amshinde
commented
6 years ago @egernst Can you take a look. I am planning to move this Kata eventually.
Closed amshinde closed 5 years ago
amshinde
commented
6 years ago @egernst Can you take a look. I am planning to move this Kata eventually.
amshinde
commented
6 years ago @mcastelino yes, we are doing that so that devices created in the VM's /dev appear in the container /dev. We filter out initially by mounting /dev as tmpfs so we have a very limited set of devices to begin with and then use udev events to bind mount all devices that appear after the container has started. We dont have any filtering rules at present for the bind-mounting, these would be any devices that are created after the container has started mostly due to the user interacting on the container command line.
amshinde
commented
6 years ago @mcastelino For Kata, plan is to pass some predictable identifiers for the VFIO devices specifically so that we do not need to pass -v /dev. I am looking at things such as vendor-id that can be leveraged to identify the VFIO device passed, so that the corresponding device node can be created inside the container. Still looking at this.
Add explanation regarding how devices passed with VFIO can be accessed with a container.
Fixes #1079
Signed-off-by: Archana Shinde archana.m.shinde@intel.com