diff --git a/README.md b/README.md index 102a5b0..9efbd3a 100644 --- a/README.md +++ b/README.md @@ -1,85 +1,149 @@ -# BitBuilder Hypervisor - -A git-ops-based, multi-tenant hypervisor platform built on systemd technologies for secure, isolated, and declaratively managed virtualization environments. - -## Overview - -BitBuilder Hypervisor is a next-generation hypervisor system that leverages the full power of systemd's virtualization and containerization capabilities to provide secure, isolated multi-tenant environments. Each tenant's configuration is version-controlled in Git repositories, enabling true infrastructure-as-code workflows with automatic provisioning and updates at boot time. - -## Key Features - -- **Git-Ops Native**: All configurations stored in Git repositories, pulled at boot time -- **Multi-Tenant Isolation**: Complete separation between tenants using systemd's security features -- **Immutable Host OS**: Read-only host system with all changes applied through git-controlled overlays -- **Declarative Configuration**: Everything defined as code, no manual configuration required -- **Zero-Trust Architecture**: Each tenant runs in completely isolated environments -- **Dynamic Provisioning**: Automatic tenant setup and teardown based on git repository state - -## Core Technologies - -### Systemd Components - -- **systemd-boot**: UEFI boot manager for secure boot chain -- **systemd-import-generator**: Automatic EFI image download and boot management -- **systemd-vmspawn**: Lightweight VM spawning for tenant isolation -- **systemd-nspawn**: Container spawning for application isolation -- **systemd-networkd**: Network configuration and isolation -- **systemd-homed**: User home directory management with encryption -- **Portable Services**: Self-contained service images -- **sysext/confext**: System and configuration extensions via overlayfs -- **Varlink**: IPC protocol for service communication - -### Linux Userspace API Specifications - -BitBuilder Hypervisor implements and adheres to the [Linux Userspace API Specifications](https://uapi-group.org/specifications/): - -- [**Configuration Files Specification**](https://uapi-group.org/specifications/specs/configuration_files_specification/): Standardized locations for configuration management -- [**Discoverable Partitions Specification (DPS)**](https://uapi-group.org/specifications/specs/discoverable_partitions_specification/): Auto-discovery of partition semantics -- [**Discoverable Disk Image (DDI)**](https://uapi-group.org/specifications/specs/discoverable_disk_image/): Self-describing system images -- [**Extension Image**](https://uapi-group.org/specifications/specs/extension_image/): Layered extensions to base images - - **sysext**: System Extension Images overlaid on `/usr/` and `/opt/` - - **confext**: Configuration Extension Images overlaid on `/etc/` -- [**Unified Kernel Image (UKI)**](https://uapi-group.org/specifications/specs/unified_kernel_image/): Combined kernel, initrd, and boot configuration -- [**Boot Loader Specification (BLS)**](https://uapi-group.org/specifications/specs/boot_loader_specification/): Standardized boot configuration - -## Architecture Highlights - -- **Immutable Host**: The host OS boots from an immutable image downloaded via systemd-import-generator -- **Tenant Isolation**: Each tenant runs in isolated systemd-vmspawn/nspawn instances -- **Git-Based Configuration**: All tenant configurations pulled from dedicated Git repositories -- **Dynamic Mount Generation**: Custom systemd generators create tenant-specific mount points -- **Layered Extensions**: System capabilities extended through sysext/confext layers - -## Tenant Management +# ๐Ÿš€ BitBuilder Hypervisor + +[![License](https://img.shields.io/badge/License-MIT-blue.svg?style=flat-square)](LICENSE) +[![SystemD](https://img.shields.io/badge/SystemD-258+-blue?style=flat-square)](https://systemd.io/) +[![Git-Ops](https://img.shields.io/badge/Git--Ops-Native-orange?style=flat-square)](https://www.gitops.tech/) +[![UEFI](https://img.shields.io/badge/UEFI-Secure%20Boot-green?style=flat-square)](https://uefi.org/) + +> **๐Ÿ”ฅ A revolutionary git-ops-based, multi-tenant hypervisor platform built on systemd technologies for secure, isolated, and declaratively managed virtualization environments.** + +--- + +## ๐ŸŒŸ Overview + +**BitBuilder Hypervisor** is a next-generation hypervisor system that leverages the full power of systemd's virtualization and containerization capabilities to provide secure, isolated multi-tenant environments. Each tenant's configuration is version-controlled in Git repositories, enabling true infrastructure-as-code workflows with automatic provisioning and updates at boot time. + +--- + +## โœจ Key Features + +| Feature | Description | Benefits | +|---------|-------------|----------| +| ๐Ÿ“š **Git-Ops Native** | All configurations stored in Git repositories, pulled at boot time | Version control, atomic deployments, rollback capability | +| ๐Ÿ  **Multi-Tenant Isolation** | Complete separation between tenants using systemd's security features | Zero trust architecture, cryptographic boundaries | +| ๐Ÿ›ก๏ธ **Immutable Host OS** | Read-only host system with all changes applied through git-controlled overlays | Eliminates configuration drift, enhanced security | +| ๐ŸŽฏ **Declarative Configuration** | Everything defined as code, no manual configuration required | Infrastructure as Code, automated provisioning | +| ๐Ÿ” **Zero-Trust Architecture** | Each tenant runs in completely isolated environments | Hardware-backed security, namespace isolation | +| โšก **Dynamic Provisioning** | Automatic tenant setup and teardown based on git repository state | Scalable operations, automated lifecycle management | + +--- + +## ๐Ÿ”ง Core Technologies + +### ๐Ÿ–ฅ๏ธ Systemd Components + +| Component | Purpose | Features | +|-----------|---------|----------| +| ๐Ÿš€ **systemd-boot** | UEFI boot manager for secure boot chain | Secure boot, UKI support, boot management | +| โฌ‡๏ธ **systemd-import-generator** | Automatic EFI image download and boot management | DDI support, automatic updates, verification | +| ๐Ÿ–ฅ๏ธ **systemd-vmspawn** | Lightweight VM spawning for tenant isolation | Hardware virtualization, resource isolation | +| ๐Ÿ“ฆ **systemd-nspawn** | Container spawning for application isolation | Namespace isolation, security boundaries | +| ๐ŸŒ **systemd-networkd** | Network configuration and isolation | Software-defined networking, tenant isolation | +| ๐Ÿ  **systemd-homed** | User home directory management with encryption | Encrypted homes, hardware-backed auth | +| ๐ŸŽ **Portable Services** | Self-contained service images | Application portability, dependency isolation | +| ๐Ÿ“‹ **sysext/confext** | System and configuration extensions via overlayfs | Layered filesystems, immutable updates | +| ๐Ÿ”— **Varlink** | IPC protocol for service communication | Type-safe IPC, service discovery | + +### ๐Ÿ“‹ Linux Userspace API Specifications + +BitBuilder Hypervisor implements and adheres to the [**Linux Userspace API Specifications**](https://uapi-group.org/specifications/): + +| Specification | Purpose | Implementation | +|---------------|---------|----------------| +| ๐Ÿ“„ [**Configuration Files Specification**](https://uapi-group.org/specifications/specs/configuration_files_specification/) | Standardized locations for configuration management | `/etc`, `/usr/lib`, `/run` hierarchy | +| ๐Ÿ’ฝ [**Discoverable Partitions Specification (DPS)**](https://uapi-group.org/specifications/specs/discoverable_partitions_specification/) | Auto-discovery of partition semantics | GPT partition type GUIDs | +| ๐Ÿ“€ [**Discoverable Disk Image (DDI)**](https://uapi-group.org/specifications/specs/discoverable_disk_image/) | Self-describing system images | Unified disk images with metadata | +| ๐Ÿ”ง [**Extension Image**](https://uapi-group.org/specifications/specs/extension_image/) | Layered extensions to base images | Overlay filesystem extensions | +| โ”œโ”€โ”€ ๐Ÿ—‚๏ธ **sysext** | System Extension Images overlaid on `/usr/` and `/opt/` | Runtime system extensions | +| โ””โ”€โ”€ ๐Ÿ› ๏ธ **confext** | Configuration Extension Images overlaid on `/etc/` | Runtime configuration extensions | +| ๐Ÿš€ [**Unified Kernel Image (UKI)**](https://uapi-group.org/specifications/specs/unified_kernel_image/) | Combined kernel, initrd, and boot configuration | Single-file bootable images | +| ๐Ÿฅพ [**Boot Loader Specification (BLS)**](https://uapi-group.org/specifications/specs/boot_loader_specification/) | Standardized boot configuration | systemd-boot integration | + +--- + +## ๐Ÿ—๏ธ Architecture Highlights + +| Component | Description | Technology | +|-----------|-------------|------------| +| ๐Ÿ›ก๏ธ **Immutable Host** | The host OS boots from an immutable image downloaded via systemd-import-generator | DDI images, systemd-import | +| ๐Ÿ  **Tenant Isolation** | Each tenant runs in isolated systemd-vmspawn/nspawn instances | Hardware virtualization, namespaces | +| ๐Ÿ“š **Git-Based Configuration** | All tenant configurations pulled from dedicated Git repositories | Git-ops, declarative config | +| ๐Ÿ—‚๏ธ **Dynamic Mount Generation** | Custom systemd generators create tenant-specific mount points | systemd generators, overlay mounts | +| ๐Ÿ”ง **Layered Extensions** | System capabilities extended through sysext/confext layers | Extension images, overlayfs | + +--- + +## ๐Ÿ  Tenant Management + +Each tenant in the BitBuilder Hypervisor follows a complete lifecycle management approach: + +```mermaid +graph LR + A[๐Ÿ“š Git Repository] --> B[๐Ÿ” Discovery] + B --> C[โšก Provisioning] + C --> D[๐Ÿ–ฅ๏ธ VM/Container] + D --> E[๐Ÿ”„ Updates] + E --> A + + style A fill:#e3f2fd + style B fill:#f3e5f5 + style C fill:#e8f5e8 + style D fill:#fff3e0 + style E fill:#fce4ec +``` -Each tenant in the BitBuilder Hypervisor: +### ๐Ÿ”„ Tenant Lifecycle + +| Step | Process | Details | +|------|---------|---------| +| **1๏ธโƒฃ** | **Dedicated Git Repository** | Each tenant has its own configuration repository | +| **2๏ธโƒฃ** | **Automatic Provisioning** | Boot-time provisioning via `setup-tenant@.service` | +| **3๏ธโƒฃ** | **Isolated Execution** | Runs in systemd-vmspawn or systemd-nspawn instances | +| **4๏ธโƒฃ** | **Custom Extensions** | Can have tenant-specific sysext/confext layers | +| **5๏ธโƒฃ** | **Network Isolation** | Complete network isolation via systemd-networkd | +| **6๏ธโƒฃ** | **Automatic Updates** | Updates automatically when Git repository changes | + +--- + +## ๐Ÿš€ Boot Process + +```mermaid +sequenceDiagram + participant UEFI as ๐Ÿ”Œ UEFI Boot + participant Boot as ๐Ÿš€ systemd-boot + participant Import as โฌ‡๏ธ systemd-import-gen + participant Host as ๐Ÿ–ฅ๏ธ Host OS + participant Git as ๐Ÿ“š Git Sync + participant Discovery as ๐Ÿ” Tenant Discovery + participant Provision as โšก Tenant Provisioning + + UEFI->>Boot: Load boot configuration + Boot->>Import: Download and verify EFI image + Import->>Host: Start immutable host OS + Host->>Git: Pull system configurations + Git->>Discovery: Scan for tenant configs + Discovery->>Provision: For each tenant: + Note over Provision: โ€ข Clone/pull tenant repo
โ€ข Mount tenant directories
โ€ข Apply sysext/confext layers
โ€ข Start VM/container
โ€ข Execute provisioning units +``` -1. Has a dedicated Git repository containing all configuration -2. Gets provisioned automatically at boot via `setup-tenant@.service` -3. Runs in isolated systemd-vmspawn or systemd-nspawn instances -4. Can have custom sysext/confext layers for additional functionality -5. Has complete network isolation via systemd-networkd -6. Gets automatic updates when Git repository changes +### ๐Ÿ”„ Boot Sequence Details -## Boot Process +| Phase | Component | Action | Result | +|-------|-----------|---------|---------| +| **1๏ธโƒฃ** | ๐Ÿ”Œ **UEFI Boot** | systemd-boot loads the boot configuration | Secure boot validation | +| **2๏ธโƒฃ** | โฌ‡๏ธ **Image Import** | systemd-import-generator downloads and verifies the host EFI image | DDI image verification | +| **3๏ธโƒฃ** | ๐Ÿ–ฅ๏ธ **Host Boot** | Immutable host OS starts with minimal services | Base system ready | +| **4๏ธโƒฃ** | ๐Ÿ“š **Git Sync** | System-level configurations pulled from Git repositories | Configuration sync | +| **5๏ธโƒฃ** | ๐Ÿ” **Tenant Discovery** | Scan for tenant configurations in Git | Tenant enumeration | +| **6๏ธโƒฃ** | โšก **Tenant Provisioning** | For each discovered tenant: provision resources | Multi-tenant setup | -1. **UEFI Boot**: systemd-boot loads the boot configuration -2. **Image Import**: systemd-import-generator downloads and verifies the host EFI image -3. **Host Boot**: Immutable host OS starts with minimal services -4. **Git Sync**: System-level configurations pulled from Git repositories -5. **Tenant Discovery**: Scan for tenant configurations in Git -6. **Tenant Provisioning**: For each tenant: - - Clone/pull tenant Git repository - - Mount tenant-specific directories - - Apply sysext/confext layers - - Start tenant VM/container via systemd-vmspawn/nspawn - - Execute pre/post provisioning units +--- -## Configuration Structure +## ๐Ÿ—๏ธ Configuration Structure -### Host Filesystem Hierarchy +### ๐Ÿ—‚๏ธ Host Filesystem Hierarchy -``` +```bash / โ”œโ”€โ”€ /boot/ # Boot partition (read-only) โ”‚ โ””โ”€โ”€ efi/ # EFI System Partition @@ -144,34 +208,73 @@ Each tenant in the BitBuilder Hypervisor: โ””โ”€โ”€ tenants/ # Runtime tenant data ``` -## Security Model +--- + +## ๐Ÿ›ก๏ธ Security Model + +### ๐Ÿ”’ Core Security Principles + +| Security Layer | Technology | Implementation | Benefit | +|----------------|------------|----------------|---------| +| ๐Ÿ—๏ธ **Immutable Infrastructure** | DDI, overlayfs | Host OS cannot be modified at runtime | Eliminates configuration drift | +| ๐Ÿ“š **Git-Only Changes** | Git-ops workflow | All modifications through Git commits | Audit trail, rollback capability | +| ๐Ÿ  **Tenant Isolation** | systemd security | Complete separation using multiple boundaries | Defense in depth | +| ๐Ÿ” **Encrypted Storage** | systemd-homed, LUKS | Optional encryption for tenant data | Data protection at rest | +| ๐Ÿš€ **Secure Boot** | UEFI, TPM | Full secure boot chain support | Boot integrity verification | + +### ๐Ÿ” Multi-Layer Isolation + +```mermaid +graph TB + subgraph "๐Ÿ  Tenant A" + VM1[๐Ÿ–ฅ๏ธ VM Instance] + NS1[๐Ÿ“ฆ Container] + end + + subgraph "๐Ÿ  Tenant B" + VM2[๐Ÿ–ฅ๏ธ VM Instance] + NS2[๐Ÿ“ฆ Container] + end + + subgraph "๐Ÿ›ก๏ธ Security Boundaries" + PID[๐Ÿ”’ PID Namespaces] + NET[๐ŸŒ Network Isolation] + MOUNT[๐Ÿ’พ Mount Namespaces] + USER[๐Ÿ‘ค User Namespaces] + CGROUP[โš™๏ธ Resource Limits] + CAP[๐Ÿ”ง Capabilities] + MAC[๐Ÿ›ก๏ธ SELinux/AppArmor] + end + + VM1 --- PID + VM2 --- PID + NS1 --- NET + NS2 --- NET + VM1 --- MOUNT + VM2 --- USER + NS1 --- CGROUP + NS2 --- CAP + VM1 --- MAC +``` -- **Immutable Infrastructure**: Host OS cannot be modified at runtime -- **Git-Only Changes**: All modifications must go through Git commits -- **Tenant Isolation**: Complete separation using systemd security features: - - Separate namespaces (PID, network, mount, user) - - Resource limits via cgroups - - Capability restrictions - - SELinux/AppArmor contexts -- **Encrypted Storage**: Optional encryption for tenant data via systemd-homed -- **Secure Boot**: Full UEFI secure boot chain support +--- -## Git Repository Structure +## ๐Ÿ“ Git Repository Structure -### System Repository +### ๐Ÿ—๏ธ System Repository -``` +```bash bitbuilder-system/ โ”œโ”€โ”€ .gitops/ โ”‚ โ””โ”€โ”€ config.yaml # Git-ops configuration โ”œโ”€โ”€ generators/ # Custom systemd generators โ”‚ โ”œโ”€โ”€ tenant-generator # Tenant discovery and instantiation -โ”‚ โ””โ”€โ”€ mount-generator # Extension mount generation -โ”œโ”€โ”€ units/ # System service units -โ”‚ โ”œโ”€โ”€ tenant@.service # Tenant instantiation template -โ”‚ โ”œโ”€โ”€ tenant-infra@.service # Infrastructure manager template -โ”‚ โ””โ”€โ”€ tenant-network@.service # Network setup template -โ”œโ”€โ”€ network/ # Network configuration templates +โ”‚ โ””โ”€โ”€ mount-generator # Extension mount generation +โ”œโ”€โ”€ units/ # System service units +โ”‚ โ”œโ”€โ”€ tenant@.service # Tenant instantiation template +โ”‚ โ”œโ”€โ”€ tenant-infra@.service # Infrastructure manager template +โ”‚ โ””โ”€โ”€ tenant-network@.service # Network setup template +โ”œโ”€โ”€ network/ # Network configuration templates โ”‚ โ”œโ”€โ”€ 10-tenant-bridge.netdev โ”‚ โ”œโ”€โ”€ 10-tenant-bridge.network โ”‚ โ”œโ”€โ”€ 20-wg-tenant.netdev @@ -182,99 +285,125 @@ bitbuilder-system/ โ”‚ โ”œโ”€โ”€ base-tools.sysext.raw โ”‚ โ”œโ”€โ”€ monitoring.sysext.raw โ”‚ โ””โ”€โ”€ security.confext.raw -โ””โ”€โ”€ tenants/ # Tenant registry - โ””โ”€โ”€ registry.json # Active tenants list +โ””โ”€โ”€ tenants/ # Tenant registry + โ””โ”€โ”€ registry.json # Active tenants list ``` -### Tenant Configuration Repository +### ๐Ÿ  Tenant Configuration Repository -``` +```bash tenant-/ โ”œโ”€โ”€ metadata.json # Tenant metadata and requirements โ”œโ”€โ”€ infrastructure/ # Infrastructure manager config โ”‚ โ”œโ”€โ”€ config.yaml # Infra manager configuration -โ”‚ โ””โ”€โ”€ resource-limits.yaml # Resource quotas +โ”‚ โ””โ”€โ”€ resource-limits.yaml # Resource quotas โ”œโ”€โ”€ network/ # Network configuration โ”‚ โ”œโ”€โ”€ topology.yaml # Network topology definition -โ”‚ โ”œโ”€โ”€ wireguard/ # VPN configurations -โ”‚ โ””โ”€โ”€ firewall/ # Firewall rules +โ”‚ โ”œโ”€โ”€ wireguard/ # VPN configurations +โ”‚ โ””โ”€โ”€ firewall/ # Firewall rules โ”œโ”€โ”€ machines/ # VM definitions โ”‚ โ””โ”€โ”€ / -โ”‚ โ”œโ”€โ”€ config.yaml # VM configuration -โ”‚ โ””โ”€โ”€ cloud-init/ # Cloud-init data +โ”‚ โ”œโ”€โ”€ config.yaml # VM configuration +โ”‚ โ””โ”€โ”€ cloud-init/ # Cloud-init data โ”œโ”€โ”€ containers/ # Container definitions โ”‚ โ””โ”€โ”€ / -โ”‚ โ”œโ”€โ”€ config.yaml # Container configuration -โ”‚ โ””โ”€โ”€ rootfs-overlay/ # Filesystem overlays +โ”‚ โ”œโ”€โ”€ config.yaml # Container configuration +โ”‚ โ””โ”€โ”€ rootfs-overlay/ # Filesystem overlays โ”œโ”€โ”€ extensions/ # Tenant-specific extensions -โ”‚ โ”œโ”€โ”€ sysext/ # System extensions +โ”‚ โ”œโ”€โ”€ sysext/ # System extensions โ”‚ โ”‚ โ””โ”€โ”€ *.sysext.raw -โ”‚ โ””โ”€โ”€ confext/ # Configuration extensions +โ”‚ โ””โ”€โ”€ confext/ # Configuration extensions โ”‚ โ””โ”€โ”€ *.confext.raw โ”œโ”€โ”€ services/ # Portable service definitions โ”‚ โ””โ”€โ”€ *.portable.raw -โ”œโ”€โ”€ users/ # User definitions +โ”œโ”€โ”€ users/ # User definitions โ”‚ โ””โ”€โ”€ / -โ”‚ โ””โ”€โ”€ homed-config.json # systemd-homed configuration +โ”‚ โ””โ”€โ”€ homed-config.json # systemd-homed configuration โ””โ”€โ”€ scripts/ - โ”œโ”€โ”€ pre-provision.sh # Pre-provisioning script - โ”œโ”€โ”€ post-provision.sh # Post-provisioning script - โ””โ”€โ”€ health-check.sh # Health monitoring script + โ”œโ”€โ”€ pre-provision.sh # Pre-provisioning script + โ”œโ”€โ”€ post-provision.sh # Post-provisioning script + โ””โ”€โ”€ health-check.sh # Health monitoring script ``` -### Template Repositories +### ๐Ÿ“‹ Template Repositories BitBuilder provides standard templates for creating new tenants and resources: -- **`tenant-infra-template`**: Infrastructure manager VM template -- **`tenant-machine-template`**: VM instance template (systemd-vmspawn) -- **`tenant-container-template`**: Container template (systemd-nspawn) -- **`tenant-homed-template`**: User home directory template -- **`sysext-template`**: System extension template -- **`confext-template`**: Configuration extension template +| Template | Purpose | Technology | Use Case | +|----------|---------|------------|----------| +| ๐Ÿ—๏ธ **`tenant-infra-template`** | Infrastructure manager VM template | systemd-vmspawn | Tenant orchestration | +| ๐Ÿ–ฅ๏ธ **`tenant-machine-template`** | VM instance template | systemd-vmspawn | Application VMs | +| ๐Ÿ“ฆ **`tenant-container-template`** | Container template | systemd-nspawn | Containerized apps | +| ๐Ÿ  **`tenant-homed-template`** | User home directory template | systemd-homed | User environments | +| ๐Ÿ”ง **`sysext-template`** | System extension template | Extension images | System augmentation | +| โš™๏ธ **`confext-template`** | Configuration extension template | Extension images | Config management | + +> ๐Ÿ“– See [**STACK.md**](STACK.md) for detailed template specifications and implementation details. -See [STACK.md](STACK.md) for detailed template specifications. +--- -## Advantages +## ๐ŸŽฏ Advantages -- **Version Control**: All infrastructure changes tracked in Git -- **Rollback Capability**: Easy reversion to previous configurations -- **Audit Trail**: Complete history of all changes -- **Declarative Management**: Define desired state, not procedures -- **Scalability**: Add/remove tenants by updating Git repositories -- **Consistency**: Identical deployments from the same Git commits -- **Testing**: Test configurations in staging before production +| Advantage | Description | Impact | +|-----------|-------------|---------| +| ๐Ÿ“š **Version Control** | All infrastructure changes tracked in Git | Complete change history, diff capabilities | +| ๐Ÿ”„ **Rollback Capability** | Easy reversion to previous configurations | Zero-downtime rollbacks, safety net | +| ๐Ÿ“‹ **Audit Trail** | Complete history of all changes | Compliance, security, accountability | +| ๐ŸŽฏ **Declarative Management** | Define desired state, not procedures | Reduced complexity, predictable outcomes | +| ๐Ÿ“ˆ **Scalability** | Add/remove tenants by updating Git repositories | Horizontal scaling, resource optimization | +| โšก **Consistency** | Identical deployments from the same Git commits | Reproducible infrastructure, dev/prod parity | +| ๐Ÿงช **Testing** | Test configurations in staging before production | Risk reduction, validation workflows | -## Use Cases +--- -- **Multi-Tenant Hosting**: Secure isolation for multiple customers -- **Development Environments**: Reproducible developer workspaces -- **Edge Computing**: Lightweight virtualization for edge deployments -- **CI/CD Infrastructure**: Dynamic test environments -- **Application Isolation**: Run untrusted workloads safely -- **Compliance Environments**: Auditable, immutable infrastructure +## ๐ŸŽฏ Use Cases -## Requirements +| Use Case | Industry | Benefits | Technology Stack | +|----------|----------|----------|------------------| +| ๐Ÿข **Multi-Tenant Hosting** | Cloud Providers | Secure isolation for multiple customers | systemd-vmspawn, networking | +| ๐Ÿ‘จโ€๐Ÿ’ป **Development Environments** | Software Development | Reproducible developer workspaces | systemd-nspawn, git-ops | +| ๐ŸŒ **Edge Computing** | IoT, CDN | Lightweight virtualization for edge deployments | Minimal footprint, secure boot | +| ๐Ÿ”„ **CI/CD Infrastructure** | DevOps | Dynamic test environments | Automated provisioning, git integration | +| ๐Ÿ”’ **Application Isolation** | Security | Run untrusted workloads safely | Namespace isolation, capabilities | +| ๐Ÿ“‹ **Compliance Environments** | Finance, Healthcare | Auditable, immutable infrastructure | Immutable OS, audit trails | -- UEFI-capable hardware -- systemd 258+ with all virtualization features enabled -- Git client -- Network connectivity for Git repository access -- Sufficient resources for tenant VMs/containers +--- -## Documentation +## ๐Ÿ“‹ Requirements -- [Technical Design](specs/DESIGN.md) - Detailed design documentation -- [Architecture](specs/ARCHITECTURE.md) - System architecture overview +### ๐Ÿ–ฅ๏ธ Hardware Requirements -## License +| Component | Minimum | Recommended | Purpose | +|-----------|---------|-------------|---------| +| ๐Ÿ”Œ **UEFI Firmware** | UEFI 2.0+ | UEFI 2.8+ with Secure Boot | Boot integrity, hardware security | +| โš™๏ธ **systemd Version** | 258+ | 260+ | All virtualization features enabled | +| ๐Ÿ“š **Git Client** | 2.30+ | Latest stable | Repository operations, authentication | +| ๐ŸŒ **Network Connectivity** | Basic | High-bandwidth | Git repository access, updates | +| ๐Ÿ’พ **Resources** | 8GB RAM, 100GB storage | 32GB RAM, 1TB NVMe SSD | Tenant VMs/containers | + +--- + +## ๐Ÿ“– Documentation + +| Document | Description | Audience | +|----------|-------------|----------| +| ๐ŸŽฏ [**Technical Design**](specs/DESIGN.md) | Detailed design documentation | Architects, Developers | +| ๐Ÿ›๏ธ [**Architecture**](specs/ARCHITECTURE.md) | System architecture overview | Technical Leaders, Ops | + +--- + +## ๐Ÿ“„ License \[License details to be added\] -## Contributing +--- + +## ๐Ÿค Contributing \[Contribution guidelines to be added\] -## Support +--- + +## ๐Ÿ†˜ Support \[Support information to be added\] diff --git a/README2.md b/README2.md index 5fb0dc5..64f0b47 100644 --- a/README2.md +++ b/README2.md @@ -1,37 +1,50 @@ -# BitBuilder Hypervisor +# ๐Ÿš€ BitBuilder Hypervisor -**A Git-Ops Orchestrated Multi-Tenant Hypervisor Leveraging Advanced systemd Ecosystem Integration** +[![Advanced Architecture](https://img.shields.io/badge/Architecture-Advanced-red?style=flat-square)](https://github.com/bitbuilder-io/bitbuilder-hypervisor) +[![SystemD Ecosystem](https://img.shields.io/badge/SystemD-Ecosystem-blue?style=flat-square)](https://systemd.io/) +[![GitOps Native](https://img.shields.io/badge/GitOps-Native-orange?style=flat-square)](https://www.gitops.tech/) +[![Multi-Tenant](https://img.shields.io/badge/Multi--Tenant-Secure-green?style=flat-square)](https://github.com/bitbuilder-io/bitbuilder-hypervisor) -BitBuilder Hypervisor implements a declarative, immutable infrastructure paradigm through git-ops methodology, providing secure multi-tenant virtualization environments via comprehensive systemd subsystem orchestration. The architecture implements tenant isolation through cryptographically-secured namespace boundaries, leveraging systemd's advanced service management, portable service architectures, and extension image composition patterns. +> **๐Ÿ”ฅ A GitOps Orchestrated Multi-Tenant Hypervisor Leveraging Advanced systemd Ecosystem Integration** -## Core Architecture Principles +**BitBuilder Hypervisor** implements a declarative, immutable infrastructure paradigm through GitOps methodology, providing secure multi-tenant virtualization environments via comprehensive systemd subsystem orchestration. The architecture implements tenant isolation through cryptographically-secured namespace boundaries, leveraging systemd's advanced service management, portable service architectures, and extension image composition patterns. -**Immutable Infrastructure**: The host operating system maintains complete immutability, with all configuration state externalized through git repository synchronization patterns and systemd generator composition. +--- -**Declarative Tenant Management**: Each tenant's computational environment is defined through version-controlled configuration repositories, enabling atomic deployments, rollback capabilities, and audit trails through standard git operations. +## ๐ŸŽฏ Core Architecture Principles -**Cryptographic Isolation**: Multi-tenant security boundaries are enforced through systemd's namespace isolation primitives (systemd-nspawn, systemd-vmspawn), supplemented by cryptographic identity management via systemd-homed integration. +### ๐Ÿ›ก๏ธ Foundation Pillars -## Technical Implementation Stack +| Principle | Implementation | Benefits | +|-----------|----------------|----------| +| ๐Ÿ—๏ธ **Immutable Infrastructure** | Host OS with complete immutability, configuration externalized through git repositories | Configuration drift elimination, enhanced security | +| ๐ŸŽฏ **Declarative Tenant Management** | Version-controlled configuration repositories for each tenant | Atomic deployments, rollback capabilities, audit trails | +| ๐Ÿ” **Cryptographic Isolation** | systemd namespace isolation with cryptographic identity management | Hardware-backed security boundaries, zero-trust architecture | -### SystemD Subsystem Integration +--- -- **systemd-generators**: Dynamic unit file generation for tenant-specific service orchestration -- **systemd-import-generator**: Automated EFI image acquisition and boot environment preparation -- **systemd-boot**: UEFI boot manager providing secure boot chain validation -- **systemd-vmspawn**: Hardware-assisted virtualization for tenant isolation -- **systemd-nspawn**: Container-based namespace isolation for lightweight tenants -- **systemd-networkd**: Software-defined networking with tenant-scoped network namespaces -- **systemd-homed**: Cryptographic user identity and home directory management -- **Portable Services**: Tenant application deployment through self-contained service bundles -- **Extension Images (sysext/confext)**: Immutable system and configuration layer composition +## ๐Ÿ”ง Technical Implementation Stack -### Inter-Process Communication +### โš™๏ธ SystemD Subsystem Integration -- **Varlink**: Type-safe, schema-validated IPC for service coordination and management interfaces -- **D-Bus**: Legacy compatibility and systemd service lifecycle management +| Component | Purpose | Advanced Features | +|-----------|---------|-------------------| +| ๐Ÿ”ง **systemd-generators** | Dynamic unit file generation for tenant-specific service orchestration | Template-based unit generation, dependency resolution | +| โฌ‡๏ธ **systemd-import-generator** | Automated EFI image acquisition and boot environment preparation | DDI verification, cryptographic validation | +| ๐Ÿš€ **systemd-boot** | UEFI boot manager providing secure boot chain validation | UKI support, secure boot integration | +| ๐Ÿ–ฅ๏ธ **systemd-vmspawn** | Hardware-assisted virtualization for tenant isolation | QEMU integration, resource management | +| ๐Ÿ“ฆ **systemd-nspawn** | Container-based namespace isolation for lightweight tenants | Advanced namespace features, security contexts | +| ๐ŸŒ **systemd-networkd** | Software-defined networking with tenant-scoped network namespaces | Advanced routing, network isolation | +| ๐Ÿ  **systemd-homed** | Cryptographic user identity and home directory management | Hardware-backed authentication, encrypted storage | +| ๐ŸŽ **Portable Services** | Tenant application deployment through self-contained service bundles | Application isolation, portable deployment | +| ๐Ÿ“‹ **Extension Images** | Immutable system and configuration layer composition (sysext/confext) | Overlay filesystem management, atomic updates | -### Git-Ops Orchestration Workflow +### ๐Ÿ”— Inter-Process Communication + +- ๐Ÿ”— **Varlink**: Type-safe, schema-validated IPC for service coordination and management interfaces +- ๐Ÿ”„ **D-Bus**: Legacy compatibility and systemd service lifecycle management + +### ๐Ÿ”„ GitOps Orchestration Workflow 1. **Boot-time Repository Synchronization**: systemd-import-generator fetches immutable EFI images 2. **Tenant Configuration Acquisition**: Git repository cloning/pulling for each tenant's declarative configuration @@ -39,38 +52,38 @@ BitBuilder Hypervisor implements a declarative, immutable infrastructure paradig 4. **Isolated Environment Provisioning**: systemd-vmspawn/systemd-nspawn instantiation with cryptographic boundaries 5. **Extension Layer Composition**: sysext/confext mounting for tenant-specific software stacks -## Features +## โœจ Features -### Advanced Multi-Tenancy +### ๐Ÿ  Advanced Multi-Tenancy - **Cryptographic Tenant Isolation**: Each tenant operates within cryptographically-isolated namespaces - **Resource Quotas and Limits**: Comprehensive resource control through systemd slice units and cgroups v2 - **Network Segmentation**: Software-defined networking with tenant-specific VLANs and firewall policies - **Storage Isolation**: Encrypted per-tenant storage volumes with key management integration -### Git-Ops Configuration Management +### ๐Ÿ“š GitOps Configuration Management - **Declarative Infrastructure as Code**: Complete tenant environments defined through version-controlled repositories - **Atomic Deployments**: Git commit-based deployment atomicity with automatic rollback capabilities - **Configuration Drift Detection**: Continuous monitoring of actual vs. desired state through git comparison - **Audit Trail**: Complete change history through git commit logs and cryptographic signatures -### Portable Service Architecture +### ๐ŸŽ Portable Service Architecture - **Self-Contained Application Bundles**: Applications packaged as portable systemd services with dependency isolation - **Extension Image Composition**: Layered filesystem approach for efficient storage and rapid provisioning - **Runtime Environment Abstraction**: Applications remain agnostic to underlying tenant infrastructure -### Advanced Security Model +### ๐Ÿ›ก๏ธ Advanced Security Model - **Hardware Security Module Integration**: TPM 2.0 support for attestation and key management - **Secure Boot Chain**: Complete boot process validation from UEFI through tenant initialization - **Cryptographic Identity Management**: systemd-homed integration for hardware-backed user authentication - **Network Security**: Mandatory access controls and network policy enforcement -## System Requirements +## ๐Ÿ“‹ System Requirements -### Hardware Prerequisites +### ๐Ÿ–ฅ๏ธ Hardware Prerequisites - **UEFI Firmware**: Modern UEFI implementation with Secure Boot support - **TPM 2.0**: Hardware security module for attestation and cryptographic operations @@ -78,22 +91,22 @@ BitBuilder Hypervisor implements a declarative, immutable infrastructure paradig - **Memory**: Minimum 16GB RAM (32GB+ recommended for production workloads) - **Storage**: NVMe SSD storage recommended for optimal I/O performance -### Software Dependencies +### ๐Ÿ’ฟ Software Dependencies - **Linux Kernel**: 6.1+ with systemd 254+ integration - **systemd**: Version 254+ with complete subsystem availability - **Git**: 2.40+ for repository operations and cryptographic signature validation - **Bun Runtime**: Latest stable release for TypeScript-based management tooling -## Quick Start +## ๐Ÿš€ Quick Start -### Host System Preparation +### ๐Ÿ—๏ธ Host System Preparation ```bash # Configure systemd-boot with BitBuilder integration bootctl install --make-machine-id-directory=yes -# Initialize git-ops repository structure +# Initialize GitOps repository structure git clone https://github.com/your-org/bitbuilder-config.git /etc/bitbuilder cd /etc/bitbuilder && git submodule update --init --recursive @@ -102,7 +115,7 @@ systemctl enable bitbuilder-bootstrap.service systemctl enable bitbuilder-tenant-monitor.timer ``` -### Tenant Configuration +### ๐Ÿ  Tenant Configuration Create tenant repository structure: @@ -124,7 +137,7 @@ tenant-example/ โ””โ”€โ”€ keys/ ``` -### Management Interface +### ๐ŸŽ›๏ธ Management Interface ```bash # Deploy new tenant configuration @@ -137,9 +150,9 @@ bitbuilder monitor --tenant=example --metrics=cpu,memory,network,storage bitbuilder migrate --tenant=example --target-host=node-02.cluster.local ``` -## Configuration Architecture +## ๐Ÿ—๏ธ Configuration Architecture -### Repository Structure +### ๐Ÿ“ Repository Structure BitBuilder implements a hierarchical configuration approach with three distinct repository types: @@ -149,7 +162,7 @@ BitBuilder implements a hierarchical configuration approach with three distinct **Extension Repositories**: Shared extension images and portable services available across multiple tenants. -### Service Generation Patterns +### โš™๏ธ Service Generation Patterns SystemD generators dynamically create service definitions based on tenant configurations: @@ -158,9 +171,9 @@ SystemD generators dynamically create service definitions based on tenant config - **tenant-storage@.service**: Encrypted storage volume mounting and key management - **tenant-monitor@.service**: Resource monitoring and policy enforcement -## Security Model +## ๐Ÿ” Security Model -### Cryptographic Boundaries +### ๐Ÿ”’ Cryptographic Boundaries Each tenant operates within a cryptographically-isolated environment: @@ -169,22 +182,22 @@ Each tenant operates within a cryptographically-isolated environment: - **Network Segmentation**: Mandatory access control policies enforced at packet level - **Process Isolation**: Hardware-assisted virtualization with nested namespace boundaries -### Audit and Compliance +### ๐Ÿ“‹ Audit and Compliance - **Immutable Audit Log**: All configuration changes tracked through git commit signatures - **Real-time Monitoring**: Continuous security policy validation and violation detection - **Compliance Reporting**: Automated generation of security posture reports and attestations -## Monitoring and Observability +## ๐Ÿ“Š Monitoring and Observability -### Metrics Collection +### ๐Ÿ“ˆ Metrics Collection - **Resource Utilization**: Per-tenant CPU, memory, storage, and network metrics - **Security Events**: Authentication attempts, policy violations, and privilege escalations - **Performance Metrics**: Service startup times, git synchronization latency, and I/O throughput - **Health Checks**: Automated tenant environment validation and dependency verification -### Management Interface +### ๐ŸŽ›๏ธ Management Interface BitBuilder provides a comprehensive management interface through: @@ -193,7 +206,7 @@ BitBuilder provides a comprehensive management interface through: - **Web Dashboard**: Real-time monitoring and configuration management interface - **Git Hooks**: Automated validation and deployment triggers -## Contributing +## ๐Ÿค Contributing BitBuilder follows strict Unix Philosophy principles and modern TypeScript development practices. All contributions must: @@ -203,11 +216,11 @@ BitBuilder follows strict Unix Philosophy principles and modern TypeScript devel - Follow semantic versioning and conventional commit standards - Maintain backward compatibility with existing tenant configurations -## License +## ๐Ÿ“„ License BitBuilder Hypervisor is released under the MIT License. See LICENSE file for complete terms and conditions. -## Documentation +## ๐Ÿ“– Documentation - [Technical Design](specs/DESIGN.md): Comprehensive system design and implementation details - [System Architecture](specs/ARCHITECTURE.md): Detailed architectural patterns and component interactions diff --git a/STACK.md b/STACK.md index 23d82c3..0652d10 100644 --- a/STACK.md +++ b/STACK.md @@ -1,42 +1,65 @@ # ๐Ÿ—๏ธ BitBuilder Hypervisor Stack Architecture -[![Technology](https://img.shields.io/badge/Technology-systemd-blue.svg)](https://systemd.io/) -[![Architecture](https://img.shields.io/badge/Architecture-Multi--Tenant-green.svg)](https://github.com/bitbuilder-io/bitbuilder-hypervisor) -[![GitOps](https://img.shields.io/badge/GitOps-Native-orange.svg)](https://gitops.tech/) -[![Security](https://img.shields.io/badge/Security-Zero--Trust-red.svg)](https://en.wikipedia.org/wiki/Zero_trust_security_model) +[![Stack Architecture](https://img.shields.io/badge/Stack-Architecture-green?style=flat-square)](https://github.com/bitbuilder-io/bitbuilder-hypervisor) +[![Templates](https://img.shields.io/badge/Templates-Multi--Tenant-blue?style=flat-square)](https://uapi-group.org/) +[![Compliance](https://img.shields.io/badge/UAPI-Compliant-orange?style=flat-square)](https://uapi-group.org/specifications/) + +> **๐Ÿงฉ Comprehensive template system for creating fully compliant, multi-tenant rootfs filesystems with layered architecture and systemd integration.** + +--- ## ๐Ÿ“‹ Table of Contents -1. [๐Ÿ”ง Template System Overview](#template-system-overview) -2. [๐Ÿข Tenant Templates](#tenant-templates) -3. [๐Ÿงฉ Extension Image Templates](#extension-image-templates) -4. [๐ŸŒ Network Templates](#network-templates) -5. [โš™๏ธ Systemd Generators](#systemd-generators) -6. [๐Ÿš€ Tenant Instantiation Flow](#tenant-instantiation-flow) -7. [๐Ÿ“ Directory Structure Compliance](#directory-structure-compliance) +| Section | Description | +|---------|-------------| +| ๐ŸŽฏ [Template System Overview](#-template-system-overview) | Layered template architecture | +| ๐Ÿ  [Tenant Templates](#-tenant-templates) | Infrastructure, VM, container templates | +| ๐Ÿ”ง [Extension Image Templates](#-extension-image-templates) | sysext and confext templates | +| ๐ŸŒ [Network Templates](#-network-templates) | Networking configuration patterns | +| โš™๏ธ [Systemd Generators](#%EF%B8%8F-systemd-generators) | Dynamic unit generation | +| ๐Ÿ”„ [Tenant Instantiation Flow](#-tenant-instantiation-flow) | Provisioning workflow | +| โœ… [Directory Structure Compliance](#-directory-structure-compliance) | UAPI compliance validation | -## ๐Ÿ”ง Template System Overview +--- + +## ๐ŸŽฏ Template System Overview -> **๐Ÿ’ก Key Concept:** BitBuilder Hypervisor uses a layered template system that creates fully compliant rootfs filesystems for each tenant component. Each template is a Git repository that contains a complete filesystem hierarchy adhering to the Linux Userspace API specifications. +**BitBuilder Hypervisor** uses a layered template system that creates fully compliant rootfs filesystems for each tenant component. Each template is a Git repository that contains a complete filesystem hierarchy adhering to the [**Linux Userspace API specifications**](https://uapi-group.org/specifications/). -### ๐Ÿ“Š Template Categories +### ๐Ÿงฉ Template Categories -```text -Templates -โ”œโ”€โ”€ ๐Ÿ—๏ธ Infrastructure Templates # Management layer for each tenant -โ”œโ”€โ”€ ๐Ÿ–ฅ๏ธ Machine Templates # VM templates (systemd-vmspawn) -โ”œโ”€โ”€ ๐Ÿ“ฆ Container Templates # Container templates (systemd-nspawn) -โ”œโ”€โ”€ ๐Ÿ  Homed Templates # User home directory templates -โ””โ”€โ”€ ๐ŸŒ Network Templates # Network configuration templates +```mermaid +graph TB + T[๐Ÿ“ฆ Templates] --> I[๐Ÿ—๏ธ Infrastructure Templates] + T --> M[๐Ÿ–ฅ๏ธ Machine Templates] + T --> C[๐Ÿ“ฆ Container Templates] + T --> H[๐Ÿ  Homed Templates] + T --> N[๐ŸŒ Network Templates] + + I --> IT[Management layer for each tenant] + M --> MT[VM templates - systemd-vmspawn] + C --> CT[Container templates - systemd-nspawn] + H --> HT[User home directory templates] + N --> NT[Network configuration templates] + + style T fill:#e3f2fd + style I fill:#f3e5f5 + style M fill:#e8f5e8 + style C fill:#fff3e0 + style H fill:#fce4ec + style N fill:#f1f8e9 ``` -## ๐Ÿข Tenant Templates +--- + +## ๐Ÿ  Tenant Templates + +### 1๏ธโƒฃ Tenant Infrastructure Manager Template (`tenant-infra-template`) -### 1. ๐Ÿ—๏ธ Tenant Infrastructure Manager Template (`tenant-infra-template`) +> ๐ŸŽฏ **Purpose**: The infrastructure manager runs as a privileged systemd-vmspawn VM within each tenant's namespace and manages all tenant resources. -> **๐Ÿ”’ Security Note:** The infrastructure manager runs as a privileged systemd-vmspawn VM within each tenant's namespace and manages all tenant resources. +#### ๐Ÿ—‚๏ธ Repository Structure -**๐Ÿ“ Repository Structure:** ```bash tenant-infra-template/ โ”œโ”€โ”€ metadata.json # Template metadata @@ -76,7 +99,7 @@ tenant-infra-template/ โ””โ”€โ”€ health-check.sh # Health monitoring ``` -**โš™๏ธ metadata.json:** +#### ๐Ÿ“‹ metadata.json Configuration ```json { "template": { @@ -103,69 +126,69 @@ tenant-infra-template/ } ``` -### 2. ๐Ÿ–ฅ๏ธ Tenant Machine Template (`tenant-machine-template`) +### 2๏ธโƒฃ Tenant Machine Template (`tenant-machine-template`) -> **๐Ÿ’ป Purpose:** Template for creating tenant VMs using systemd-vmspawn. +Template for creating tenant VMs using systemd-vmspawn. **Repository Structure:** ``` tenant-machine-template/ - metadata.json - disk-image/ # Base disk image - efi/ # EFI partition - EFI/ - systemd/ - systemd-bootx64.efi - boot/ # Boot partition - vmlinuz # Kernel - initrd.img # Initial ramdisk - rootfs/ # Root filesystem - etc/ - os-release - machine-id # Empty (generated) - systemd/ - system/ - network/ - usr/ # Minimal userspace - var/ - config/ - vm-config.yaml - cloud-init/ # Cloud-init templates - user-data - meta-data - extensions/ # VM-specific extensions - development.sysext.raw - monitoring.confext.raw +โ”œโ”€โ”€ metadata.json +โ”œโ”€โ”€ disk-image/ # Base disk image +โ”‚ โ”œโ”€โ”€ efi/ # EFI partition +โ”‚ โ”‚ โ””โ”€โ”€ EFI/ +โ”‚ โ”‚ โ””โ”€โ”€ systemd/ +โ”‚ โ”‚ โ””โ”€โ”€ systemd-bootx64.efi +โ”‚ โ”œโ”€โ”€ boot/ # Boot partition +โ”‚ โ”‚ โ”œโ”€โ”€ vmlinuz # Kernel +โ”‚ โ”‚ โ””โ”€โ”€ initrd.img # Initial ramdisk +โ”‚ โ””โ”€โ”€ rootfs/ # Root filesystem +โ”‚ โ”œโ”€โ”€ etc/ +โ”‚ โ”‚ โ”œโ”€โ”€ os-release +โ”‚ โ”‚ โ”œโ”€โ”€ machine-id # Empty (generated) +โ”‚ โ”‚ โ””โ”€โ”€ systemd/ +โ”‚ โ”‚ โ”œโ”€โ”€ system/ +โ”‚ โ”‚ โ””โ”€โ”€ network/ +โ”‚ โ”œโ”€โ”€ usr/ # Minimal userspace +โ”‚ โ””โ”€โ”€ var/ +โ”œโ”€โ”€ config/ +โ”‚ โ”œโ”€โ”€ vm-config.yaml +โ”‚ โ””โ”€โ”€ cloud-init/ # Cloud-init templates +โ”‚ โ”œโ”€โ”€ user-data +โ”‚ โ””โ”€โ”€ meta-data +โ””โ”€โ”€ extensions/ # VM-specific extensions + โ”œโ”€โ”€ development.sysext.raw + โ””โ”€โ”€ monitoring.confext.raw ``` -### 3. ๐Ÿ“ฆ Tenant Container Template (`tenant-container-template`) +### 3๏ธโƒฃ Tenant Container Template (`tenant-container-template`) -> **๐Ÿณ Purpose:** Template for creating tenant containers using systemd-nspawn. +Template for creating tenant containers using systemd-nspawn. **Repository Structure:** ``` tenant-container-template/ - metadata.json - rootfs/ # Container root filesystem - etc/ - os-release - systemd/ - system/ - container-init.service - network/ - 80-container.network - usr/ - bin/ # Essential binaries - lib/ - var/ - lib/ - config/ - nspawn-settings.conf # systemd-nspawn settings - scripts/ - container-init.sh +โ”œโ”€โ”€ metadata.json +โ”œโ”€โ”€ rootfs/ # Container root filesystem +โ”‚ โ”œโ”€โ”€ etc/ +โ”‚ โ”‚ โ”œโ”€โ”€ os-release +โ”‚ โ”‚ โ””โ”€โ”€ systemd/ +โ”‚ โ”‚ โ”œโ”€โ”€ system/ +โ”‚ โ”‚ โ”‚ โ””โ”€โ”€ container-init.service +โ”‚ โ”‚ โ””โ”€โ”€ network/ +โ”‚ โ”‚ โ””โ”€โ”€ 80-container.network +โ”‚ โ”œโ”€โ”€ usr/ +โ”‚ โ”‚ โ”œโ”€โ”€ bin/ # Essential binaries +โ”‚ โ”‚ โ””โ”€โ”€ lib/ +โ”‚ โ””โ”€โ”€ var/ +โ”‚ โ””โ”€โ”€ lib/ +โ”œโ”€โ”€ config/ +โ”‚ โ””โ”€โ”€ nspawn-settings.conf # systemd-nspawn settings +โ””โ”€โ”€ scripts/ + โ””โ”€โ”€ container-init.sh ``` -**nspawn-settings.conf:** +#### โš™๏ธ nspawn-settings.conf ```ini [Exec] Boot=yes @@ -182,39 +205,37 @@ PrivateUsersChown=yes BindReadOnly=/usr/lib/extensions ``` -### 4. ๐Ÿ  Tenant Homed Template (`tenant-homed-template`) +### 4๏ธโƒฃ Tenant Homed Template (`tenant-homed-template`) -> **๐Ÿ‘ฅ Purpose:** Template for user home directories managed by systemd-homed. +Template for user home directories managed by systemd-homed. **Repository Structure:** ``` tenant-homed-template/ - metadata.json - home-skeleton/ # Default home structure - .config/ - systemd/ - user/ # User services - .local/ - bin/ # User binaries - share/ - .ssh/ # SSH configuration - authorized_keys.template - config/ - homed-config.json # systemd-homed config - user-record.json # User record template - scripts/ - home-provision.sh +โ”œโ”€โ”€ metadata.json +โ”œโ”€โ”€ home-skeleton/ # Default home structure +โ”‚ โ”œโ”€โ”€ .config/ +โ”‚ โ”‚ โ””โ”€โ”€ systemd/ +โ”‚ โ”‚ โ””โ”€โ”€ user/ # User services +โ”‚ โ”œโ”€โ”€ .local/ +โ”‚ โ”‚ โ”œโ”€โ”€ bin/ # User binaries +โ”‚ โ”‚ โ””โ”€โ”€ share/ +โ”‚ โ””โ”€โ”€ .ssh/ # SSH configuration +โ”‚ โ””โ”€โ”€ authorized_keys.template +โ”œโ”€โ”€ config/ +โ”‚ โ”œโ”€โ”€ homed-config.json # systemd-homed config +โ”‚ โ””โ”€โ”€ user-record.json # User record template +โ””โ”€โ”€ scripts/ + โ””โ”€โ”€ home-provision.sh ``` -## ๐Ÿงฉ Extension Image Templates +## ๐Ÿ”ง Extension Image Templates ### ๐Ÿ”ง System Extension (sysext) Template -> **๐Ÿ’ก Note:** System extensions overlay the `/usr` and `/opt` directories to add tools and libraries. - -```bash +``` base-tools.sysext/ -โ”œโ”€โ”€ usr/ # Only /usr and /opt allowed +โ”œโ”€โ”€ usr/ # Only /usr and /opt allowed โ”‚ โ”œโ”€โ”€ bin/ โ”‚ โ”‚ โ”œโ”€โ”€ htop โ”‚ โ”‚ โ”œโ”€โ”€ tmux @@ -227,7 +248,7 @@ base-tools.sysext/ โ””โ”€โ”€ tools/ ``` -**โš™๏ธ extension-release.base-tools:** +#### ๐Ÿ“‹ extension-release.base-tools ```ini ID=bitbuilder VERSION_ID=1.0 @@ -237,11 +258,9 @@ ARCHITECTURE=x86-64 ### โš™๏ธ Configuration Extension (confext) Template -> **๐Ÿ”ง Note:** Configuration extensions overlay the `/etc` directory to add configuration files. - -```bash +``` network-policies.confext/ -โ””โ”€โ”€ etc/ # Only /etc allowed +โ””โ”€โ”€ etc/ # Only /etc allowed โ”œโ”€โ”€ systemd/ โ”‚ โ””โ”€โ”€ network/ โ”‚ โ”œโ”€โ”€ 20-wireguard.netdev @@ -252,11 +271,9 @@ network-policies.confext/ ## ๐ŸŒ Network Templates -### 1. ๐ŸŒ‰ Bridge Network Template - -> **๐Ÿ”— Purpose:** Creates isolated bridge networks for tenant communication. +### 1๏ธโƒฃ Bridge Network Template -**๐Ÿ“„ /etc/systemd/network/10-tenant-bridge.netdev:** +#### ๐Ÿ“„ /usr/lib/systemd/network/10-tenant-bridge.netdev: ```ini [NetDev] Name=br-tenant-%i @@ -270,7 +287,7 @@ HelloTimeSec=2 MaxAgeSec=20 ``` -**๐Ÿ“„ /etc/systemd/network/10-tenant-bridge.network:** +#### ๐Ÿ“„ /usr/lib/systemd/system/10-tenant-bridge.network: ```ini [Match] Name=br-tenant-%i @@ -290,11 +307,9 @@ DNS=10.%i.0.1 EmitRouter=yes ``` -### 2. ๐Ÿ” WireGuard VPN Template +### 2๏ธโƒฃ WireGuard VPN Template -> **๐Ÿ›ก๏ธ Security:** Provides encrypted VPN tunnels for secure tenant communication. - -**/etc/systemd/network/20-wg-tenant.netdev:** +#### ๐Ÿ“„ /usr/lib/systemd/system/20-wg-tenant.netdev: ```ini [NetDev] Name=wg-tenant-%i @@ -311,7 +326,7 @@ Endpoint=${PEER_ENDPOINT}:51820 PersistentKeepalive=25 ``` -**/etc/systemd/network/20-wg-tenant.network:** +#### ๐Ÿ“„ /usr/lib/systemd/system/20-wg-tenant.network: ```ini [Match] Name=wg-tenant-%i @@ -324,11 +339,9 @@ Destination=10.%i.100.0/24 Scope=link ``` -### 3. ๐ŸŒ VXLAN Overlay Template - -> **๐Ÿ”— Purpose:** Creates overlay networks for multi-host tenant communication. +### 3๏ธโƒฃ VXLAN Overlay Template -**/etc/systemd/network/30-vxlan-tenant.netdev:** +#### ๐Ÿ“„ /usr/lib/systemd/system/30-vxlan-tenant.netdev: ```ini [NetDev] Name=vxlan-tenant-%i @@ -341,7 +354,7 @@ DestinationPort=4789 MacLearning=yes ``` -**/etc/systemd/network/30-vxlan-tenant.network:** +#### ๐Ÿ“„ /usr/lib/systemd/system/30-vxlan-tenant.network: ```ini [Match] Name=vxlan-tenant-%i @@ -354,11 +367,9 @@ PVID=1 EgressUntagged=1 ``` -### 4. ๐Ÿท๏ธ VLAN Segmentation Template - -> **๐Ÿ“ก Purpose:** Provides VLAN-based network segmentation for tenant isolation. +### 4๏ธโƒฃ VLAN Segmentation Template -**/etc/systemd/network/40-vlan-tenant.netdev:** +#### ๐Ÿ“„ /usr/lib/systemd/system/40-vlan-tenant.netdev: ```ini [NetDev] Name=vlan-tenant-%i @@ -368,7 +379,7 @@ Kind=vlan Id=%i ``` -**/etc/systemd/network/40-vlan-tenant.network:** +#### ๐Ÿ“„ /usr/lib/systemd/system/40-vlan-tenant.network: ```ini [Match] Name=vlan-tenant-%i @@ -382,9 +393,7 @@ RouteMetric=200 UseDomains=route ``` -### 5. ๐Ÿ—‚๏ธ Network Namespace Template - -> **๐Ÿ”’ Isolation:** Creates isolated network namespaces for complete tenant network separation. +### 5๏ธโƒฃ Network Namespace Template **/usr/lib/systemd/system/netns-tenant@.service:** ```ini @@ -405,9 +414,7 @@ WantedBy=multi-user.target ## โš™๏ธ Systemd Generators -> **๐Ÿค– Automation:** Systemd generators automatically create service units for tenant management based on Git repository configurations. - -### 1. ๐Ÿ” Tenant Discovery Generator +### 1๏ธโƒฃ Tenant Discovery Generator **/usr/lib/systemd/system-generators/tenant-generator:** ```bash @@ -420,7 +427,7 @@ TENANT_REGISTRY="/var/lib/bitbuilder/tenants.json" generate_tenant_units() { local tenant_id="$1" local tenant_config="$2" - + # Generate main tenant service cat > "${GENERATOR_DIR}/tenant@${tenant_id}.service" < **๐Ÿ’พ Storage:** Automatically generates mount units for tenant directories and extension overlays. +### 2๏ธโƒฃ Mount Generator **/usr/lib/systemd/system-generators/mount-generator:** ```bash @@ -503,7 +508,7 @@ TENANT_BASE="/var/lib/tenants" generate_extension_mounts() { local tenant_id="$1" - + # Generate sysext mount cat > "${GENERATOR_DIR}/var-lib-tenants-${tenant_id}-sysext.mount" < **โšก Quick Start:** Simple command to enable and start a new tenant. +### 1๏ธโƒฃ Enable Tenant ```bash # Enable and start a new tenant systemctl enable --now tenant@tenant123.service ``` -### 2. ๐Ÿ”„ Instantiation Process - -> **๐Ÿ“Š Workflow:** Visual representation of the tenant startup process. +### 2๏ธโƒฃ Instantiation Process ```mermaid graph TD - A[๐ŸŽฏ systemctl enable tenant@ID] --> B[๐Ÿ” Tenant Generator] - B --> C[๐Ÿ“– Read tenant registry] - C --> D[๐Ÿ“ฅ Clone Git repositories] - D --> E[โš™๏ธ Generate systemd units] - E --> F[๐ŸŒ Setup network namespace] - F --> G[๐Ÿ“‚ Mount extensions] - G --> H[๐Ÿ–ฅ๏ธ Start infra manager VM] - H --> I[๐Ÿ”ง Provision tenant resources] - I --> J[๐Ÿš€ Start tenant workloads] + A[systemctl enable tenant@ID] --> B[Tenant Generator] + B --> C[Read tenant registry] + C --> D[Clone Git repositories] + D --> E[Generate systemd units] + E --> F[Setup network namespace] + F --> G[Mount extensions] + G --> H[Start infra manager VM] + H --> I[Provision tenant resources] + I --> J[Start tenant workloads] ``` -### 3. ๐Ÿ—๏ธ Generated Unit Hierarchy - -> **๐Ÿ“‹ Dependencies:** Overview of systemd service dependencies. +### 3๏ธโƒฃ Generated Unit Hierarchy ``` tenant@tenant123.service @@ -592,30 +591,30 @@ tenant@tenant123.service br-tenant-123.netdev ``` -## ๐Ÿ“ Directory Structure Compliance +## โœ… Directory Structure Compliance -### ๐Ÿ“‹ Linux File System Hierarchy Compliance +### ๐Ÿ“ Linux File System Hierarchy Compliance -> **โœ… Standards:** Each template ensures compliance with the Linux File System Hierarchy specification for maximum compatibility. +Each template ensures compliance with the Linux File System Hierarchy specification: -#### 1. ๐Ÿ  **Root Filesystem Requirements:** - - โœ… `/etc/os-release` or `/usr/lib/os-release` present - - โœ… Proper symlink from `/usr/lib/os-release` to `/etc/os-release` - - โœ… No files in `/` root directory itself +1. **Root Filesystem Requirements: + - `/etc/os-release` or `/usr/lib/os-release` present + - Proper symlink from `/usr/lib/os-release` to `/etc/os-release` + - No files in `/` root directory itself -#### 2. ๐Ÿงฉ **Extension Image Requirements:** - - **sysext:** Only `/usr/` and `/opt/` directories - - **confext:** Only `/etc/` directory - - โœ… Proper `extension-release` files in correct locations +2. **Extension Image Requirements: + - sysext: Only `/usr/` and `/opt/` directories + - confext: Only `/etc/` directory + - Proper `extension-release` files in correct locations -#### 3. ๐Ÿ” **Verification Structure:** - - ๐Ÿ“ VOA hierarchy at `/etc/voa/` and `/usr/share/voa/` - - ๐Ÿ”‘ Proper certificate fingerprint naming - - ๐Ÿ“œ ASCII-armored OpenPGP files +3. **Verification Structure: + - VOA hierarchy at `/etc/voa/` and `/usr/share/voa/` + - Proper certificate fingerprint naming + - ASCII-armored OpenPGP files -### ๐Ÿ” Template Validation +### โœ… Template Validation -> **โœ… Quality Assurance:** Each template includes a validation script to ensure compliance and functionality. +Each template includes a validation script: ```bash #!/bin/bash @@ -623,40 +622,32 @@ tenant@tenant123.service validate_rootfs() { local rootfs="$1" - + # Check for required files [[ -f "$rootfs/etc/os-release" ]] || error "Missing /etc/os-release" [[ -L "$rootfs/usr/lib/os-release" ]] || error "Missing /usr/lib/os-release symlink" - + # Validate directory structure for dir in etc usr var proc sys dev run tmp; do [[ -d "$rootfs/$dir" ]] || error "Missing /$dir directory" done - + # Check permissions [[ $(stat -c %a "$rootfs/tmp") == "1777" ]] || error "Invalid /tmp permissions" - + echo "Template validation successful" } ``` ## ๐ŸŽฏ Conclusion -> **๐Ÿ† Summary:** The BitBuilder Hypervisor template system delivers enterprise-grade multi-tenancy with modern GitOps workflows. +This template system provides: -### โœจ Key Benefits - -1. **๐Ÿ“ Standardization**: All tenants use consistent, validated templates -2. **โœ… Compliance**: Full adherence to Linux Userspace API specifications -3. **๐Ÿ”„ Flexibility**: Multiple template types for different use cases -4. **๐Ÿ”’ Security**: Layered isolation with proper namespace separation -5. **๐Ÿค– Automation**: Systemd generators handle all instantiation logic -6. **๐ŸŒ Networking**: Comprehensive network isolation and connectivity options - -### ๐Ÿš€ Platform Advantages - -The combination of **Git-based configuration**, **systemd integration**, and **compliant filesystem templates** creates a robust, secure, and manageable multi-tenant hypervisor platform that scales from development to enterprise production environments. - ---- +1. **Standardization**: All tenants use consistent, validated templates +2. **Compliance**: Full adherence to Linux Userspace API specifications +3. **Flexibility**: Multiple template types for different use cases +4. **Security**: Layered isolation with proper namespace separation +5. **Automation**: Systemd generators handle all instantiation logic +6. **Networking**: Comprehensive network isolation and connectivity options -> **๐Ÿ’ก Next Steps:** Ready to deploy? Check out our [deployment guide](specs/DESIGN.md) and [architecture overview](specs/ARCHITECTURE.md) for implementation details. \ No newline at end of file +The combination of Git-based configuration, systemd integration, and compliant filesystem templates creates a robust, secure, and manageable multi-tenant hypervisor platform. diff --git a/specs/ARCHITECTURE.md b/specs/ARCHITECTURE.md index 5c739fc..fb6a70b 100644 Binary files a/specs/ARCHITECTURE.md and b/specs/ARCHITECTURE.md differ diff --git a/specs/DESIGN.md b/specs/DESIGN.md index d93d5c7..f3d184e 100644 Binary files a/specs/DESIGN.md and b/specs/DESIGN.md differ