Skip to content

bhyve VM Support #605

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Feb 8, 2019
Merged

bhyve VM Support #605

merged 2 commits into from
Feb 8, 2019

Conversation

gronke
Copy link
Member

@gronke gronke commented Jan 10, 2019
edited
Loading

implements #604
blocked by #644

  • allow.vmm jail parameter

@gronke gronke force-pushed the feature/bhyve branch 2 times, most recently from 0f01dcd to 505cac4 Compare January 10, 2019 06:58
igalic
igalic reviewed Jan 10, 2019
View reviewed changes
Copy link
Collaborator

@igalic igalic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👀

ioc/Jail.py Outdated
)
devfs_ruleset.append("add path vmm unhide")
devfs_ruleset.append("add path vmm/* unhide")
devfs_ruleset.append("add path nmdm* unhide")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is also missing from iocage/iocage#767

@gronke gronke force-pushed the feature/bhyve branch 3 times, most recently from bd2e62f to 7f4f461 Compare January 10, 2019 21:27
igalic
igalic requested changes Jan 10, 2019
View reviewed changes
Copy link
Collaborator

@igalic igalic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should make this more restricted

ioc/Jail.py Outdated
@@ -1602,6 +1602,11 @@ def devfs_ruleset(self) -> ioc.DevfsRules.DevfsRuleset:
if self._allow_mount_zfs == "1":
devfs_ruleset.append("add path zfs unhide")

if self.config["allow_vmm"] is True:
devfs_ruleset.append("add path vmm unhide")
devfs_ruleset.append("add path vmm/* unhide")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

as discussed elsewhere, it would be good to create a concrete rule per vmm container, rather than exposing all these devices to each jail

@gronke gronke mentioned this pull request Feb 8, 2019
Open
@gronke gronke added the blocked label Feb 8, 2019
@gronke gronke merged commit 00a2024 into master Feb 8, 2019
@gronke gronke deleted the feature/bhyve branch February 8, 2019 17:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@igalic igalic igalic requested changes

Assignees
No one assigned
Labels
missing feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gronke @igalic