Support for lima usernet network

[balajiv113]

fixes #1222

This PR adds support for the following,

• Lima Usernet (Provides host -> vm, vm <-> vm communication)
• Usernet as daemon and support for reconciler similar to socket_vmnet
• New property added in yaml usernet.enabled, defaults to false. If its set to true, lima usernet will replace the slirp network

Todo items

• Handle timeout in usernet client
• Example template
• Test for Performance issues
• Writing integration test (Atleast for QEMU)
• Documentation

[AkihiroSuda]

Seems confusing to have two network options both called "user"...

https://wiki.qemu.org/Documentation/Networking#User_Networking_(SLIRP)

Originally posted by @afbjorklund in #1222 (comment)

[AkihiroSuda]

Bikeshedding:

• gvisor (confusing because it does not use gvisor's process sandbox)
• gvisor-tap-vsock (confusing because it is not gvisor, nor tap, nor vsock)
• netstack (confusing because any networking can be called "net(work) stack"
• user-v2 (confusing because there was no user-v1)
• modern (confusing because it can be eventually legacy)

Edit

• builtin
• multivm
• multi-vm
• vm-to-vm
• vm2vm
• v2v

[afbjorklund]

Actually it would be OK to name both of them "user", and then toggle the slirp vs gvisor later ?

Just was afraid that we would have one called "user" and a different one called "usernet"...

[balajiv113]

Am bit confused on this "two network options both called user"

As of now we don't have any configuration for slirp right?
And the one we provide now will be more a toggle, if enabled will use the latest or revert to the old modal ?

[afbjorklund]

It is called user in qemu, is what I meant. If there is an option called usernet in lima too, it is confusing.

[AkihiroSuda]

Or "multivm", "multi-vm", "vm-to-vm", "vm2vm", "v2v"

[balajiv113]

To me the following suggestions looks good,

• user-v2 as this give support for giving further versions as well like user-v3 etc.
• builtin since usernet command is within limactl it kind of makes sense as well

[AkihiroSuda]

@afbjorklund @jandubois
WDYT?

[afbjorklund]

I don't know what happened with "user-v1", is that the normal one ? But "user-v2" seems complicated to me, as a yaml default. But maybe it needs versioning (as per above, "user-v3", "user-v4") otherwise "builtin" is simpler.

[abiosoft]

What about calling it "builtin"

My vote is for builtin

[balajiv113]

Marking PR as ready for review as the code looks lot better compared to the initial version.

There are some todo items but i think it can be done incrementally as well. Should not affect the current code much.
Will start with documentation as a last item once naming are finalised

[balajiv113]

Testing for performance are done as well.

I tested in M1 with some long running instance (for more than a day with sleep). Haven't faced any issues (There was slight degrade when did iperf3, but on restarting iperf3 -s on host the performance was back to more meaningful value)

Also performance of QEMU is improved with this PR containers/gvisor-tap-vsock#188

Performance report
VZ <-> Host

$ iperf3 -c host.lima.internal
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  2.64 GBytes  2.27 Gbits/sec    0             sender
[  5]   0.00-10.02  sec  2.64 GBytes  2.26 Gbits/sec                  receiver

iperf Done.
$ iperf3 -c host.lima.internal -R
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  2.02 GBytes  1.73 Gbits/sec    0             sender
[  5]   0.00-10.00  sec  2.02 GBytes  1.73 Gbits/sec                  receiver

QEMU <-> Host

$ iperf3 -c host.lima.internal
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  1.84 GBytes  1.58 Gbits/sec    0             sender
[  5]   0.00-10.00  sec  1.84 GBytes  1.58 Gbits/sec                  receiver

iperf Done.
$ iperf3 -c host.lima.internal -R
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  1.21 GBytes  1.04 Gbits/sec    0             sender
[  5]   0.00-10.00  sec  1.21 GBytes  1.04 Gbits/sec                  receiver

iperf Done.

VZ <-> QEMU

$ iperf3 -c 192.168.5.1
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  1.44 GBytes  1.24 Gbits/sec    0             sender
[  5]   0.00-10.07  sec  1.44 GBytes  1.23 Gbits/sec                  receiver

iperf Done.
$ iperf3 -c 192.168.5.1 -R
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.04  sec  1.83 GBytes  1.57 Gbits/sec    0             sender
[  5]   0.00-10.00  sec  1.83 GBytes  1.57 Gbits/sec                  receiver

iperf Done.

[AkihiroSuda]

Support video display for vz

Seems mixed up with a different PR

[AkihiroSuda]

usernet.yaml

usernet-v2.yaml, or maybe net-user-v2.yaml
(If we are going to call the new network as user-v2)

[balajiv113]

Will rename this once the name is decided in above comment

[balajiv113]

Done

[afbjorklund]

Here is what I got:

? Creating an instance "usernet" Proceed with the current configuration
FATA[0001] the YAML is invalid, saved the buffer as "lima.REJECTED.yaml": field `networks[0].lima` is only supported on macOS right now 
FATA[0000] vm driver 'vz' needs macOS 13 or later (Hint: try recompiling Lima if you are seeing this error on macOS 13) 
FATA[0000] field `mountType` must be "reverse-sshfs" or "9p" for QEMU driver , got "virtiofs" 

And eventually:

"level":"fatal","msg":"template: :1:21: executing \"\" at \u003cfd_connect \"/home/anders/.lima/_networks/usernet_default_qemu.sock\"\u003e: error calling fd_connect: fd_connect: dial unix /home/anders/.lima/_networks/usernet_default_qemu.sock: connect: no such file or directory"

[balajiv113]

Missed support for linux with networks.lima property.
Will fix it. Thanks 👍

[balajiv113]

@afbjorklund
Done changes to support linux, can you check if it works now :)

[jandubois]

@afbjorklund @jandubois
WDYT?

To be honest, I kind of like the name "usernet". I'm also not confusing it with QEMU networking, as I always think of that one as SLIRP. "User mode networking" is just the general category, and SLIRP is a specific instance of it.

Now, you could argue that we should not use the category name ("user mode networking") and usurp it for the specific Lima implementation, but again personally I'm not bothered by it because it is disambiguated by context (it is the Lima usernet). I think descriptive names are good.

And if we ever need another name, and still can't come up with anything better, then we can still use usernet-v2. But maybe (hopefully) we will just have some different configuration parameter to tweak the implementation instead of having to replace it wholesale again.

[AkihiroSuda]

To be honest, I kind of like the name "usernet". I'm also not confusing it with QEMU networking, as I always think of that one as SLIRP. "User mode networking" is just the general category, and SLIRP is a specific instance of it.

"slirp" has become a general category too.
Docker calls VPNKit as "slirp", although its implementation is different from the original slirp.
(Not an important topic here though)

[jandubois]

I have no strong feelings about the name. I prefer usernet, but I can also live with user-v2 if that is what everyone else prefers.

Just to throw something else out: How about tunnel, because that's what it does, or at least what we use it for.

Not even sure if I like it myself though; might delete later. 🤣

[AkihiroSuda]

Suggested change

	Local: fmt.Sprintf(":%d", sshPort),
	Local: fmt.Sprintf("127.0.0.1:%d", sshPort),

[balajiv113]

Done

[AkihiroSuda]

s/-/_/ in the filename

[balajiv113]

Done

[AkihiroSuda]

Shouldn't be needed

[balajiv113]

Done

[AkihiroSuda]

Shouldn't be needed

[balajiv113]

Done

[AkihiroSuda]

Sorry needs another rebase

[balajiv113]

@AkihiroSuda - Done :)

[AkihiroSuda]

Thanks

[AkihiroSuda]

@jandubois @afbjorklund May I merge this, or do you want to take the final look before merging?

[jandubois]

May I merge this, or do you want to take the final look before merging?

I did want to review it, but I continue to be out of time. Feel free to merge if you are ok with it. At least it gets it into more people's hands for testing.

[alejandroiglesias]

Any chance of releasing this? It seems it would fix some issues I'm having.

[AkihiroSuda]

Any chance of releasing this? It seems it would fix some issues I'm having.

Yes, probably next week