer.RTC.Enabled).To(BeTrue()) Expect(*timer.Hyperv.Enabled).To(BeTrue()) }) + + It("should add RNG if it is unspecified and set the default source", func() { + vmi := &VirtualMachineInstance{} + SetObjectDefaults_VirtualMachineInstance(vmi) + Expect(vmi.Spec.Domain.Devices.Rng.Enabled).To(BeTrue()) + Expect(vmi.Spec.Domain.Devices.Rng.Source).To(Equal("/dev/urandom")) + }) + }) var _ = Describe("Function SetDefaults_NetworkInterface()", func() { From c5c51b265a5067fbdab57bb2ed31069682578f31 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Thu, 2 Aug 2018 15:22:28 +0200 Subject: [PATCH 12/22] Remove rate params from virtio rng Signed-off-by: Petr Kotas --- pkg/virt-launcher/virtwrap/api/converter.go | 23 ++++++------------- .../virtwrap/api/converter_test.go | 16 +++++++++++++ pkg/virt-launcher/virtwrap/api/schema.go | 2 -- pkg/virt-launcher/virtwrap/api/schema_test.go | 2 -- 4 files changed, 23 insertions(+), 20 deletions(-) diff --git a/pkg/virt-launcher/virtwrap/api/converter.go b/pkg/virt-launcher/virtwrap/api/converter.go index 9db87ceb55da..15caab56db4a 100644 --- a/pkg/virt-launcher/virtwrap/api/converter.go +++ b/pkg/virt-launcher/virtwrap/api/converter.go @@ -258,17 +258,6 @@ func Convert_v1_Rng_To_api_Rng(source *v1.Rng, rng *Rng, _ *ConverterContext) er } rng.Backend.Source = source.Source - // limiting factor used to limit the access to rng device - // used to prevend ddos from guest machine - if source.RateBytes != nil { - rng.Rate = &RngRate{ - Bytes: *source.RateBytes, - } - } - if source.RatePeriod != nil { - rng.Rate.Period = *source.RatePeriod - } - return nil } @@ -466,12 +455,14 @@ func Convert_v1_VirtualMachine_To_api_Domain(vmi *v1.VirtualMachineInstance, dom } if vmi.Spec.Domain.Devices.Rng != nil { - newRng := &Rng{} - err := Convert_v1_Rng_To_api_Rng(vmi.Spec.Domain.Devices.Rng, newRng, c) - if err != nil { - return err + if vmi.Spec.Domain.Devices.Rng.Enabled { + newRng := &Rng{} + err := Convert_v1_Rng_To_api_Rng(vmi.Spec.Domain.Devices.Rng, newRng, c) + if err != nil { + return err + } + domain.Spec.Devices.Rng = newRng } - domain.Spec.Devices.Rng = newRng } else { // if the Rng is not present in the config, provide sane default newRng := &Rng{} diff --git a/pkg/virt-launcher/virtwrap/api/converter_test.go b/pkg/virt-launcher/virtwrap/api/converter_test.go index 0f54aeecb220..4929a575d71d 100644 --- a/pkg/virt-launcher/virtwrap/api/converter_test.go +++ b/pkg/virt-launcher/virtwrap/api/converter_test.go @@ -391,6 +391,9 @@ var _ = Describe("Converter", func() { + + /dev/urandom + @@ -593,6 +596,19 @@ var _ = Describe("Converter", func() { Expect(domainSpec.Memory.Unit).To(Equal("B")) }) + It("should not add RNG when disabled", func() { + vmi.Spec.Domain.Devices.Rng.Enabled = false + domainSpec := vmiToDomainXMLToDomainSpec(vmi, c) + Expect(domainSpec.Devices.Rng).To(BeNil()) + }) + + It("should set default source for RNG when enabled", func() { + vmi.Spec.Domain.Devices.Rng.Enabled = true + domainSpec := vmiToDomainXMLToDomainSpec(vmi, c) + Expect(domainSpec.Devices.Rng.Backend.Source).To(Equal("/dev/urandom")) + fmt.Println(vmiToDomainXML(vmi, c)) + }) + }) Context("Network convert", func() { var vmi *v1.VirtualMachineInstance diff --git a/pkg/virt-launcher/virtwrap/api/schema.go b/pkg/virt-launcher/virtwrap/api/schema.go index 72c4ac021b57..80802e05cddc 100644 --- a/pkg/virt-launcher/virtwrap/api/schema.go +++ b/pkg/virt-launcher/virtwrap/api/schema.go @@ -584,8 +584,6 @@ type Watchdog struct { type Rng struct { // Model attribute specifies what type of RNG device is provided Model string `xml:"model,attr"` - // Rate element allows limiting the rate at which entropy can be consumed from the source - Rate *RngRate `xml:"rate,omitempty"` // Backend specifies the source of entropy to be used Backend *RngBackend `xml:"backend,omitempty"` } diff --git a/pkg/virt-launcher/virtwrap/api/schema_test.go b/pkg/virt-launcher/virtwrap/api/schema_test.go index b36f1210c9a0..050664bc5afc 100644 --- a/pkg/virt-launcher/virtwrap/api/schema_test.go +++ b/pkg/virt-launcher/virtwrap/api/schema_test.go @@ -65,7 +65,6 @@ var exampleXML = ` - /dev/urandom @@ -136,7 +135,6 @@ var _ = Describe("Schema", func() { exampleDomain.Spec.Devices.Rng = &Rng{ Model: "virtio", Backend: &RngBackend{Source: "/dev/urandom", Model: "random"}, - Rate: &RngRate{Period: 2000, Bytes: 1234}, } exampleDomain.Spec.Features = &Features{ ACPI: &FeatureEnabled{}, From 290382f9cd80f6ed9a4de5199c941050bcf949d3 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Thu, 2 Aug 2018 15:28:03 +0200 Subject: [PATCH 13/22] Add generated files Signed-off-by: Petr Kotas --- api/openapi-spec/swagger.json | 12 +++++----- manifests/generated/vm-resource.yaml | 9 +++---- manifests/generated/vmi-resource.yaml | 9 +++---- manifests/generated/vmipreset-resource.yaml | 9 +++---- manifests/generated/vmirs-resource.yaml | 9 +++---- pkg/api/v1/deepcopy_generated.go | 20 +--------------- pkg/api/v1/openapi_generated.go | 24 ++++++++----------- pkg/api/v1/schema_swagger_generated.go | 6 +++-- pkg/api/v1/zz_generated.defaults.go | 12 ++++++++++ .../virtwrap/api/deepcopy_generated.go | 9 ------- 10 files changed, 45 insertions(+), 74 deletions(-) diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index 25ac01c6ed6c..a2bbf2e4aff5 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -3384,7 +3384,7 @@ } }, "rng": { - "description": "Whether to have random number generator from host", + "description": "Whether to have random number generator from host\nDefaults to Rng enabled\n+optional", "$ref": "#/definitions/v1.Rng" }, "watchdog": { @@ -4299,16 +4299,16 @@ "v1.Rng": { "description": "Rng represents the random device passed from host", "required": [ + "enabled", "source" ], "properties": { - "rateBytes": { - "type": "integer" - }, - "ratePeriod": { - "type": "integer" + "enabled": { + "description": "Enabled defines whether use or do not use Virtio Rng", + "type": "boolean" }, "source": { + "description": "Source sets the host source used to provide entropy", "type": "string" } } diff --git a/manifests/generated/vm-resource.yaml b/manifests/generated/vm-resource.yaml index 95669d20fcf1..23e2fefee43e 100644 --- a/manifests/generated/vm-resource.yaml +++ b/manifests/generated/vm-resource.yaml @@ -134,15 +134,12 @@ spec: type: array rng: properties: - rateBytes: - format: int64 - type: integer - ratePeriod: - format: int64 - type: integer + enabled: + type: boolean source: type: string required: + - enabled - source watchdog: properties: diff --git a/manifests/generated/vmi-resource.yaml b/manifests/generated/vmi-resource.yaml index 9cec4e2befcf..bb72b8d37b2b 100644 --- a/manifests/generated/vmi-resource.yaml +++ b/manifests/generated/vmi-resource.yaml @@ -127,15 +127,12 @@ spec: type: array rng: properties: - rateBytes: - format: int64 - type: integer - ratePeriod: - format: int64 - type: integer + enabled: + type: boolean source: type: string required: + - enabled - source watchdog: properties: diff --git a/manifests/generated/vmipreset-resource.yaml b/manifests/generated/vmipreset-resource.yaml index 39b7292aa547..c7fbe3c142cb 100644 --- a/manifests/generated/vmipreset-resource.yaml +++ b/manifests/generated/vmipreset-resource.yaml @@ -126,15 +126,12 @@ spec: type: array rng: properties: - rateBytes: - format: int64 - type: integer - ratePeriod: - format: int64 - type: integer + enabled: + type: boolean source: type: string required: + - enabled - source watchdog: properties: diff --git a/manifests/generated/vmirs-resource.yaml b/manifests/generated/vmirs-resource.yaml index cc0ed3513017..07fd64c89396 100644 --- a/manifests/generated/vmirs-resource.yaml +++ b/manifests/generated/vmirs-resource.yaml @@ -138,15 +138,12 @@ spec: type: array rng: properties: - rateBytes: - format: int64 - type: integer - ratePeriod: - format: int64 - type: integer + enabled: + type: boolean source: type: string required: + - enabled - source watchdog: properties: diff --git a/pkg/api/v1/deepcopy_generated.go b/pkg/api/v1/deepcopy_generated.go index 1f3697cb4c08..330c37f3defa 100644 --- a/pkg/api/v1/deepcopy_generated.go +++ b/pkg/api/v1/deepcopy_generated.go @@ -228,7 +228,7 @@ func (in *Devices) DeepCopyInto(out *Devices) { *out = nil } else { *out = new(Rng) - (*in).DeepCopyInto(*out) + **out = **in } } return @@ -1224,24 +1224,6 @@ func (in *ResourceRequirements) DeepCopy() *ResourceRequirements { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Rng) DeepCopyInto(out *Rng) { *out = *in - if in.RateBytes != nil { - in, out := &in.RateBytes, &out.RateBytes - if *in == nil { - *out = nil - } else { - *out = new(uint32) - **out = **in - } - } - if in.RatePeriod != nil { - in, out := &in.RatePeriod, &out.RatePeriod - if *in == nil { - *out = nil - } else { - *out = new(uint32) - **out = **in - } - } return } diff --git a/pkg/api/v1/openapi_generated.go b/pkg/api/v1/openapi_generated.go index 3bb576458cb5..51265c930539 100644 --- a/pkg/api/v1/openapi_generated.go +++ b/pkg/api/v1/openapi_generated.go @@ -227,7 +227,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA Format: "", "rng": { SchemaProps: spec.SchemaProps{ - Description: "Whether to have random number generator from host", + Description: "Whether to have random number generator from host Defaults to Rng enabled", Ref: ref("kubevirt.io/kubevirt/pkg/api/v1.Rng"), }, }, @@ -1200,26 +1200,22 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA SchemaProps: spec.SchemaProps{ Description: "Rng represents the random device passed from host", Properties: map[string]spec.Schema{ - "source": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "rateBytes": { + "enabled": { SchemaProps: spec.SchemaProps{ - Type: []string{"integer"}, - Format: "int64", + Description: "Enabled defines whether use or do not use Virtio Rng", + Type: []string{"boolean"}, + Format: "", }, }, - "ratePeriod": { + "source": { SchemaProps: spec.SchemaProps{ - Type: []string{"integer"}, - Format: "int64", + Description: "Source sets the host source used to provide entropy", + Type: []string{"string"}, + Format: "", }, }, }, - Required: []string{"source"}, + Required: []string{"enabled", "source"}, }, }, Dependencies: []string{}, diff --git a/pkg/api/v1/schema_swagger_generated.go b/pkg/api/v1/schema_swagger_generated.go index 18a6d70a7a21..e04d75ad32d5 100644 --- a/pkg/api/v1/schema_swagger_generated.go +++ b/pkg/api/v1/schema_swagger_generated.go @@ -87,7 +87,7 @@ func (Devices) SwaggerDoc() map[string]string { "interfaces": "Interfaces describe network interfaces which are added to the vm.", "autoattachPodInterface": "Whether to attach a pod network interface. Defaults to true.", "autoattachGraphicsDevice": "Wheater to attach the default graphics device or not.\nVNC will not be available if set to false. Defaults to true.", - "rng": "Whether to have random number generator from host", + "rng": "Whether to have random number generator from host\nDefaults to Rng enabled\n+optional", } } @@ -373,6 +373,8 @@ func (PodNetwork) SwaggerDoc() map[string]string { func (Rng) SwaggerDoc() map[string]string { return map[string]string{ - "": "Rng represents the random device passed from host", + "": "Rng represents the random device passed from host", + "enabled": "Enabled defines whether use or do not use Virtio Rng", + "source": "Source sets the host source used to provide entropy", } } diff --git a/pkg/api/v1/zz_generated.defaults.go b/pkg/api/v1/zz_generated.defaults.go index c8ecaa5a9f84..33c990d2feed 100644 --- a/pkg/api/v1/zz_generated.defaults.go +++ b/pkg/api/v1/zz_generated.defaults.go @@ -122,6 +122,9 @@ func SetObjectDefaults_VirtualMachine(in *VirtualMachine) { SetDefaults_I6300ESBWatchdog(in.Spec.Template.Spec.Domain.Devices.Watchdog.WatchdogDevice.I6300ESB) } } + if in.Spec.Template.Spec.Domain.Devices.Rng != nil { + SetDefaults_Rng(in.Spec.Template.Spec.Domain.Devices.Rng) + } } } @@ -200,6 +203,9 @@ func SetObjectDefaults_VirtualMachineInstance(in *VirtualMachineInstance) { SetDefaults_I6300ESBWatchdog(in.Spec.Domain.Devices.Watchdog.WatchdogDevice.I6300ESB) } } + if in.Spec.Domain.Devices.Rng != nil { + SetDefaults_Rng(in.Spec.Domain.Devices.Rng) + } } func SetObjectDefaults_VirtualMachineInstanceList(in *VirtualMachineInstanceList) { @@ -284,6 +290,9 @@ func SetObjectDefaults_VirtualMachineInstancePreset(in *VirtualMachineInstancePr SetDefaults_I6300ESBWatchdog(in.Spec.Domain.Devices.Watchdog.WatchdogDevice.I6300ESB) } } + if in.Spec.Domain.Devices.Rng != nil { + SetDefaults_Rng(in.Spec.Domain.Devices.Rng) + } } } @@ -369,6 +378,9 @@ func SetObjectDefaults_VirtualMachineInstanceReplicaSet(in *VirtualMachineInstan SetDefaults_I6300ESBWatchdog(in.Spec.Template.Spec.Domain.Devices.Watchdog.WatchdogDevice.I6300ESB) } } + if in.Spec.Template.Spec.Domain.Devices.Rng != nil { + SetDefaults_Rng(in.Spec.Template.Spec.Domain.Devices.Rng) + } } } diff --git a/pkg/virt-launcher/virtwrap/api/deepcopy_generated.go b/pkg/virt-launcher/virtwrap/api/deepcopy_generated.go index bb90e52f3de6..4d89edc4f3b1 100644 --- a/pkg/virt-launcher/virtwrap/api/deepcopy_generated.go +++ b/pkg/virt-launcher/virtwrap/api/deepcopy_generated.go @@ -1711,15 +1711,6 @@ func (in *Resource) DeepCopy() *Resource { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Rng) DeepCopyInto(out *Rng) { *out = *in - if in.Rate != nil { - in, out := &in.Rate, &out.Rate - if *in == nil { - *out = nil - } else { - *out = new(RngRate) - **out = **in - } - } if in.Backend != nil { in, out := &in.Backend, &out.Backend if *in == nil { From 20453d46e12ce8659d6d7b47bd7b268217c5e63f Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Thu, 2 Aug 2018 15:28:17 +0200 Subject: [PATCH 14/22] Delete virtio rng preset Signed-off-by: Petr Kotas --- cluster/examples/vmi-preset-virtiorng.yaml | 13 ------------- 1 file changed, 13 deletions(-) delete mode 100644 cluster/examples/vmi-preset-virtiorng.yaml diff --git a/cluster/examples/vmi-preset-virtiorng.yaml b/cluster/examples/vmi-preset-virtiorng.yaml deleted file mode 100644 index 4880262984de..000000000000 --- a/cluster/examples/vmi-preset-virtiorng.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: kubevirt.io/v1alpha2 -kind: VirtualMachineInstancePreset -metadata: - creationTimestamp: null - name: vmi-preset-virtiorng -spec: - domain: - devices: - rng: - source: /dev/urandom - selector: - matchLabels: - kubevirt.io/vmPreset: vmi-preset-virtiorng From 5457ead45c326b0626842d30e1441ccf61ffcf47 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Fri, 3 Aug 2018 08:00:35 +0200 Subject: [PATCH 15/22] Remove debug print from tests Signed-off-by: Petr Kotas --- pkg/virt-launcher/virtwrap/api/converter_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/pkg/virt-launcher/virtwrap/api/converter_test.go b/pkg/virt-launcher/virtwrap/api/converter_test.go index 4929a575d71d..bb637ecc6dea 100644 --- a/pkg/virt-launcher/virtwrap/api/converter_test.go +++ b/pkg/virt-launcher/virtwrap/api/converter_test.go @@ -606,7 +606,6 @@ var _ = Describe("Converter", func() { vmi.Spec.Domain.Devices.Rng.Enabled = true domainSpec := vmiToDomainXMLToDomainSpec(vmi, c) Expect(domainSpec.Devices.Rng.Backend.Source).To(Equal("/dev/urandom")) - fmt.Println(vmiToDomainXML(vmi, c)) }) }) From caaf46f214e2ee37ac37423cc84188ff60b0e1b3 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Fri, 3 Aug 2018 08:01:31 +0200 Subject: [PATCH 16/22] Remove not used else in rng converter Signed-off-by: Petr Kotas --- pkg/virt-launcher/virtwrap/api/converter.go | 9 --------- 1 file changed, 9 deletions(-) diff --git a/pkg/virt-launcher/virtwrap/api/converter.go b/pkg/virt-launcher/virtwrap/api/converter.go index 15caab56db4a..db679a6ecc4b 100644 --- a/pkg/virt-launcher/virtwrap/api/converter.go +++ b/pkg/virt-launcher/virtwrap/api/converter.go @@ -463,15 +463,6 @@ func Convert_v1_VirtualMachine_To_api_Domain(vmi *v1.VirtualMachineInstance, dom } domain.Spec.Devices.Rng = newRng } - } else { - // if the Rng is not present in the config, provide sane default - newRng := &Rng{} - newRng.Backend = &RngBackend{ - Model: "random", - Source: "/dev/urandom", - } - newRng.Model = "virtio" - domain.Spec.Devices.Rng = newRng } if vmi.Spec.Domain.Clock != nil { From 2a59f4b61c6dca40379a183d4f73d397fa6aaaa7 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Fri, 3 Aug 2018 08:32:44 +0200 Subject: [PATCH 17/22] Regenerate generated files Signed-off-by: Petr Kotas --- pkg/api/v1/openapi_generated.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkg/api/v1/openapi_generated.go b/pkg/api/v1/openapi_generated.go index 51265c930539..5894d61030f2 100644 --- a/pkg/api/v1/openapi_generated.go +++ b/pkg/api/v1/openapi_generated.go @@ -225,6 +225,8 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA Description: "Wheater to attach the default graphics device or not. VNC will not be available if set to false. Defaults to true.", Type: []string{"boolean"}, Format: "", + }, + }, "rng": { SchemaProps: spec.SchemaProps{ Description: "Whether to have random number generator from host Defaults to Rng enabled", From 73e5512592aafed65d432f540f63dd8d0c3bce03 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Fri, 3 Aug 2018 11:17:06 +0200 Subject: [PATCH 18/22] Change Enabled -> Disabled in RNG device config --- pkg/api/v1/defaults.go | 6 ++---- pkg/api/v1/defaults_test.go | 19 ++++++++++++++++++- pkg/api/v1/schema.go | 6 ++++-- pkg/api/v1/schema_test.go | 6 +++--- 4 files changed, 27 insertions(+), 10 deletions(-) diff --git a/pkg/api/v1/defaults.go b/pkg/api/v1/defaults.go index a8f1c2d98588..423c9dbc6016 100644 --- a/pkg/api/v1/defaults.go +++ b/pkg/api/v1/defaults.go @@ -112,7 +112,7 @@ func SetDefaults_Firmware(obj *Firmware) { } func SetDefaults_Rng(obj *Rng) { - if obj.Source == "" { + if obj.Source == "" && !obj.Disabled { obj.Source = "/dev/urandom" } } @@ -135,9 +135,7 @@ func SetDefaults_VirtualMachineInstance(obj *VirtualMachineInstance) { obj.Spec.Domain.Machine.Type = "q35" } if obj.Spec.Domain.Devices.Rng == nil { - obj.Spec.Domain.Devices.Rng = &Rng{ - Enabled: true, - } + obj.Spec.Domain.Devices.Rng = &Rng{} } setDefaults_DiskFromMachineType(obj) SetDefaults_NetworkInterface(obj) diff --git a/pkg/api/v1/defaults_test.go b/pkg/api/v1/defaults_test.go index 8711f293a5af..ac1bdd216eeb 100644 --- a/pkg/api/v1/defaults_test.go +++ b/pkg/api/v1/defaults_test.go @@ -248,10 +248,27 @@ var _ = Describe("Defaults", func() { It("should add RNG if it is unspecified and set the default source", func() { vmi := &VirtualMachineInstance{} SetObjectDefaults_VirtualMachineInstance(vmi) - Expect(vmi.Spec.Domain.Devices.Rng.Enabled).To(BeTrue()) Expect(vmi.Spec.Domain.Devices.Rng.Source).To(Equal("/dev/urandom")) }) + It("should not add RNG if it disabled", func() { + vmi := &VirtualMachineInstance{} + vmi.Spec.Domain.Devices.Rng = &Rng{ + Disabled: true, + } + SetObjectDefaults_VirtualMachineInstance(vmi) + Expect(vmi.Spec.Domain.Devices.Rng.Source).To(Equal("")) + }) + + It("should not change RNG source if it is present", func() { + vmi := &VirtualMachineInstance{} + vmi.Spec.Domain.Devices.Rng = &Rng{ + Source: "/dev/random", + } + SetObjectDefaults_VirtualMachineInstance(vmi) + Expect(vmi.Spec.Domain.Devices.Rng.Source).To(Equal("/dev/random")) + }) + }) var _ = Describe("Function SetDefaults_NetworkInterface()", func() { diff --git a/pkg/api/v1/schema.go b/pkg/api/v1/schema.go index 5b6be2830c79..cb1050591e01 100644 --- a/pkg/api/v1/schema.go +++ b/pkg/api/v1/schema.go @@ -789,8 +789,10 @@ type PodNetwork struct { // --- // +k8s:openapi-gen=true type Rng struct { - // Enabled defines whether use or do not use Virtio Rng - Enabled bool `json:"enabled"` + // Disabled defines whether use or do not use Virtio Rng + // +optional + Disabled bool `json:"disabled"` // Source sets the host source used to provide entropy + // +optional Source string `json:"source"` } diff --git a/pkg/api/v1/schema_test.go b/pkg/api/v1/schema_test.go index f55ea129025b..cdfedfc1d73c 100644 --- a/pkg/api/v1/schema_test.go +++ b/pkg/api/v1/schema_test.go @@ -168,7 +168,7 @@ var exampleJSON = `{ } ], "rng": { - "enabled": true, + "disabled": true, "source": "/dev/urandom" } } @@ -267,8 +267,8 @@ var _ = Describe("Schema", func() { } exampleVMI.Spec.Domain.Devices.Rng = &Rng{ - Enabled: true, - Source: "/dev/urandom", + Disabled: true, + Source: "/dev/urandom", } exampleVMI.Spec.Volumes = []Volume{ From 218f4f014a91ab8985f1cf39bce4dc53e85e6ac5 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Fri, 3 Aug 2018 11:27:11 +0200 Subject: [PATCH 19/22] Change converted to reflect rng disable --- pkg/virt-launcher/virtwrap/api/converter.go | 2 +- pkg/virt-launcher/virtwrap/api/converter_test.go | 8 +------- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/pkg/virt-launcher/virtwrap/api/converter.go b/pkg/virt-launcher/virtwrap/api/converter.go index db679a6ecc4b..3e9922fbe22d 100644 --- a/pkg/virt-launcher/virtwrap/api/converter.go +++ b/pkg/virt-launcher/virtwrap/api/converter.go @@ -455,7 +455,7 @@ func Convert_v1_VirtualMachine_To_api_Domain(vmi *v1.VirtualMachineInstance, dom } if vmi.Spec.Domain.Devices.Rng != nil { - if vmi.Spec.Domain.Devices.Rng.Enabled { + if !vmi.Spec.Domain.Devices.Rng.Disabled { newRng := &Rng{} err := Convert_v1_Rng_To_api_Rng(vmi.Spec.Domain.Devices.Rng, newRng, c) if err != nil { diff --git a/pkg/virt-launcher/virtwrap/api/converter_test.go b/pkg/virt-launcher/virtwrap/api/converter_test.go index bb637ecc6dea..90c4127f3f51 100644 --- a/pkg/virt-launcher/virtwrap/api/converter_test.go +++ b/pkg/virt-launcher/virtwrap/api/converter_test.go @@ -597,17 +597,11 @@ var _ = Describe("Converter", func() { }) It("should not add RNG when disabled", func() { - vmi.Spec.Domain.Devices.Rng.Enabled = false + vmi.Spec.Domain.Devices.Rng.Disabled = true domainSpec := vmiToDomainXMLToDomainSpec(vmi, c) Expect(domainSpec.Devices.Rng).To(BeNil()) }) - It("should set default source for RNG when enabled", func() { - vmi.Spec.Domain.Devices.Rng.Enabled = true - domainSpec := vmiToDomainXMLToDomainSpec(vmi, c) - Expect(domainSpec.Devices.Rng.Backend.Source).To(Equal("/dev/urandom")) - }) - }) Context("Network convert", func() { var vmi *v1.VirtualMachineInstance From f35077e33b54af1f925543cacee43fe9844fe246 Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Fri, 3 Aug 2018 12:34:23 +0200 Subject: [PATCH 20/22] Fix functests for rng device --- api/openapi-spec/swagger.json | 8 +++---- manifests/generated/vm-resource.yaml | 5 +--- manifests/generated/vmi-resource.yaml | 5 +--- manifests/generated/vmipreset-resource.yaml | 5 +--- manifests/generated/vmirs-resource.yaml | 5 +--- pkg/api/v1/openapi_generated.go | 5 ++-- pkg/api/v1/schema_swagger_generated.go | 6 ++--- tests/vmi_configuration_test.go | 26 +++++++++++++++++---- 8 files changed, 35 insertions(+), 30 deletions(-) diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index a2bbf2e4aff5..57a4998f58ad 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -4299,16 +4299,16 @@ "v1.Rng": { "description": "Rng represents the random device passed from host", "required": [ - "enabled", + "disabled", "source" ], "properties": { - "enabled": { - "description": "Enabled defines whether use or do not use Virtio Rng", + "disabled": { + "description": "Disabled defines whether use or do not use Virtio Rng\n+optional", "type": "boolean" }, "source": { - "description": "Source sets the host source used to provide entropy", + "description": "Source sets the host source used to provide entropy\n+optional", "type": "string" } } diff --git a/manifests/generated/vm-resource.yaml b/manifests/generated/vm-resource.yaml index 23e2fefee43e..189a42033668 100644 --- a/manifests/generated/vm-resource.yaml +++ b/manifests/generated/vm-resource.yaml @@ -134,13 +134,10 @@ spec: type: array rng: properties: - enabled: + disabled: type: boolean source: type: string - required: - - enabled - - source watchdog: properties: i6300esb: diff --git a/manifests/generated/vmi-resource.yaml b/manifests/generated/vmi-resource.yaml index bb72b8d37b2b..c52671a8ad49 100644 --- a/manifests/generated/vmi-resource.yaml +++ b/manifests/generated/vmi-resource.yaml @@ -127,13 +127,10 @@ spec: type: array rng: properties: - enabled: + disabled: type: boolean source: type: string - required: - - enabled - - source watchdog: properties: i6300esb: diff --git a/manifests/generated/vmipreset-resource.yaml b/manifests/generated/vmipreset-resource.yaml index c7fbe3c142cb..75c78ed67a71 100644 --- a/manifests/generated/vmipreset-resource.yaml +++ b/manifests/generated/vmipreset-resource.yaml @@ -126,13 +126,10 @@ spec: type: array rng: properties: - enabled: + disabled: type: boolean source: type: string - required: - - enabled - - source watchdog: properties: i6300esb: diff --git a/manifests/generated/vmirs-resource.yaml b/manifests/generated/vmirs-resource.yaml index 07fd64c89396..dbd0db05db57 100644 --- a/manifests/generated/vmirs-resource.yaml +++ b/manifests/generated/vmirs-resource.yaml @@ -138,13 +138,10 @@ spec: type: array rng: properties: - enabled: + disabled: type: boolean source: type: string - required: - - enabled - - source watchdog: properties: i6300esb: diff --git a/pkg/api/v1/openapi_generated.go b/pkg/api/v1/openapi_generated.go index 5894d61030f2..d2abf3b72f25 100644 --- a/pkg/api/v1/openapi_generated.go +++ b/pkg/api/v1/openapi_generated.go @@ -1202,9 +1202,9 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA SchemaProps: spec.SchemaProps{ Description: "Rng represents the random device passed from host", Properties: map[string]spec.Schema{ - "enabled": { + "disabled": { SchemaProps: spec.SchemaProps{ - Description: "Enabled defines whether use or do not use Virtio Rng", + Description: "Disabled defines whether use or do not use Virtio Rng", Type: []string{"boolean"}, Format: "", }, @@ -1217,7 +1217,6 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA }, }, }, - Required: []string{"enabled", "source"}, }, }, Dependencies: []string{}, diff --git a/pkg/api/v1/schema_swagger_generated.go b/pkg/api/v1/schema_swagger_generated.go index e04d75ad32d5..23f5086f1330 100644 --- a/pkg/api/v1/schema_swagger_generated.go +++ b/pkg/api/v1/schema_swagger_generated.go @@ -373,8 +373,8 @@ func (PodNetwork) SwaggerDoc() map[string]string { func (Rng) SwaggerDoc() map[string]string { return map[string]string{ - "": "Rng represents the random device passed from host", - "enabled": "Enabled defines whether use or do not use Virtio Rng", - "source": "Source sets the host source used to provide entropy", + "": "Rng represents the random device passed from host", + "disabled": "Disabled defines whether use or do not use Virtio Rng\n+optional", + "source": "Source sets the host source used to provide entropy\n+optional", } } diff --git a/tests/vmi_configuration_test.go b/tests/vmi_configuration_test.go index 69cf8cd0c9a0..28908843c192 100644 --- a/tests/vmi_configuration_test.go +++ b/tests/vmi_configuration_test.go @@ -327,9 +327,28 @@ var _ = Describe("Configurations", func() { rngVmi = tests.NewRandomVMIWithEphemeralDisk(tests.RegistryDiskFor(tests.RegistryDiskAlpine)) }) - It("should have the virtio rng device present", func() { + It("should have the virtio rng device present by default", func() { + By("Starting a VirtualMachineInstance") + rngVmi, err = virtClient.VirtualMachineInstance(tests.NamespaceTestDefault).Create(rngVmi) + Expect(err).ToNot(HaveOccurred()) + tests.WaitForSuccessfulVMIStart(rngVmi) + + By("Expecting the VirtualMachineInstance console") + expecter, err := tests.LoggedInAlpineExpecter(rngVmi) + Expect(err).ToNot(HaveOccurred()) + defer expecter.Close() + + By("Checking the virtio rng presence") + _, err = expecter.ExpectBatch([]expect.Batcher{ + &expect.BSnd{S: "grep -c ^virtio /sys/devices/virtual/misc/hw_random/rng_available\n"}, + &expect.BExp{R: "1"}, + }, 250*time.Second) + Expect(err).ToNot(HaveOccurred()) + }, 300) + + It("should not have the virtio rng device when disabled", func() { rngVmi.Spec.Domain.Devices.Rng = &v1.Rng{ - Source: "/dev/urandom", + Disabled: true, } By("Starting a VirtualMachineInstance") @@ -345,11 +364,10 @@ var _ = Describe("Configurations", func() { By("Checking the virtio rng presence") _, err = expecter.ExpectBatch([]expect.Batcher{ &expect.BSnd{S: "grep -c ^virtio /sys/devices/virtual/misc/hw_random/rng_available\n"}, - &expect.BExp{R: "1"}, + &expect.BExp{R: "0"}, }, 250*time.Second) Expect(err).ToNot(HaveOccurred()) }, 300) - }) }) From 91a44600d74fd4025f3902b3d38a4175feb5ad8d Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Wed, 22 Aug 2018 16:35:59 +0200 Subject: [PATCH 21/22] Remove source disabled and defaulting Signed-off-by: Petr Kotas --- api/openapi-spec/swagger.json | 18 ++------------ manifests/generated/vm-resource.yaml | 7 +----- manifests/generated/vmi-resource.yaml | 7 +----- manifests/generated/vmipreset-resource.yaml | 7 +----- manifests/generated/vmirs-resource.yaml | 7 +----- pkg/api/v1/defaults.go | 10 +------- pkg/api/v1/defaults_test.go | 24 ------------------- pkg/api/v1/openapi_generated.go | 19 ++------------- pkg/api/v1/schema.go | 7 ------ pkg/api/v1/schema_swagger_generated.go | 6 ++--- pkg/api/v1/schema_test.go | 10 ++------ pkg/api/v1/zz_generated.defaults.go | 12 ---------- pkg/virt-launcher/virtwrap/api/converter.go | 21 +++++++--------- .../virtwrap/api/converter_test.go | 10 ++++++-- tests/vmi_configuration_test.go | 18 +++++++------- 15 files changed, 37 insertions(+), 146 deletions(-) diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index 57a4998f58ad..e798346323ab 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -3384,7 +3384,7 @@ } }, "rng": { - "description": "Whether to have random number generator from host\nDefaults to Rng enabled\n+optional", + "description": "Whether to have random number generator from host\n+optional", "$ref": "#/definitions/v1.Rng" }, "watchdog": { @@ -4297,21 +4297,7 @@ } }, "v1.Rng": { - "description": "Rng represents the random device passed from host", - "required": [ - "disabled", - "source" - ], - "properties": { - "disabled": { - "description": "Disabled defines whether use or do not use Virtio Rng\n+optional", - "type": "boolean" - }, - "source": { - "description": "Source sets the host source used to provide entropy\n+optional", - "type": "string" - } - } + "description": "Rng represents the random device passed from host" }, "v1.ServerAddressByClientCIDR": { "description": "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.", diff --git a/manifests/generated/vm-resource.yaml b/manifests/generated/vm-resource.yaml index 189a42033668..787598b5ce83 100644 --- a/manifests/generated/vm-resource.yaml +++ b/manifests/generated/vm-resource.yaml @@ -132,12 +132,7 @@ spec: required: - name type: array - rng: - properties: - disabled: - type: boolean - source: - type: string + rng: {} watchdog: properties: i6300esb: diff --git a/manifests/generated/vmi-resource.yaml b/manifests/generated/vmi-resource.yaml index c52671a8ad49..7ea223a474c3 100644 --- a/manifests/generated/vmi-resource.yaml +++ b/manifests/generated/vmi-resource.yaml @@ -125,12 +125,7 @@ spec: required: - name type: array - rng: - properties: - disabled: - type: boolean - source: - type: string + rng: {} watchdog: properties: i6300esb: diff --git a/manifests/generated/vmipreset-resource.yaml b/manifests/generated/vmipreset-resource.yaml index 75c78ed67a71..6e9a7b2a5498 100644 --- a/manifests/generated/vmipreset-resource.yaml +++ b/manifests/generated/vmipreset-resource.yaml @@ -124,12 +124,7 @@ spec: required: - name type: array - rng: - properties: - disabled: - type: boolean - source: - type: string + rng: {} watchdog: properties: i6300esb: diff --git a/manifests/generated/vmirs-resource.yaml b/manifests/generated/vmirs-resource.yaml index dbd0db05db57..4ec8c48be0d9 100644 --- a/manifests/generated/vmirs-resource.yaml +++ b/manifests/generated/vmirs-resource.yaml @@ -136,12 +136,7 @@ spec: required: - name type: array - rng: - properties: - disabled: - type: boolean - source: - type: string + rng: {} watchdog: properties: i6300esb: diff --git a/pkg/api/v1/defaults.go b/pkg/api/v1/defaults.go index 423c9dbc6016..97e2ffe49198 100644 --- a/pkg/api/v1/defaults.go +++ b/pkg/api/v1/defaults.go @@ -111,12 +111,6 @@ func SetDefaults_Firmware(obj *Firmware) { } } -func SetDefaults_Rng(obj *Rng) { - if obj.Source == "" && !obj.Disabled { - obj.Source = "/dev/urandom" - } -} - func SetDefaults_VirtualMachineInstance(obj *VirtualMachineInstance) { // FIXME we need proper validation and configurable defaulting instead of this if _, exists := obj.Spec.Domain.Resources.Requests[v1.ResourceMemory]; !exists { @@ -134,9 +128,7 @@ func SetDefaults_VirtualMachineInstance(obj *VirtualMachineInstance) { if obj.Spec.Domain.Machine.Type == "" { obj.Spec.Domain.Machine.Type = "q35" } - if obj.Spec.Domain.Devices.Rng == nil { - obj.Spec.Domain.Devices.Rng = &Rng{} - } + setDefaults_DiskFromMachineType(obj) SetDefaults_NetworkInterface(obj) } diff --git a/pkg/api/v1/defaults_test.go b/pkg/api/v1/defaults_test.go index ac1bdd216eeb..164175c9859f 100644 --- a/pkg/api/v1/defaults_test.go +++ b/pkg/api/v1/defaults_test.go @@ -245,30 +245,6 @@ var _ = Describe("Defaults", func() { Expect(*timer.Hyperv.Enabled).To(BeTrue()) }) - It("should add RNG if it is unspecified and set the default source", func() { - vmi := &VirtualMachineInstance{} - SetObjectDefaults_VirtualMachineInstance(vmi) - Expect(vmi.Spec.Domain.Devices.Rng.Source).To(Equal("/dev/urandom")) - }) - - It("should not add RNG if it disabled", func() { - vmi := &VirtualMachineInstance{} - vmi.Spec.Domain.Devices.Rng = &Rng{ - Disabled: true, - } - SetObjectDefaults_VirtualMachineInstance(vmi) - Expect(vmi.Spec.Domain.Devices.Rng.Source).To(Equal("")) - }) - - It("should not change RNG source if it is present", func() { - vmi := &VirtualMachineInstance{} - vmi.Spec.Domain.Devices.Rng = &Rng{ - Source: "/dev/random", - } - SetObjectDefaults_VirtualMachineInstance(vmi) - Expect(vmi.Spec.Domain.Devices.Rng.Source).To(Equal("/dev/random")) - }) - }) var _ = Describe("Function SetDefaults_NetworkInterface()", func() { diff --git a/pkg/api/v1/openapi_generated.go b/pkg/api/v1/openapi_generated.go index d2abf3b72f25..528be812f4f7 100644 --- a/pkg/api/v1/openapi_generated.go +++ b/pkg/api/v1/openapi_generated.go @@ -229,7 +229,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA }, "rng": { SchemaProps: spec.SchemaProps{ - Description: "Whether to have random number generator from host Defaults to Rng enabled", + Description: "Whether to have random number generator from host", Ref: ref("kubevirt.io/kubevirt/pkg/api/v1.Rng"), }, }, @@ -1201,22 +1201,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Description: "Rng represents the random device passed from host", - Properties: map[string]spec.Schema{ - "disabled": { - SchemaProps: spec.SchemaProps{ - Description: "Disabled defines whether use or do not use Virtio Rng", - Type: []string{"boolean"}, - Format: "", - }, - }, - "source": { - SchemaProps: spec.SchemaProps{ - Description: "Source sets the host source used to provide entropy", - Type: []string{"string"}, - Format: "", - }, - }, - }, + Properties: map[string]spec.Schema{}, }, }, Dependencies: []string{}, diff --git a/pkg/api/v1/schema.go b/pkg/api/v1/schema.go index cb1050591e01..2ee9d1ae94d6 100644 --- a/pkg/api/v1/schema.go +++ b/pkg/api/v1/schema.go @@ -189,7 +189,6 @@ type Devices struct { // VNC will not be available if set to false. Defaults to true. AutoattachGraphicsDevice *bool `json:"autoattachGraphicsDevice,omitempty"` // Whether to have random number generator from host - // Defaults to Rng enabled // +optional Rng *Rng `json:"rng,omitempty"` } @@ -789,10 +788,4 @@ type PodNetwork struct { // --- // +k8s:openapi-gen=true type Rng struct { - // Disabled defines whether use or do not use Virtio Rng - // +optional - Disabled bool `json:"disabled"` - // Source sets the host source used to provide entropy - // +optional - Source string `json:"source"` } diff --git a/pkg/api/v1/schema_swagger_generated.go b/pkg/api/v1/schema_swagger_generated.go index 23f5086f1330..bf9a56fc8dbb 100644 --- a/pkg/api/v1/schema_swagger_generated.go +++ b/pkg/api/v1/schema_swagger_generated.go @@ -87,7 +87,7 @@ func (Devices) SwaggerDoc() map[string]string { "interfaces": "Interfaces describe network interfaces which are added to the vm.", "autoattachPodInterface": "Whether to attach a pod network interface. Defaults to true.", "autoattachGraphicsDevice": "Wheater to attach the default graphics device or not.\nVNC will not be available if set to false. Defaults to true.", - "rng": "Whether to have random number generator from host\nDefaults to Rng enabled\n+optional", + "rng": "Whether to have random number generator from host\n+optional", } } @@ -373,8 +373,6 @@ func (PodNetwork) SwaggerDoc() map[string]string { func (Rng) SwaggerDoc() map[string]string { return map[string]string{ - "": "Rng represents the random device passed from host", - "disabled": "Disabled defines whether use or do not use Virtio Rng\n+optional", - "source": "Source sets the host source used to provide entropy\n+optional", + "": "Rng represents the random device passed from host", } } diff --git a/pkg/api/v1/schema_test.go b/pkg/api/v1/schema_test.go index cdfedfc1d73c..c7036ef274a1 100644 --- a/pkg/api/v1/schema_test.go +++ b/pkg/api/v1/schema_test.go @@ -167,10 +167,7 @@ var exampleJSON = `{ {{.InterfaceConfig}} } ], - "rng": { - "disabled": true, - "source": "/dev/urandom" - } + "rng": {} } }, "volumes": [ @@ -266,10 +263,7 @@ var _ = Describe("Schema", func() { }, } - exampleVMI.Spec.Domain.Devices.Rng = &Rng{ - Disabled: true, - Source: "/dev/urandom", - } + exampleVMI.Spec.Domain.Devices.Rng = &Rng{} exampleVMI.Spec.Volumes = []Volume{ { diff --git a/pkg/api/v1/zz_generated.defaults.go b/pkg/api/v1/zz_generated.defaults.go index 33c990d2feed..c8ecaa5a9f84 100644 --- a/pkg/api/v1/zz_generated.defaults.go +++ b/pkg/api/v1/zz_generated.defaults.go @@ -122,9 +122,6 @@ func SetObjectDefaults_VirtualMachine(in *VirtualMachine) { SetDefaults_I6300ESBWatchdog(in.Spec.Template.Spec.Domain.Devices.Watchdog.WatchdogDevice.I6300ESB) } } - if in.Spec.Template.Spec.Domain.Devices.Rng != nil { - SetDefaults_Rng(in.Spec.Template.Spec.Domain.Devices.Rng) - } } } @@ -203,9 +200,6 @@ func SetObjectDefaults_VirtualMachineInstance(in *VirtualMachineInstance) { SetDefaults_I6300ESBWatchdog(in.Spec.Domain.Devices.Watchdog.WatchdogDevice.I6300ESB) } } - if in.Spec.Domain.Devices.Rng != nil { - SetDefaults_Rng(in.Spec.Domain.Devices.Rng) - } } func SetObjectDefaults_VirtualMachineInstanceList(in *VirtualMachineInstanceList) { @@ -290,9 +284,6 @@ func SetObjectDefaults_VirtualMachineInstancePreset(in *VirtualMachineInstancePr SetDefaults_I6300ESBWatchdog(in.Spec.Domain.Devices.Watchdog.WatchdogDevice.I6300ESB) } } - if in.Spec.Domain.Devices.Rng != nil { - SetDefaults_Rng(in.Spec.Domain.Devices.Rng) - } } } @@ -378,9 +369,6 @@ func SetObjectDefaults_VirtualMachineInstanceReplicaSet(in *VirtualMachineInstan SetDefaults_I6300ESBWatchdog(in.Spec.Template.Spec.Domain.Devices.Watchdog.WatchdogDevice.I6300ESB) } } - if in.Spec.Template.Spec.Domain.Devices.Rng != nil { - SetDefaults_Rng(in.Spec.Template.Spec.Domain.Devices.Rng) - } } } diff --git a/pkg/virt-launcher/virtwrap/api/converter.go b/pkg/virt-launcher/virtwrap/api/converter.go index 3e9922fbe22d..85b6e38e29ff 100644 --- a/pkg/virt-launcher/virtwrap/api/converter.go +++ b/pkg/virt-launcher/virtwrap/api/converter.go @@ -247,16 +247,13 @@ func Convert_v1_Rng_To_api_Rng(source *v1.Rng, rng *Rng, _ *ConverterContext) er // default rng model for KVM/QEMU virtualization rng.Model = "virtio" - // default backend model, random for /dev/random and /dev/urandom + // default backend model, random rng.Backend = &RngBackend{ Model: "random", } - // the source used to get the entropy - if source.Source == "" { - return fmt.Errorf("rng can't be mapped, no source provided") - } - rng.Backend.Source = source.Source + // the default source for rng is dev urandom + rng.Backend.Source = "/dev/urandom" return nil } @@ -455,14 +452,12 @@ func Convert_v1_VirtualMachine_To_api_Domain(vmi *v1.VirtualMachineInstance, dom } if vmi.Spec.Domain.Devices.Rng != nil { - if !vmi.Spec.Domain.Devices.Rng.Disabled { - newRng := &Rng{} - err := Convert_v1_Rng_To_api_Rng(vmi.Spec.Domain.Devices.Rng, newRng, c) - if err != nil { - return err - } - domain.Spec.Devices.Rng = newRng + newRng := &Rng{} + err := Convert_v1_Rng_To_api_Rng(vmi.Spec.Domain.Devices.Rng, newRng, c) + if err != nil { + return err } + domain.Spec.Devices.Rng = newRng } if vmi.Spec.Domain.Clock != nil { diff --git a/pkg/virt-launcher/virtwrap/api/converter_test.go b/pkg/virt-launcher/virtwrap/api/converter_test.go index 90c4127f3f51..d25e413dded4 100644 --- a/pkg/virt-launcher/virtwrap/api/converter_test.go +++ b/pkg/virt-launcher/virtwrap/api/converter_test.go @@ -446,6 +446,7 @@ var _ = Describe("Converter", func() { It("should be converted to a libvirt Domain with vmi defaults set", func() { v1.SetObjectDefaults_VirtualMachineInstance(vmi) + vmi.Spec.Domain.Devices.Rng = &v1.Rng{} Expect(vmiToDomainXML(vmi, c)).To(Equal(convertedDomain)) }) @@ -596,12 +597,17 @@ var _ = Describe("Converter", func() { Expect(domainSpec.Memory.Unit).To(Equal("B")) }) - It("should not add RNG when disabled", func() { - vmi.Spec.Domain.Devices.Rng.Disabled = true + It("should not add RNG when not present", func() { domainSpec := vmiToDomainXMLToDomainSpec(vmi, c) Expect(domainSpec.Devices.Rng).To(BeNil()) }) + It("should add RNG when present", func() { + vmi.Spec.Domain.Devices.Rng = &v1.Rng{} + domainSpec := vmiToDomainXMLToDomainSpec(vmi, c) + Expect(domainSpec.Devices.Rng).ToNot(BeNil()) + }) + }) Context("Network convert", func() { var vmi *v1.VirtualMachineInstance diff --git a/tests/vmi_configuration_test.go b/tests/vmi_configuration_test.go index 28908843c192..d84f702263aa 100644 --- a/tests/vmi_configuration_test.go +++ b/tests/vmi_configuration_test.go @@ -327,7 +327,9 @@ var _ = Describe("Configurations", func() { rngVmi = tests.NewRandomVMIWithEphemeralDisk(tests.RegistryDiskFor(tests.RegistryDiskAlpine)) }) - It("should have the virtio rng device present by default", func() { + It("should have the virtio rng device present when present", func() { + rngVmi.Spec.Domain.Devices.Rng = &v1.Rng{} + By("Starting a VirtualMachineInstance") rngVmi, err = virtClient.VirtualMachineInstance(tests.NamespaceTestDefault).Create(rngVmi) Expect(err).ToNot(HaveOccurred()) @@ -342,15 +344,11 @@ var _ = Describe("Configurations", func() { _, err = expecter.ExpectBatch([]expect.Batcher{ &expect.BSnd{S: "grep -c ^virtio /sys/devices/virtual/misc/hw_random/rng_available\n"}, &expect.BExp{R: "1"}, - }, 250*time.Second) + }, 400*time.Second) Expect(err).ToNot(HaveOccurred()) - }, 300) - - It("should not have the virtio rng device when disabled", func() { - rngVmi.Spec.Domain.Devices.Rng = &v1.Rng{ - Disabled: true, - } + }) + It("should not have the virtio rng device when not present", func() { By("Starting a VirtualMachineInstance") rngVmi, err = virtClient.VirtualMachineInstance(tests.NamespaceTestDefault).Create(rngVmi) Expect(err).ToNot(HaveOccurred()) @@ -365,9 +363,9 @@ var _ = Describe("Configurations", func() { _, err = expecter.ExpectBatch([]expect.Batcher{ &expect.BSnd{S: "grep -c ^virtio /sys/devices/virtual/misc/hw_random/rng_available\n"}, &expect.BExp{R: "0"}, - }, 250*time.Second) + }, 400*time.Second) Expect(err).ToNot(HaveOccurred()) - }, 300) + }) }) }) From c234f3c3a54adb6b584d5f2744c5baec5fd679db Mon Sep 17 00:00:00 2001 From: Petr Kotas Date: Thu, 23 Aug 2018 16:51:09 +0200 Subject: [PATCH 22/22] Fix func test Signed-off-by: Petr Kotas --- tests/vmi_configuration_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/vmi_configuration_test.go b/tests/vmi_configuration_test.go index d84f702263aa..d28cca0da803 100644 --- a/tests/vmi_configuration_test.go +++ b/tests/vmi_configuration_test.go @@ -361,8 +361,8 @@ var _ = Describe("Configurations", func() { By("Checking the virtio rng presence") _, err = expecter.ExpectBatch([]expect.Batcher{ - &expect.BSnd{S: "grep -c ^virtio /sys/devices/virtual/misc/hw_random/rng_available\n"}, - &expect.BExp{R: "0"}, + &expect.BSnd{S: "[[ ! -e /sys/devices/virtual/misc/hw_random/rng_available ]] && echo non\n"}, + &expect.BExp{R: "non"}, }, 400*time.Second) Expect(err).ToNot(HaveOccurred()) })