Skip to content

Add krunkit driver supporting GPU acceleration on macOS #20826

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jul 21, 2025
Merged

Add krunkit driver supporting GPU acceleration on macOS #20826

merged 4 commits into from
Jul 21, 2025
+851 −10

Conversation

nirs
Copy link
Contributor

@nirs nirs commented May 23, 2025
edited
Loading

krunkit is a tool to launch configurable virtual machines using the libkrun platform, optimized for GPU accelerated virtual machines and AI workloads on Apple silicon.

It is mostly compatible with vfkit; the driver is a simplified copy of the vfkit driver.

To experiment with the krunkit driver see https://github.com/medyagh/ai-playground-minikube/tree/main/macos

asciicast

Benchmarking GPU compute workloads shows 2 orders of magnitude improvement with Virtio-GPU, and fully utilized GPU:

Status

  • Tested using locally built iso
  • Start/delete clusters
  • GPU available in the guest
  • Run GPU benchmarks
  • Test unsupported platform (linux/amd64)
  • Test krunkit is not installed
  • Test vment-helper not installed
  • Test vment-helper not configured

Integration test results

Created with iso from #21089 using:

env TEST_ARGS="-minikube-start-args='--driver=krunkit --iso-url=file:///Users/nir/src/minikube/minikube-arm64-minimal-k8s.iso'" make integration

krunkit.tar.gz

Fixes #20803

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels May 23, 2025
@k8s-ci-robot k8s-ci-robot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label May 23, 2025
@k8s-ci-robot k8s-ci-robot requested a review from spowelljr May 23, 2025 19:11
@k8s-ci-robot
Copy link
Contributor

Hi @nirs. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot added the size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. label May 23, 2025
@minikube-bot
Copy link
Collaborator

Can one of the admins verify this patch?

@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label May 24, 2025
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label May 24, 2025
@nirs nirs force-pushed the krunkit branch 3 times, most recently from 7cda3a5 to cbe0012 Compare May 25, 2025 01:25
@nirs
Copy link
Contributor Author

nirs commented May 25, 2025
edited
Loading

@afbjorklund can you review this?

I think the issue of not having /dev/dri is using too old kernel. We are using 5.10.207 while libkrun seems to require 5.16 or later.

libkrun for macOS is using venus, which requires

The Venus driver requires supports for

VIRTGPU_PARAM_3D_FEATURES
VIRTGPU_PARAM_CAPSET_QUERY_FIX
VIRTGPU_PARAM_RESOURCE_BLOB
VIRTGPU_PARAM_HOST_VISIBLE
VIRTGPU_PARAM_CROSS_DEVICE
VIRTGPU_PARAM_CONTEXT_INIT

from the virtio-gpu kernel driver, unless vtest is used. That usually means the guest kernel should be at least 5.16

So it seems that we need to move to newer kernel. Do you know why are stuck with 5.10?

minikube/deploy/iso/minikube-iso/configs/minikube_aarch64_defconfig

Line 38 in ec2b7c1

BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="5.10.207"

@nirs nirs mentioned this pull request May 25, 2025
Open
@afbjorklund
Copy link
Collaborator

afbjorklund commented May 25, 2025
edited
Loading

So it seems that we need to move to newer kernel. Do you know why are stuck with 5.10?

I don't think it is stuck with anything, just that it was using the LTS versions...

It seems that a new kernel version was not included, in the minikube OS upgrade.

Buildroot supports many: https://github.com/buildroot/buildroot/blob/2025.02.x/linux/linux.hash

  • 5.4
  • 5.10
  • 5.15
  • 6.1
  • 6.6
  • 6.12

See also https://www.kernel.org/ ("longterm")

@nirs
Copy link
Contributor Author

nirs commented May 25, 2025

So it seems that we need to move to newer kernel. Do you know why are stuck with 5.10?

I don't think it is stuck with anything, just that it was using the LTS versions...

It seems that a new kernel version was not included, in the minikube OS upgrade.

Buildroot supports many: https://github.com/buildroot/buildroot/blob/2025.02.x/linux/linux.hash

  • 5.4
  • 5.10
  • 5.15
  • 6.1
  • 6.6
  • 6.12

See also https://www.kernel.org/ ("longterm")

So should we try to update the kernel to latest longterm version (6.12.30)?

@afbjorklund
Copy link
Collaborator

afbjorklund commented May 25, 2025
edited
Loading

There was some talk about bumping to a newer kernel: (6.6?)

But that was last year, and for the 2024.02.x OS. So maybe.

It seems that it is only needed for this AI feature, though?

@nirs
Copy link
Contributor Author

nirs commented May 25, 2025

It seems that it is only needed for this AI feature, though?

Yes, this is for AI on Apple silicon. I can try to get build an iso to play with it, and when we a working iso we can discuss how to proceed with the upgrade.

@afbjorklund
Copy link
Collaborator

afbjorklund commented May 25, 2025
edited
Loading

So you could still use vfkit for all other (non-AI) usage of Kubernetes.

Or maybe even make it a single driver, if the syntax is close enough...

@k8s-ci-robot k8s-ci-robot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels May 25, 2025
nirs
nirs commented May 26, 2025
View reviewed changes
nirs
nirs commented May 26, 2025
View reviewed changes
nirs
nirs commented May 26, 2025
View reviewed changes
nirs
nirs commented May 26, 2025
View reviewed changes
@minikube-pr-bot

This comment has been minimized.

Sign in to view
@nirs nirs mentioned this pull request Jul 19, 2025
Open
@nirs
Copy link
Contributor Author

nirs commented Jul 19, 2025

@medyagh all comments addressed. Keeping as draft since it is rebased on #21089, required for vfkit and krunkit.

@minikube-pr-bot

This comment has been minimized.

Sign in to view
@nirs
Copy link
Contributor Author

nirs commented Jul 19, 2025

Rebased on #21089 to consume the new iso.

@minikube-pr-bot

This comment has been minimized.

Sign in to view
medyagh
medyagh reviewed Jul 20, 2025
View reviewed changes
medyagh
medyagh reviewed Jul 20, 2025
View reviewed changes
medyagh
medyagh requested changes Jul 20, 2025
View reviewed changes
Copy link
Member

@medyagh medyagh left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you @nirs just two small minor typos and then we can merge this

@k8s-ci-robot k8s-ci-robot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Jul 20, 2025
nirs added 4 commits July 20, 2025 05:11
@nirs
krunkit: Add krunkit driver
e4d64ad 
krunkit is a tool to launch configurable virtual machines using the
libkrun platform, optimized for GPU accelerated virtual machines and AI
workloads on Apple silicon.

It is mostly compatible with vfkit; the driver is a simplified copy of
the vfkit driver. Unlike vfkit, krunkit is available only on Apple
silicon.

Changes compared to vfkit driver:
- krunkit requires unix socket for networking, so we must use
  vment-helper.
- krunkit does not support HardStop, so we kill it using SIGKILL.
- We must enable vmnet offloading, required for krunkit.
- The code was simplified since vmnet-helper is always used
- Code was cleaned up to use .ResolveStorePath()
- Unused Upgrade() function was removed
- Types and functions that should not be public made private

We require krunkit 0.2.2, supporting --restul-uri=unix://.
@nirs
reason: Make vment-helper error driver agnostic
8b8a5ae 
Previously it was used only for vfkit, so we suggested to fallback to
the `nat` network. This advice is not relevant to krunkit or to qemu
(which can also use vmnet-helper).

Change the error to recommend installing vment-helper. We need to think
how we can recommend other networks for vfkit and qemu. Another solution
is to create error for every driver+network combination but this seems
hard to manage.
@nirs
hack: Add krunkit integration test
cff8099 
This is the same way that we test vfkit. This test is not running in the
CI.

Issues:
- Need to install and configure vment-helper (requires root).
@nirs
site: Add krunkit driver documentation
8ec2c07
@nirs
Copy link
Contributor Author

nirs commented Jul 20, 2025

thank you @nirs just two small minor typos and then we can merge this

Fixed

@nirs nirs marked this pull request as ready for review July 20, 2025 02:13
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jul 20, 2025
@k8s-ci-robot k8s-ci-robot requested a review from medyagh July 20, 2025 02:13
@nirs
Copy link
Contributor Author

nirs commented Jul 20, 2025
edited
Loading

Testing krunkit with unsupported platform

$ out/minikube start --driver krunkit
😄  minikube v1.36.0 on Fedora 42 (kvm/amd64)

❌  Exiting due to DRV_UNSUPPORTED_OS: The driver 'krunkit' is not supported on linux/amd64

Testing krunkit not installed

% out/minikube start --driver krunkit
😄  minikube v1.36.0 on Darwin 15.5 (arm64)
✨  Using the krunkit (experimental) driver based on user configuration

🤷  Exiting due to PROVIDER_KRUNKIT_NOT_FOUND: The 'krunkit' provider was not found: exec: "krunkit": executable file not found in $PATH
💡  Suggestion: Run 'brew tap slp/krunkit && brew install krunkit'
📘  Documentation: https://minikube.sigs.k8s.io/docs/reference/drivers/krunkit/

Testing vmnet-helper not installed

% out/minikube start --driver krunkit
😄  minikube v1.36.0 on Darwin 15.5 (arm64)
✨  Using the krunkit (experimental) driver based on user configuration

🤷  Exiting due to PROVIDER_KRUNKIT_NOT_FOUND: The 'krunkit' provider was not found: stat /opt/vmnet-helper/bin/vmnet-helper: no such file or directory
💡  Suggestion: Install and configure vment-helper
📘  Documentation: https://minikube.sigs.k8s.io/docs/reference/drivers/krunkit/

Testing vment-helper not configured

sudores rule not installed, password required during startup.

% out/minikube start --driver krunkit
😄  minikube v1.36.0 on Darwin 15.5 (arm64)
💡  Unable to run vmnet-helper without a password
    To configure vment-helper to run without a password, please check the documentation:
    https://github.com/nirs/vmnet-helper/#granting-permission-to-run-vmnet-helper
Password:
✨  Using the krunkit (experimental) driver based on user configuration
👍  Starting "minikube" primary control-plane node in "minikube" cluster
🔥  Creating krunkit VM (CPUs=2, Memory=6144MB, Disk=20000MB) ...
🐳  Preparing Kubernetes v1.33.2 on Docker 28.3.2 ...
    ▪ Generating certificates and keys ...
    ▪ Booting up control plane ...
    ▪ Configuring RBAC rules ...
🔗  Configuring bridge CNI (Container Networking Interface) ...
🔎  Verifying Kubernetes components...
    ▪ Using image gcr.io/k8s-minikube/storage-provisioner:v5
🌟  Enabled addons: default-storageclass, storage-provisioner
🏄  Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default

Testing vment-helper configured

Using passwordless sudo.

% sudo --reset-timestamp

% out/minikube start --driver krunkit                                                                 
😄  minikube v1.36.0 on Darwin 15.5 (arm64)
✨  Using the krunkit (experimental) driver based on user configuration
👍  Starting "minikube" primary control-plane node in "minikube" cluster
🔥  Creating krunkit VM (CPUs=2, Memory=6144MB, Disk=20000MB) ...
🐳  Preparing Kubernetes v1.33.2 on Docker 28.3.2 ...
    ▪ Generating certificates and keys ...
    ▪ Booting up control plane ...
    ▪ Configuring RBAC rules ...
🔗  Configuring bridge CNI (Container Networking Interface) ...
🔎  Verifying Kubernetes components...
    ▪ Using image gcr.io/k8s-minikube/storage-provisioner:v5
🌟  Enabled addons: default-storageclass, storage-provisioner
🏄  Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default

@minikube-pr-bot
Copy link

kvm2 driver with docker runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 20826) |
+----------------+----------+---------------------+
| minikube start | 49.3s    | 52.2s               |
| enable ingress | 14.8s    | 14.9s               |
+----------------+----------+---------------------+

Times for minikube start: 48.7s 52.6s 50.3s 48.1s 46.7s
Times for minikube (PR 20826) start: 50.6s 54.4s 50.4s 55.5s 50.3s

Times for minikube (PR 20826) ingress: 14.9s 15.9s 14.9s 14.9s 13.9s
Times for minikube ingress: 14.6s 14.5s 14.9s 15.0s 14.9s

docker driver with docker runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 20826) |
+----------------+----------+---------------------+
| minikube start | 22.7s    | 22.9s               |
| enable ingress | 12.9s    | 13.1s               |
+----------------+----------+---------------------+

Times for minikube start: 21.2s 22.3s 22.8s 22.5s 24.6s
Times for minikube (PR 20826) start: 21.8s 23.6s 22.8s 22.6s 23.7s

Times for minikube ingress: 12.7s 12.2s 12.7s 13.2s 13.3s
Times for minikube (PR 20826) ingress: 12.3s 12.8s 13.8s 12.8s 13.8s

docker driver with containerd runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 20826) |
+----------------+----------+---------------------+
| minikube start | 22.4s    | 22.5s               |
| enable ingress | 26.0s    | 26.4s               |
+----------------+----------+---------------------+

Times for minikube start: 20.5s 24.4s 21.8s 24.9s 20.2s
Times for minikube (PR 20826) start: 24.6s 21.9s 20.7s 20.6s 24.7s

Times for minikube ingress: 22.7s 38.7s 22.7s 22.7s 23.2s
Times for minikube (PR 20826) ingress: 22.8s 40.2s 22.7s 22.8s 23.2s

medyagh
medyagh approved these changes Jul 21, 2025
View reviewed changes
Copy link
Member

@medyagh medyagh left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Excellent work @nirs this is gonna be the highlight of the next release and enables developing AI/ML on kubernetes macbook machines !

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: medyagh, nirs

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 21, 2025
@medyagh medyagh merged commit 56975bc into kubernetes:master Jul 21, 2025
27 of 36 checks passed
@nirs nirs deleted the krunkit branch July 21, 2025 20:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@afbjorklund afbjorklund afbjorklund left review comments

@medyagh medyagh medyagh approved these changes

@ComradeProgrammer ComradeProgrammer Awaiting requested review from ComradeProgrammer

@prezha prezha Awaiting requested review from prezha

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add krunkit driver
6 participants
@nirs @k8s-ci-robot @minikube-bot @afbjorklund @medyagh @minikube-pr-bot