Addressing
A socket address is defined as a combination of a 32-bit Context Identifier (CID) and a 32-bit port number:- CID: Identifies the source or destination, which is either a virtual machine or the host. There are several special addresses:
- VMADDR_CID_ANY (-1U) means any address for binding
- VMADDR_CID_HYPERVISOR (0) is reserved for services built into the hypervisor
- VMADDR_CID_RESERVED (1) must not be used
- VMADDR_CID_HOST (2) is the well-known address of the host
- Port: Differentiates between multiple services running on a single machine.
Setup
Verify the kernel configs as follows:- Host kernel:
CONFIG_EVENTFD=y
CONFIG_VSOCKETS=y
CONFIG_VSOCKETS_DIAG=y
CONFIG_VHOST_VSOCK=m
CONFIG_VHOST=m - Guest kernel:
CONFIG_VIRTIO
CONFIG_VSOCKETS=y
CONFIG_VIRTIO_VSOCKETS=m
CONFIG_VIRTIO_VSOCKETS_COMMON=m
user@host$ modprobe vhost_vsock
If SELinux is running: Unless you provide respective exception policies, make sure that it is set to 'permissive':
user@host$ setenforce Permissive
Usage Example
Use streaming sockets of address family AF_VSOCK for vsock-based communication.However, instead of writing your own BSD-sockets programs, you can simply use nc-vsock, a netcat clone. If not available in your linux distribution, download and build as follows in host and guest:
user@host$ git clone https://github.com/stefanha/nc-vsock
user@host$ cd nc-vsock
user@host$ make
Next up, enable a guest domain by adding a vsock device as follows: <vsock model='virtio'>
<cid auto='no' address='9'/>
<address type='ccw' cssid='0xfe' ssid='0x0' devno='0x0003'/>
</vsock>
Note that these parts can be skipped during guest definition.Start a server on the host as follows:
user@host$ nc-vsock -l 1234
Send a message from a guest to the host (represented by CID 2, see above): user@guest$ echo "This message is from guest $HOSTNAME" > guestmsg.txt
user@guest$ nc-vsock 2 1234 < guestmsg.txt
Finally check the host's console to confirm that the message from the guest was received indeed: user@host$ nc-vsock -l 1234
Connection from cid 9 port 1024...
This message is from guest s38lp11
No comments:
Post a Comment