Skip to content

block: add read-only VMDK disk image support#5741

Open
ChengyuZhu6 wants to merge 1 commit intofirecracker-microvm:mainfrom
ChengyuZhu6:vmdk
Open

block: add read-only VMDK disk image support#5741
ChengyuZhu6 wants to merge 1 commit intofirecracker-microvm:mainfrom
ChengyuZhu6:vmdk

Conversation

@ChengyuZhu6
Copy link
Copy Markdown

@ChengyuZhu6 ChengyuZhu6 commented Mar 8, 2026

Introduce read-only VMDK (monolithicFlat) support using the imago library.

Changes

...

Reason

...

License Acceptance

By submitting this pull request, I confirm that my contribution is made under
the terms of the Apache 2.0 license. For more information on following Developer
Certificate of Origin and signing off your commits, please check
CONTRIBUTING.md.

PR Checklist

  • I have read and understand CONTRIBUTING.md.
  • I have run tools/devtool checkbuild --all to verify that the PR passes
    build checks on all supported architectures.
  • I have run tools/devtool checkstyle to verify that the PR passes the
    automated style checks.
  • I have described what is done in these changes, why they are needed, and
    how they are solving the problem in a clear and encompassing way.
  • I have updated any relevant documentation (both in code and in the docs)
    in the PR.
  • I have mentioned all user-facing changes in CHANGELOG.md.
  • If a specific issue led to this PR, this PR closes the issue.
  • When making API changes, I have followed the
    Runbook for Firecracker API changes.
  • I have tested all new and changed functionalities in unit tests and/or
    integration tests.
  • I have linked an issue to every new TODO.
  • This functionality cannot be added in rust-vmm.

@ChengyuZhu6
block: add read-only VMDK disk image support
fbb25f9 
Introduce read-only VMDK (monolithicFlat) support using the imago
library.

Signed-off-by: ChengyuZhu6 <hudson@cyzhu.com>
@hsiangkao
Copy link
Copy Markdown

hsiangkao commented Mar 15, 2026

@ChengyuZhu6 what prevents this as a draft?

@ChengyuZhu6 ChengyuZhu6 marked this pull request as ready for review April 1, 2026 03:33
@ChengyuZhu6 ChengyuZhu6 mentioned this pull request Apr 1, 2026
Open
4 tasks
@ShadowCurse
Copy link
Copy Markdown
Contributor

ShadowCurse commented Apr 1, 2026

Hi @ChengyuZhu6, unfortunately we don't have enough bandwidth to review this for now.

@hsiangkao
Copy link
Copy Markdown

hsiangkao commented Apr 1, 2026

Hi @ChengyuZhu6, unfortunately we don't have enough bandwidth to review this for now.

@ShadowCurse I guess this one is not complicated and it seems almost half the change is test cases.
Since it uses imago library to handle vmdk format, I guess the remaining logic should be straight-forward?

Also I guess the commit message should be improved to make the usage clear at least.

@Manciukic
Copy link
Copy Markdown
Contributor

Manciukic commented Apr 8, 2026

Hey @hsiangkao, @ChengyuZhu6,

first of all, thank you very much for the contribution! I think this is a very promising solution for container workloads. Do you have any examples on how this would integrate with containerd?

However, we take every new feature very seriously and we need to undergo an internal security review for every new feature, which means that despite the change itself being small, it requires a non-trivial amount of time from our side that we don't have at the moment.

In any case, having a very quick look at the PR:

  • do we really need a dependency on tokio?
  • the dependency on imago is fine, I think (but I didn't check that crate yet), but it should be from crates.io and not gitlab.

@hsiangkao
Copy link
Copy Markdown

hsiangkao commented Apr 8, 2026

Hey @hsiangkao, @ChengyuZhu6,

first of all, thank you very much for the contribution! I think this is a very promising solution for container workloads. Do you have any examples on how this would integrate with containerd?

Hi @Manciukic, thank you very much for the reply! currently I don't have some free slot to run an end-to-end example using containerd + kata-containers + firecracker, but I will find (or I hope @ChengyuZhu6 could finish the pull request message at least) time to run an e2e later.

but the story is much similar to what we did for nerdbox + libkrun:
containerd/nerdbox#30

and my final interest is that to apply VMDK to virtio-pmem as well so that each backing file can be passthrough into guests and shared in a finer way: of course, virtio-pmem could bring some security concern, but depends on the workload, it could also be useful if memory sharing is not an issue.

However, we take every new feature very seriously and we need to undergo an internal security review for every new feature, which means that despite the change itself being small, it requires a non-trivial amount of time from our side that we don't have at the moment.

In any case, having a very quick look at the PR:

  • do we really need a dependency on tokio?

I will defer this question to @ChengyuZhu6 .

  • the dependency on imago is fine, I think (but I didn't check that crate yet), but it should be from crates.io and not gitlab.

yes, imago has published on crates.io with qcow2 and this limited vmdk support.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@ShadowCurse ShadowCurse

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ChengyuZhu6 @hsiangkao @ShadowCurse @Manciukic