docs: DNS routing guide; README aimed at common users
Adds docs/dns-routing.md covering how `<vm>.vm` resolution works: auto-configuration on systemd-resolved hosts (what the daemon already does), and per-resolver recipes for dnsmasq / NetworkManager+dnsmasq / /etc/resolv.conf / macOS `/etc/resolver/` / WSL. Plus verification via `dig @127.0.0.1 -p 42069` and troubleshooting for the common failure modes. README reshape: lead with the three things a common user needs — quick start, what `vm run` does, where to put hostnames + image + config — and push the rest to docs. `vm create` / OCI `image pull` / `image register` / workspace-and-session primitives are all still documented, just under docs/advanced.md where they're not in the first-time reader's way. Web UI and unnecessary implementation notes dropped; the "further reading" section at the bottom enumerates the five docs pages so nothing becomes hard to find. README shrinks from 208 → 158 lines. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
2584f94828
commit
88425fb857
3 changed files with 296 additions and 109 deletions
98
docs/advanced.md
Normal file
98
docs/advanced.md
Normal file
|
|
@ -0,0 +1,98 @@
|
|||
# Advanced flows
|
||||
|
||||
`banger vm run` covers the common sandbox case. This doc is for the
|
||||
rest: scripting, arbitrary images, custom rootfs stacks, long-lived
|
||||
guest processes.
|
||||
|
||||
## `vm create` — the low-level primitive
|
||||
|
||||
Use when you want to provision without starting, or when you need to
|
||||
script VM creation piecewise.
|
||||
|
||||
```bash
|
||||
banger vm create --image debian-bookworm --name testbox --no-start
|
||||
banger vm start testbox
|
||||
banger vm ssh testbox
|
||||
banger vm stop testbox
|
||||
banger vm delete testbox
|
||||
```
|
||||
|
||||
`vm create` is synchronous by default, but on a TTY it shows live
|
||||
progress until the VM is fully ready.
|
||||
|
||||
## `image pull <oci-ref>` — arbitrary container images
|
||||
|
||||
For images outside banger's catalog, pull from any OCI registry:
|
||||
|
||||
```bash
|
||||
banger image pull docker.io/library/alpine:3.20 --kernel-ref generic-6.12
|
||||
```
|
||||
|
||||
Layers are flattened, ownership is fixed (setuid binaries, root-owned
|
||||
config preserved), banger's guest agents are injected, and a first-boot
|
||||
systemd service installs `openssh-server` via the guest's package
|
||||
manager so the VM is reachable on first boot.
|
||||
|
||||
See [`docs/oci-import.md`](oci-import.md) for supported distros,
|
||||
caveats, and the `internal/imagepull` design.
|
||||
|
||||
## `image register` — existing host-side stack
|
||||
|
||||
If you already have an ext4 rootfs, a kernel, optional initrd, and
|
||||
optional modules as files on disk:
|
||||
|
||||
```bash
|
||||
banger image register --name base \
|
||||
--rootfs /abs/path/rootfs.ext4 \
|
||||
--kernel-ref generic-6.12
|
||||
```
|
||||
|
||||
You can mix `--kernel-ref` (a cataloged kernel) with `--rootfs` from
|
||||
disk, or pass `--kernel /abs/path/vmlinux` for a one-off kernel.
|
||||
|
||||
For reproducible custom images, write a Dockerfile and publish it to
|
||||
an image catalog. See [`docs/image-catalog.md`](image-catalog.md).
|
||||
|
||||
## Workspace + session primitives
|
||||
|
||||
Long-lived guest commands managed by the daemon, attachable over a
|
||||
local Unix socket bridge. Useful for agent/background processes that
|
||||
need to survive SSH disconnects.
|
||||
|
||||
```bash
|
||||
banger vm workspace prepare <vm> ./other-repo --guest-path /root/repo
|
||||
banger vm session start <vm> --name planner --cwd /root/repo \
|
||||
--stdin-mode pipe -- pi --mode rpc
|
||||
banger vm session attach <vm> planner
|
||||
banger vm session logs <vm> planner --stream stderr
|
||||
banger vm session stop <vm> planner
|
||||
```
|
||||
|
||||
Details:
|
||||
|
||||
- `vm workspace prepare` materialises a local git checkout into a
|
||||
running VM. Default guest path `/root/repo`; default mode is a
|
||||
shallow metadata copy plus tracked and untracked non-ignored
|
||||
overlay.
|
||||
- `vm session start` launches a daemon-managed long-lived guest
|
||||
command. The daemon preflights that the guest `cwd` exists and the
|
||||
command is on guest `PATH` before launch. Use `--stdin-mode pipe`
|
||||
when you need live `attach`.
|
||||
- `vm session attach` is exclusive and same-host only. Pipe-mode
|
||||
sessions survive daemon restarts.
|
||||
|
||||
## Inspecting boot failures
|
||||
|
||||
When a VM's create flow errors ("ssh did not come up within 90s" or
|
||||
similar), the VM is kept alive for inspection:
|
||||
|
||||
- `banger vm logs <name>` — the firecracker serial console output,
|
||||
the best window into a stuck boot (systemd unit failures, kernel
|
||||
panics, missing modules).
|
||||
- `banger vm ports <name>` — what's listening in the guest. Works as
|
||||
long as banger's vsock agent has come up, even if SSH is wedged.
|
||||
- `banger vm show <name>` — daemon-side state (IP, PID, overlay
|
||||
paths).
|
||||
|
||||
`--rm` on `vm run` intentionally does NOT fire when the initial ssh
|
||||
wait times out, so the VM stays around for post-mortem.
|
||||
Loading…
Add table
Add a link
Reference in a new issue