* krunkit: Add krunkit driver
krunkit is a tool to launch configurable virtual machines using the
libkrun platform, optimized for GPU accelerated virtual machines and AI
workloads on Apple silicon.
It is mostly compatible with vfkit; the driver is a simplified copy of
the vfkit driver. Unlike vfkit, krunkit is available only on Apple
silicon.
Changes compared to vfkit driver:
- krunkit requires unix socket for networking, so we must use
vment-helper.
- krunkit does not support HardStop, so we kill it using SIGKILL.
- We must enable vmnet offloading, required for krunkit.
- The code was simplified since vmnet-helper is always used
- Code was cleaned up to use .ResolveStorePath()
- Unused Upgrade() function was removed
- Types and functions that should not be public made private
We require krunkit 0.2.2, supporting --restul-uri=unix://.
* reason: Make vment-helper error driver agnostic
Previously it was used only for vfkit, so we suggested to fallback to
the `nat` network. This advice is not relevant to krunkit or to qemu
(which can also use vmnet-helper).
Change the error to recommend installing vment-helper. We need to think
how we can recommend other networks for vfkit and qemu. Another solution
is to create error for every driver+network combination but this seems
hard to manage.
* hack: Add krunkit integration test
This is the same way that we test vfkit. This test is not running in the
CI.
Issues:
- Need to install and configure vment-helper (requires root).
* site: Add krunkit driver documentation
In #20833 we switch to --bootloader=efi, breaking vfkit on x86_64.
Switch to --bootloader=linux to restore support for older macs. This
also enable running vfkit basic tests in github runners.
This change does not revert #20833 since it contained other important
changes that we squashed during merge. We also use the new
--bootloader=linux instead of the legacy --kernel, --initrd, and
--cmdline flags.
Issues:
- On x86_64 using console=hvc0 breaks boot. Using console=ttyS0 works,
but serial.log is always empty.
* iso: Minimal kernel for arm64
Create default arm64 config and disable stuff that we cannot use in
a VM.
This chagne was generated by:
1. Create defualt arm64 config
cd out/buildroot/output-aarch64/build/linux-6.6.95
make ARCH=arm64 defconfig
make ARCH=arm64 menuconfig
(exit saving changes)
2. Disable features that we don't need in the minikube VM:
- Platform suppport
- all platforms
- Device drivers
- Multimedia support
- Sound support
3. Updated our linux defconfig
cd out/buildroot/output-aarch64
make linux-update-defconfig
4. Normalize the config
make linux-menuconfig-aarch64
(exit saving changes)
With this config qemu, vfkit, and krunkit boot with --no-kubernetes, and
graceful shutdown works in vfkit and krunkit (using --restful-uri).
We cannot start kubernetes yet since some features are not available in
the default architecture config.
* iso: Add configs removed by defualt config
This restores the configs removed by updating from the default
architecture config. These configs are required for kubernetes support.
After adding the removed configs, run `make linux-menuconfig-aarch64` to
normalize the config and remove multimedia and sound card support again.
* iso: Unbreak go packages build
Adding go.work seems to break podman build. The workspace is needed only
for running the update commands so let's disable it when building the
iso.
We may need much bigger change to ensur that the workspace is used only
when running the update go commands, or remove it. This change fixes
only the iso build.
* Updating ISO to v1.36.0-1752940814-21089
---------
Co-authored-by: minikube-bot <minikube-bot@google.com>
Like krunkit and vmnet-helper, we redirect vfkit logs to
$MINIKUBE_HOME/.minikube/machines/name/vfkit.log
This will be helpful to debug case when vfkit exits with an error.
Currently this error goes to /dev/null which makes debugging impossible.
It will be also useful if we need to get help from vfkit folks.
Example log:
time="2025-07-20T02:48:43+03:00" level=info msg="&{2 6144 {[efi variable-store=/Users/nir/.minikube/machines/minikube/vfkit.efivars create] true} [virtio-net,nat,mac=1e:ac:f2:43:84:b3 virtio-rng virtio-blk,path=/Users/nir/.minikube/machines/minikube/boot2docker.iso virtio-blk,path=/Users/nir/.minikube/machines/minikube/disk.img virtio-serial,logFilePath=/Users/nir/.minikube/machines/minikube/serial.log] unix:///Users/nir/.minikube/machines/minikube/vfkit.sock debug false {[] false}}"
time="2025-07-20T02:48:43+03:00" level=info msg="boot parameters: &{EFIVariableStorePath:/Users/nir/.minikube/machines/minikube/vfkit.efivars CreateVariableStore:true}"
time="2025-07-20T02:48:43+03:00" level=info
time="2025-07-20T02:48:43+03:00" level=info msg="virtual machine parameters:"
time="2025-07-20T02:48:43+03:00" level=info msg="\tvCPUs: 2"
time="2025-07-20T02:48:43+03:00" level=info msg="\tmemory: 6144 MiB"
time="2025-07-20T02:48:43+03:00" level=info
time="2025-07-20T02:48:43+03:00" level=info msg="Adding virtio-net device (nat: true macAddress: [1e:ac:f2:43:84:b3])"
time="2025-07-20T02:48:43+03:00" level=info msg="Adding virtio-rng device"
time="2025-07-20T02:48:43+03:00" level=info msg="Adding virtio-blk device (imagePath: /Users/nir/.minikube/machines/minikube/boot2docker.iso)"
time="2025-07-20T02:48:43+03:00" level=info msg="Adding virtio-blk device (imagePath: /Users/nir/.minikube/machines/minikube/disk.img)"
time="2025-07-20T02:48:43+03:00" level=info msg="Adding virtio-serial device (logFile: /Users/nir/.minikube/machines/minikube/serial.log)"
time="2025-07-20T02:48:43+03:00" level=info msg="virtual machine is running"
time="2025-07-20T02:48:43+03:00" level=info msg="waiting for VM to stop"
* smoke test
* add logic to detect nested VMs
* increase memory to 8gb for tesT
* use the network flag for both qemu and vfkit
* code review comments
* separate minikube download
* separate minikube download
* force cpu1
* add docker for smoke test
* exclude envs dont need in matrix
* change back to 3
* remove unused code
* add info block for linux as well
* add go work files since there hack mod uses root mod
* add toolchain
* change Makefile to run the updates using full path to use go.work file
* add comment make file and move generate license above
* add go-license to ignore to avoid making release commit dirty
* force hack module to use older tablewriter lib
* dont do gitignore
When mouting volumes we need to use :Z suffix to allow access to the
mounted directory. This fixes docker run when running on Fedora an other
distros using selinux by default.
* iso: Update kernel to 6.6.95 for x86_64
Generated by running `make iso-menuconfig-x86_64` and updating kernel
version to longterm kernel 6.6.95 and kernel headers to 6.6.x, and then
running `make linux-menuconfig-x86_64` to update the linux config.
Additinally update hyperv-daemons package to use kernel 6.x.
* iso: Update kernel to 6.6.95 for aarch64
Generated by running `make iso-menuconfig-aarch64` and updating kernel
version to longterm kernel 6.6.95 and kernel headers to 6.6.x, and then
running `make linux-menuconfig-aarch64` to update the linux config.
* iso: Enable VirtIO GPU for krunkit driver
The krunkit driver exposes the host GPU via VirtIO GPU, enabling AI
workloads in the guest.
* Updating ISO to v1.36.0-1751445739-20995
---------
Co-authored-by: minikube-bot <minikube-bot@google.com>
* iso: Extract buildroot target
Beofre we can build the iso, we need to clone and configure buildroot.
This is required to run iso-menuconfig-{arch}.
* iso: Extract iso-prepare-% target
This target prepare for building an iso or running menuconfig. With this
change we can run the {iso,linux}-menuconfig-{x86_64,aarch64} targets
without buidling the entire iso.
* iso: Fix linux-menuconfig-% target
Previouly it worked only after building the entire iso. Now we make this
target without building the iso or running iso-menuconfig.
On the first run this downloads and builds lot for packages required to
run the linux-menuconfig target, but it is much shorter than buidling
the entire iso.
* iso: Simplify linux-menuconfig-%
Preveviously we copied the defconfig manauly to the beoard config file.
This can be done using the special linux-update-defconfig target.
With this change we don't need to keep KERNEL_VERSION in the Makefile,
making future upgrade easier.
* iso: Update buildroot configuration for aarch64
Run `make iso-menuconfig-aarch64` without making any changes updates the
buildroot config. It seems that there were manual changes in the config
which are overwritten when running iso-menuconfig. Removing the manual
changes to make it easier to edit the configuration with kconfig.
* iso: Update buildroot configuration for x86_64
Same as the aarch64 change to make it easier to configure using kconfig.
* iso: Update linux configuration for aarch64
Same as iso-menuconfig-aarch64, run `make linux-menuconfig-aarch64` and
exit without any change to update the config. This seems to change the
order, removing manual changes from the config. This will make it easier
to configure using kconfig in the future.
* iso: Update linux configuration for x86_64
Same as the aarch64 changes to make it easier to configure using kconfig
in the future.
* iso: Disable all platform for aarch64
We run on qemu virt machine or apple virtualization so we don't need
support for all kinds of embeded Arm boards. This reduces the arm64 iso
size from 410 MiB to 392 MiB.
* Updating ISO to v1.36.0-1751221996-20991
* Updating ISO to v1.36.0-1751315722-20991
---------
Co-authored-by: minikube-bot <minikube-bot@google.com>
libkrun virtio-net driver enables TSO offloading and checksum
offloading by default, so we must use vment-helper --enable-tso and
--enable-checksum-offload with krunkit. These options do not work with
vfkit.
minikube-bot
dependabot[bot]
Nir Soffer
Divy Singhvi
Medya Ghazizadeh
Cosmic Oppai
Lefteris T.
Jeff MAURY
Joaquim Rocha