Add virtfs/9p mounts, instead of sshocker/sshfs #726
Conversation
AkihiroSuda
added
enhancement
afbjorklund
force-pushed
the
virtfs
branch
2 times, most recently
from
269c799 to
a802a7b
Compare
|
It is possible that it should not be called "mountType", and that the values should not be "sshfs" and "9p" Those are the technical implementation details, it could be called "mountDriver" or whatever And the human readable choices could be reverse-sshfs and virtfs, rather than the file system types. I have decoupled them now, so there is a human type with constants and there are strings for the scripts... |
|
In order to test this on the Mac, we need to either patch qemu in brew or wait until the PR has been merged It can meanwhile be tested on Linux, with the right GHA-fu. EDIT: It has been merged |
|
Instead of having to transport all the mount variables in environment variables, In the initial PoC, I just added the
And the hostagent calls are basically no-op, instead of running ssh like with sshfs rsf := &reversesshfs.ReverseSSHFS{
SSHConfig: a.sshConfig,
LocalPath: expanded,
Host: "127.0.0.1",
Port: a.sshLocalPort,
RemotePath: expanded,
Readonly: !(*m.Writable),
SSHFSAdditionalArgs: []string{"-o", sshfsOptions},
}There is no long-lived host process (but qemu) keeping the ssh connection open, though. |
|
I tried to test this on my m1 Mac using qemu with patches from Homebrew/homebrew-core#96655 but got an error: Seems like perhaps lima was creating the mount location if it didn't exist previously? This was using the Things generally work well with 9p otherwise so far. |
Yeah, it was created too late. Please try again now. |
|
I guess the next step will be to try to reproduce these issues with plain qemu, just so we can report them upstream if they are reproducible there and not specific to lima. I probably won't have time for further testing until next week though. |
This is due to using So, it's a feature. See https://wiki.qemu.org/Documentation/9psetup
EDIT: oops, accidentally hardcoded |
This PR allows selecting mount type, as "9p" The default mount type is still as before. Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
External filesystems can be mounted in /etc/fstab. It is only the reverse-sshfs that needs to use ssh. Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
So I fixed this locally and tried the four security models. I noticed the following.
I do not notice a difference between
|
|
@jandubois Could you report your issue to https://gitlab.com/qemu-project/qemu/-/issues ? What should we do now? Are we ready to merge this and then explore how to optimize the performance ? |
I want to reproduce the issue with plain qemu before reporting it upstream. I've been notoriously short on time lately, so this will probably take a while.
Yes, I'm fine with merging it, and then iterating over it later. I think the remaining issues are not with this PR, but within upstream code (pending verification). Only thing is that maybe there should be some text in Another thought that just occurred to me: is it possible to check if the qemu version supports 9p, and show an error if it doesn't? |
suda@lima-default:/Users/suda/gopath/src/github.com/lima-vm/lima$ time du -s
33868 .
real 0m0.598s
user 0m0.000s
sys 0m0.346ssuda@lima-9p:/Users/suda/gopath/src/github.com/lima-vm/lima$ time du -s
32492 .
real 0m2.408s
user 0m0.001s
sys 0m0.291sWhy is the du result is different? 🤔 |
|
My gut feeling is that there is some code somewhere in the The errors I'm seeing are mostly "Network dropped connection on reset", which looks like some error occurs, and connections are being retried. That could explain the unexpected slowdown of filesystem operations as well. But so far this is just a hunch, not backed by actual investigation. |
|
It seems that some additional followup notes for 9p are being flagged: https://lists.gnu.org/archive/html/qemu-devel/2022-04/msg00957.html |
|
It seems to be that people have unreasonable expectations on what can be done on a remote file system, though I would have thought that symlinks would work better even if things like inotify wasn't available remotely. Maybe that's because of Docker ? Probably using NFS would have stayed more in the "known bad" part of things, but I would still recommend using local files and something like Mutagen if having issues with running builds or databases or whatever over the network. It just doesn't work. |
Yes, people have unrealistic expectations because things like inotify work with osxfs on Docker Desktop. But I don't think expecting symlinks is unreasonable. I'm honestly surprised that they don't work; I would have expected them to work automatically without special support; they are really nothing more than a file with a special mode bit (or so I thought). |
|
It seems the main issue with symlinks was creating on one end and using on the other, I thought they worked on the "same" side |
That seems to be the case, but doesn't help if you expect symlinks on the host to transparently work inside the guest (as long as the symlink target is also mounted). It may not matter to you if you don't use symlinks, but I happen to use them extensively both within and across device and filesystem boundaries. This is kind of a basic assumption of lima that you can run I'm obviously ignorant about how this actually works; I always thought a symlink is just a text file containing the target name, and a single mode bit in the directory telling the system that this is a symlink and not a regular file. I assumed the redirection happened outside the filesystem driver, as you can have cross-filesystem symlinks. Therefore it is rather surprising to me how this can be broken. |
I was actually surprised to the see amount of requests for writable volumes when Colima had readonly volumes as the default. I personally would only use a local volume for anything serious and could care less if the mounted volumes are not writable.
Symlinks actually work if you change the security policy to |
This is an attempt to placate sketchy `docker` replacement wannabees who believe that symlinks should be handled by Plan 9, or something. [I wish I was making that up...](lima-vm/lima#726 (comment))
This is an (ultimately unsuccessful) attempt to placate sketchy `docker` replacement wannabees who believe that symlinks should be handled by Plan 9, or something. [I wish I was making that up...](lima-vm/lima#726 (comment))
This PR allows selecting mount type, as "9p"
The default mount type is still as it was before.
Add mount option variable, for "rw" vs "ro"Add mount type, for "reverse-sshfs" vs "9p"
Issue #20
QEMU with 9p-darwin patches available here:https://github.com/afbjorklund/homebrew-core/blob/qemu-9p-darwin/Formula/qemu.rbPatches from: https://github.com/willcohen/qemu/commits/v6.2.0-9p-darwin (or use HEAD)You can also use the latest/greatest QEMU HEAD.EDIT: The
qemuinbrewnow supports virtfs, also for darwin systems.Example mount when booting with "sshfs":
:/tmp/lima on /tmp/lima type fuse.sshfs (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000,allow_other)Example mount when booting with "9p":
mount1 on /tmp/lima type 9p (rw,sync,dirsync,relatime,access=client,msize=131072,trans=virtio)