Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save alexellis/d17799494dbd7b67e5f686b017a8af91 to your computer and use it in GitHub Desktop.
Save alexellis/d17799494dbd7b67e5f686b017a8af91 to your computer and use it in GitHub Desktop.
Installing OpenFaaS with libkrun-based isolation on Fedora 33

Installing OpenFaaS with libkrun-based isolation on Fedora 33

Setting up the system

Revert to cgroup v1

The version of containerd that OpenFaaS will download during the installation doesn't support cgroup v2, so we need to configure systemd to avoid using the Unified cgroup Hierarchy, and reboot the system:

sudo dnf install -y grubby
sudo grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=0"
sudo systemctl reboot

Install required packages

sudo dnf install -y iptables golang git make perl-Digest-SHA

Install OpenFaaS

Use OpenFaaS automated installation script

git clone https://github.com/slp/faasd
cd faasd
./hack/install.sh

Build and install the patched binary

git checkout faasd-libkrun
make local
sudo mv /usr/local/bin/faasd /usr/local/bin/faasd.bak
sudo cp bin/faasd /usr/local/bin/faasd
sudo systemctl reboot

Install libkrun

Install libkrun and crun-krun packages from COPR

sudo dnf copr enable -y slp/libkrunfw
sudo dnf copr enable -y slp/libkrun
sudo dnf copr enable -y slp/crun-krun
sudo dnf install -y crun-krun

Replace runc with crun-krun

sudo mv /usr/bin/runc /usr/bin/runc.bak
sudo cp /usr/bin/crun-krun /usr/bin/runc

Enable DNS resolution via TCP

libkrun TSI-based networking only supports AF_INET streams at the moment, so we need to do DNS resolution via TCP:

printf '\noptions use-vc' | sudo tee -a /var/lib/faasd/resolv.conf
printf '\noptions use-vc' | sudo tee -a /var/lib/faasd-provider/resolv.conf

Test the installation

sudo cat /var/lib/faasd/secrets/basic-auth-password | faas-cli login -s
faas-cli store deploy "ASCII Cows"
curl http://127.0.0.1:8080/function/cows
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment