Restore guest agent unix socket functionality

afbjorklund · afbjorklund · commit 25b9484338ce · 2023-11-17T17:53:28.000+01:00
Make both vsock and virtio explicit, instead of hardcoding
internal filenames in the agents. Fallback to to the unix.

Signed-off-by: Anders F Björklund &lt;anders.f.bjorklund@gmail.com&gt;
diff --git a/cmd/lima-guestagent/daemon_linux.go b/cmd/lima-guestagent/daemon_linux.go
@@ -11,7 +11,6 @@ import (
 	"github.com/lima-vm/lima/pkg/guestagent"
 	"github.com/lima-vm/lima/pkg/guestagent/api/server"
 	"github.com/lima-vm/lima/pkg/guestagent/serialport"
-	"github.com/lima-vm/lima/pkg/store/filenames"
 	"github.com/mdlayher/vsock"
 	"github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
@@ -25,26 +24,23 @@ func newDaemonCommand() *cobra.Command {
 	}
 	daemonCommand.Flags().Duration("tick", 3*time.Second, "tick for polling events")
 	daemonCommand.Flags().Int("vsock-port", 0, "use vsock server instead a UNIX socket")
+	daemonCommand.Flags().String("virtio-port", "", "use virtio server instead a UNIX socket")
 	return daemonCommand
 }
 
-var (
-	vSockPort = 0
-
-	virtioPort = "/dev/virtio-ports/" + filenames.VirtioPort
-)
-
 func daemonAction(cmd *cobra.Command, _ []string) error {
+	socket := "/run/lima-guestagent.sock"
 	tick, err := cmd.Flags().GetDuration("tick")
 	if err != nil {
 		return err
 	}
-	vSockPortOverride, err := cmd.Flags().GetInt("vsock-port")
+	vSockPort, err := cmd.Flags().GetInt("vsock-port")
 	if err != nil {
 		return err
 	}
-	if vSockPortOverride != 0 {
-		vSockPort = vSockPortOverride
+	virtioPort, err := cmd.Flags().GetString("virtio-port")
+	if err != nil {
+		return err
 	}
 	if tick == 0 {
 		return errors.New("tick must be specified")
@@ -72,10 +68,14 @@ func daemonAction(cmd *cobra.Command, _ []string) error {
 	r := mux.NewRouter()
 	server.AddRoutes(r, backend)
 	srv := &http.Server{Handler: r}
+	err = os.RemoveAll(socket)
+	if err != nil {
+		return err
+	}
 
 	var l net.Listener
-	if _, err := os.Stat(virtioPort); err == nil {
-		qemuL, err := serialport.Listen(virtioPort)
+	if virtioPort != "" {
+		qemuL, err := serialport.Listen("/dev/virtio-ports/" + virtioPort)
 		if err != nil {
 			return err
 		}
@@ -88,6 +88,16 @@ func daemonAction(cmd *cobra.Command, _ []string) error {
 		}
 		l = vsockL
 		logrus.Infof("serving the guest agent on vsock port: %d", vSockPort)
+	} else {
+		socketL, err := net.Listen("unix", socket)
+		if err != nil {
+			return err
+		}
+		if err := os.Chmod(socket, 0o777); err != nil {
+			return err
+		}
+		l = socketL
+		logrus.Infof("serving the guest agent on %q", socket)
 	}
 	return srv.Serve(l)
 }
diff --git a/pkg/cidata/cidata.TEMPLATE.d/boot/25-guestagent-base.sh b/pkg/cidata/cidata.TEMPLATE.d/boot/25-guestagent-base.sh
@@ -28,7 +28,7 @@ name="lima-guestagent"
 description="Forward ports to the lima-hostagent"
 
 command=${LIMA_CIDATA_GUEST_INSTALL_PREFIX}/bin/lima-guestagent
-command_args="daemon --vsock-port "${LIMA_CIDATA_VSOCK_PORT}""
+command_args="daemon --vsock-port "${LIMA_CIDATA_VSOCK_PORT}" --virtio-port "${LIMA_CIDATA_VIRTIO_PORT}""
 command_background=true
 pidfile="/run/lima-guestagent.pid"
 EOF
@@ -40,5 +40,5 @@ else
 	# Remove legacy systemd service
 	rm -f "${LIMA_CIDATA_HOME}/.config/systemd/user/lima-guestagent.service"
 
-	sudo "${LIMA_CIDATA_GUEST_INSTALL_PREFIX}"/bin/lima-guestagent install-systemd --vsock-port "${LIMA_CIDATA_VSOCK_PORT}"
+	sudo "${LIMA_CIDATA_GUEST_INSTALL_PREFIX}"/bin/lima-guestagent install-systemd --vsock-port "${LIMA_CIDATA_VSOCK_PORT}" --virtio-port "${LIMA_CIDATA_VIRTIO_PORT}"
 fi
diff --git a/pkg/cidata/cidata.TEMPLATE.d/lima.env b/pkg/cidata/cidata.TEMPLATE.d/lima.env
@@ -41,6 +41,7 @@ LIMA_CIDATA_SKIP_DEFAULT_DEPENDENCY_RESOLUTION=
 {{- end}}
 LIMA_CIDATA_VMTYPE={{ .VMType }}
 LIMA_CIDATA_VSOCK_PORT={{ .VSockPort }}
+LIMA_CIDATA_VIRTIO_PORT={{ .VirtIOPort}}
 {{- if .Plain}}
 LIMA_CIDATA_PLAIN=1
 {{- else}}
diff --git a/pkg/cidata/cidata.go b/pkg/cidata/cidata.go
@@ -110,7 +110,7 @@ func setupEnv(y *limayaml.LimaYAML, args TemplateArgs) (map[string]string, error
 	return env, nil
 }
 
-func GenerateISO9660(instDir, name string, y *limayaml.LimaYAML, udpDNSLocalPort, tcpDNSLocalPort int, nerdctlArchive string, vsockPort int) error {
+func GenerateISO9660(instDir, name string, y *limayaml.LimaYAML, udpDNSLocalPort, tcpDNSLocalPort int, nerdctlArchive string, vsockPort int, virtioPort string) error {
 	if err := limayaml.Validate(*y, false); err != nil {
 		return err
 	}
@@ -135,6 +135,7 @@ func GenerateISO9660(instDir, name string, y *limayaml.LimaYAML, udpDNSLocalPort
 		RosettaBinFmt:  *y.Rosetta.BinFmt,
 		VMType:         *y.VMType,
 		VSockPort:      vsockPort,
+		VirtIOPort:     virtioPort,
 		Plain:          *y.Plain,
 	}
 
diff --git a/pkg/cidata/template.go b/pkg/cidata/template.go
@@ -81,6 +81,7 @@ type TemplateArgs struct {
 	SkipDefaultDependencyResolution bool
 	VMType                          string
 	VSockPort                       int
+	VirtIOPort                      string
 	Plain                           bool
 }
 
diff --git a/pkg/driver/driver.go b/pkg/driver/driver.go
@@ -64,6 +64,8 @@ type Driver interface {
 
 	ListSnapshots(_ context.Context) (string, error)
 
+	ForwardUnixGuestAgent() bool
+
 	GuestAgentConn(_ context.Context) (net.Conn, error)
 }
 
@@ -73,6 +75,7 @@ type BaseDriver struct {
 
 	SSHLocalPort int
 	VSockPort    int
+	VirtioPort   string
 }
 
 var _ Driver = (*BaseDriver)(nil)
@@ -137,6 +140,10 @@ func (d *BaseDriver) ListSnapshots(_ context.Context) (string, error) {
 	return "", fmt.Errorf("unimplemented")
 }
 
+func (d *BaseDriver) ForwardUnixGuestAgent() bool {
+	return d.VSockPort == 0 && d.VirtioPort == ""
+}
+
 func (d *BaseDriver) GuestAgentConn(_ context.Context) (net.Conn, error) {
-	return nil, fmt.Errorf("unimplemented")
+	return nil, nil
 }
diff --git a/pkg/hostagent/hostagent.go b/pkg/hostagent/hostagent.go
@@ -54,6 +54,7 @@ type HostAgent struct {
 	eventEncMu sync.Mutex
 
 	vSockPort int
+	virtioPort string
 
 	clientMu sync.RWMutex
 	client   guestagentclient.GuestAgentClient
@@ -114,6 +115,7 @@ func New(instName string, stdout io.Writer, sigintCh chan os.Signal, opts ...Opt
 	}
 
 	vSockPort := 0
+	virtioPort := ""
 	if *y.VMType == limayaml.VZ {
 		vSockPort = 2222
 	} else if *y.VMType == limayaml.WSL2 {
@@ -122,9 +124,11 @@ func New(instName string, stdout io.Writer, sigintCh chan os.Signal, opts ...Opt
 			logrus.WithError(err).Error("failed to get free VSock port")
 		}
 		vSockPort = port
+	} else if *y.VMType == limayaml.QEMU {
+		virtioPort = filenames.VirtioPort
 	}
 
-	if err := cidata.GenerateISO9660(inst.Dir, instName, y, udpDNSLocalPort, tcpDNSLocalPort, o.nerdctlArchive, vSockPort); err != nil {
+	if err := cidata.GenerateISO9660(inst.Dir, instName, y, udpDNSLocalPort, tcpDNSLocalPort, o.nerdctlArchive, vSockPort, virtioPort); err != nil {
 		return nil, err
 	}
 
@@ -157,6 +161,7 @@ func New(instName string, stdout io.Writer, sigintCh chan os.Signal, opts ...Opt
 		Yaml:         y,
 		SSHLocalPort: sshLocalPort,
 		VSockPort:    vSockPort,
+		VirtioPort:   virtioPort,
 	})
 
 	a := &HostAgent{
@@ -173,6 +178,7 @@ func New(instName string, stdout io.Writer, sigintCh chan os.Signal, opts ...Opt
 		sigintCh:        sigintCh,
 		eventEnc:        json.NewEncoder(stdout),
 		vSockPort:       vSockPort,
+		virtioPort:      virtioPort,
 	}
 	return a, nil
 }
@@ -528,7 +534,6 @@ func (a *HostAgent) close() error {
 }
 
 func (a *HostAgent) watchGuestAgentEvents(ctx context.Context) {
-	// TODO: use vSock (when QEMU for macOS gets support for vSock)
 
 	// Setup all socket forwards and defer their teardown
 	if *a.y.VMType != limayaml.WSL2 {
@@ -541,6 +546,9 @@ func (a *HostAgent) watchGuestAgentEvents(ctx context.Context) {
 		}
 	}
 
+	localUnix := filepath.Join(a.instDir, filenames.GuestAgentSock)
+	remoteUnix := "/run/lima-guestagent.sock"
+
 	a.onClose = append(a.onClose, func() error {
 		logrus.Debugf("Stop forwarding unix sockets")
 		var errs []error
@@ -553,9 +561,20 @@ func (a *HostAgent) watchGuestAgentEvents(ctx context.Context) {
 				}
 			}
 		}
+		if a.driver.ForwardUnixGuestAgent() {
+			if err := forwardSSH(context.Background(), a.sshConfig, a.sshLocalPort, localUnix, remoteUnix, verbCancel, false); err != nil {
+				errs = append(errs, err)
+			}
+		}
+
 		return errors.Join(errs...)
 	})
 	for {
+		if a.client == nil || !isGuestAgentSocketAccessible(ctx, a.client) {
+			if a.driver.ForwardUnixGuestAgent() {
+				_ = forwardSSH(ctx, a.sshConfig, a.sshLocalPort, localUnix, remoteUnix, verbForward, false)
+			}
+		}
 		client, err := a.getOrCreateClient(ctx)
 		if err == nil {
 			if err := a.processGuestAgentEvents(ctx, client); err != nil {
@@ -590,8 +609,18 @@ func (a *HostAgent) getOrCreateClient(ctx context.Context) (guestagentclient.Gue
 	return a.client, err
 }
 
-func (a *HostAgent) createClient(ctx context.Context) (guestagentclient.GuestAgentClient, error) {
+func (a *HostAgent) createConnection(ctx context.Context) (net.Conn, error) {
 	conn, err := a.driver.GuestAgentConn(ctx)
+	// default to forwarded sock
+	if conn == nil && err == nil {
+		var d net.Dialer
+		conn, err = d.DialContext(ctx, "unix", filepath.Join(a.instDir, filenames.GuestAgentSock))
+	}
+	return conn, err
+}
+
+func (a *HostAgent) createClient(ctx context.Context) (guestagentclient.GuestAgentClient, error) {
+	conn, err := a.createConnection(ctx)
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/hostagent/requirements.go b/pkg/hostagent/requirements.go
@@ -6,7 +6,6 @@ import (
 	"time"
 
 	"github.com/lima-vm/lima/pkg/limayaml"
-	"github.com/lima-vm/lima/pkg/store/filenames"
 	"github.com/lima-vm/sshocker/pkg/ssh"
 	"github.com/sirupsen/logrus"
 )
@@ -136,7 +135,7 @@ Also see "/var/log/cloud-init-output.log" in the guest.
 A possible workaround is to run "lima-guestagent install-systemd" in the guest.
 `, a.vSockPort),
 		})
-	} else {
+	} else if a.virtioPort != "" {
 		req = append(req, requirement{
 			description: "the guest agent to be running",
 			script: fmt.Sprintf(`#!/bin/bash
@@ -146,12 +145,29 @@ if ! timeout 30s bash -c "until sudo fuser \"${sock}\" || sudo lsof \"${sock}\";
 	echo >&2 "lima-guestagent is not installed yet"
 	exit 1
 fi
-`, filenames.VirtioPort),
+`, a.virtioPort),
 			debugHint: fmt.Sprintf(`The guest agent with serialport /dev/virtio-ports/%s does not seem running.
 Make sure that you are using an officially supported image.
 Also see "/var/log/cloud-init-output.log" in the guest.
 A possible workaround is to run "lima-guestagent install-systemd" in the guest.
-`, filenames.VirtioPort),
+`, a.virtioPort),
+		})
+	} else {
+		req = append(req, requirement{
+			description: "the guest agent to be running",
+			script: `#!/bin/bash
+set -eux -o pipefail
+sock="/run/lima-guestagent.sock"
+if ! timeout 30s bash -c "until [ -S \"${sock}\" ]; do sleep 3; done"; then
+        echo >&2 "lima-guestagent is not installed yet"
+        exit 1
+fi
+`,
+			debugHint: `The guest agent (/run/lima-guestagent.sock) does not seem running.
+Make sure that you are using an officially supported image.
+Also see "/var/log/cloud-init-output.log" in the guest.
+A possible workaround is to run "lima-guestagent install-systemd" in the guest.
+`,
 		})
 	}
 	return req
diff --git a/website/content/en/docs/dev/Internals/_index.md b/website/content/en/docs/dev/Internals/_index.md
@@ -72,10 +72,12 @@ VNC:
 
 Guest agent:
 
-Each drivers use their own mode of communication 
+Each drivers use their own mode of communication
 - `qemu`: uses virtio-port `io.lima-vm.guest_agent.0`
 - `vz`: uses vsock port 2222
 - `wsl2`: uses free random vsock port
+The fallback is to use port forward over ssh port
+- `ga.sock`: Forwarded to `/run/lima-guestagent.sock` in the guest, via SSH
 
 Host agent:
 - `ha.pid`: hostagent PID

Original file line number	Diff line number	Diff line change
`@@ -110,7 +110,7 @@ func setupEnv(y *limayaml.LimaYAML, args TemplateArgs) (map[string]string, error`
`110`	`110`	`return env, nil`
`111`	`111`	`}`
`112`	`112`
`113`		`-func GenerateISO9660(instDir, name string, y *limayaml.LimaYAML, udpDNSLocalPort, tcpDNSLocalPort int, nerdctlArchive string, vsockPort int) error {`
	`113`	`+func GenerateISO9660(instDir, name string, y *limayaml.LimaYAML, udpDNSLocalPort, tcpDNSLocalPort int, nerdctlArchive string, vsockPort int, virtioPort string) error {`
`114`	`114`	`if err := limayaml.Validate(*y, false); err != nil {`
`115`	`115`	`return err`
`116`	`116`	`}`
`@@ -135,6 +135,7 @@ func GenerateISO9660(instDir, name string, y *limayaml.LimaYAML, udpDNSLocalPort`
`135`	`135`	`RosettaBinFmt: *y.Rosetta.BinFmt,`
`136`	`136`	`VMType: *y.VMType,`
`137`	`137`	`VSockPort: vsockPort,`
	`138`	`+ VirtIOPort: virtioPort,`
`138`	`139`	`Plain: *y.Plain,`
`139`	`140`	`}`
`140`	`141`
Original file line number	Diff line number	Diff line change
`@@ -81,6 +81,7 @@ type TemplateArgs struct {`
`81`	`81`	`SkipDefaultDependencyResolution bool`
`82`	`82`	`VMType string`
`83`	`83`	`VSockPort int`
	`84`	`+ VirtIOPort string`
`84`	`85`	`Plain bool`
`85`	`86`	`}`
`86`	`87`
Original file line number	Diff line number	Diff line change
`@@ -64,6 +64,8 @@ type Driver interface {`
`64`	`64`
`65`	`65`	`ListSnapshots(_ context.Context) (string, error)`
`66`	`66`
	`67`	`+ ForwardUnixGuestAgent() bool`
	`68`	`+`
`67`	`69`	`GuestAgentConn(_ context.Context) (net.Conn, error)`
`68`	`70`	`}`
`69`	`71`
`@@ -73,6 +75,7 @@ type BaseDriver struct {`
`73`	`75`
`74`	`76`	`SSHLocalPort int`
`75`	`77`	`VSockPort int`
	`78`	`+ VirtioPort string`
`76`	`79`	`}`
`77`	`80`
`78`	`81`	`var _ Driver = (*BaseDriver)(nil)`
`@@ -137,6 +140,10 @@ func (d *BaseDriver) ListSnapshots(_ context.Context) (string, error) {`
`137`	`140`	`return "", fmt.Errorf("unimplemented")`
`138`	`141`	`}`
`139`	`142`
	`143`	`+func (d *BaseDriver) ForwardUnixGuestAgent() bool {`
	`144`	`+ return d.VSockPort == 0 && d.VirtioPort == ""`
	`145`	`+}`
	`146`	`+`
`140`	`147`	`func (d *BaseDriver) GuestAgentConn(_ context.Context) (net.Conn, error) {`
`141`		`- return nil, fmt.Errorf("unimplemented")`
	`148`	`+ return nil, nil`
`142`	`149`	`}`