Docker support

.gitignore

@@ -13,6 +13,8 @@ __pycache__
 /pydantic/
 node_modules
 *.squashfs
+.vscode
+rootfs/
 /examples/example_http_rust/target/
 /examples/example_django/static/admin/
 /runtimes/aleph-debian-11-python/rootfs/

docker/run_vm_supervisor.sh

@@ -11,10 +11,11 @@ fi
 $DOCKER_COMMAND build -t alephim/vm-supervisor-dev -f docker/vm_supervisor-dev.dockerfile .
 
 $DOCKER_COMMAND run -ti --rm \
-  -v "$(pwd)/runtimes/aleph-debian-11-python/rootfs.squashfs:/opt/aleph-vm/runtimes/aleph-debian-11-python/rootfs.squashfs:ro" \
-  -v "$(pwd)/examples/volumes/volume-venv.squashfs:/opt/aleph-vm/examples/volumes/volume-venv.squashfs:ro" \
-  -v "$(pwd)/vm_supervisor:/opt/aleph-vm/vm_supervisor:ro" \
-  -v "$(pwd)/firecracker:/opt/aleph-vm/firecracker:ro" \
   --device /dev/kvm \
   -p 4020:4020 \
   alephim/vm-supervisor-dev $@
+
+  # -v "$(pwd)/runtimes/aleph-debian-11-python/rootfs.squashfs:/opt/aleph-vm/runtimes/aleph-debian-11-python/rootfs.squashfs:ro" \
+# -v "$(pwd)/examples/volumes/volume-venv.squashfs:/opt/aleph-vm/examples/volumes/volume-venv.squashfs:ro" \
+# -v "$(pwd)/vm_supervisor:/opt/aleph-vm/vm_supervisor:ro" \
+# -v "$(pwd)/firecracker:/opt/aleph-vm/firecracker:ro" \

docker/run_vm_supervisor_2.sh

@@ -0,0 +1,21 @@
+#!/bin/sh
+
+# Use Podman if installed, else use Docker
+if hash podman 2> /dev/null
+then
+  DOCKER_COMMAND=podman
+else
+  DOCKER_COMMAND=docker
+fi
+
+$DOCKER_COMMAND build -t alephim/vm-supervisor-dev -f docker/vm_supervisor-dev-docker.dockerfile .
+
+$DOCKER_COMMAND run -ti --privileged --name=vm_supervisor_docker --rm \
+  -v "$(pwd)/runtimes/aleph-docker/:/opt/aleph-vm/runtimes/aleph-docker/:ro" \
+  -v "$(pwd)/examples/volumes/docker-data.squashfs:/opt/aleph-vm/examples/volumes/docker-data.squashfs:ro" \
+  -v "$(pwd)/examples/example_docker_container:/opt/aleph-vm/examples/example_docker_container:ro" \
+  -v "$(pwd)/vm_supervisor:/opt/aleph-vm/vm_supervisor:ro" \
+  -v "$(pwd)/firecracker:/opt/aleph-vm/firecracker:ro" \
+  --device /dev/kvm \
+  -p 4020:4020 \
+  alephim/vm-supervisor-dev $@

docker/vm_supervisor-dev-docker.dockerfile

@@ -0,0 +1,57 @@
+# This is mainly a copy of the installation instructions from [vm_supervisor/README.md]
+
+FROM debian:bullseye
+
+RUN apt-get update && apt-get -y upgrade && apt-get install -y \
+    sudo acl curl squashfs-tools git \
+    python3 python3-aiohttp python3-msgpack python3-pip python3-aiodns python3-aioredis  \
+    python3-psutil python3-setproctitle python3-sqlalchemy python3-packaging python3-cpuinfo \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN useradd jailman
+
+RUN mkdir /opt/firecracker
+RUN chown $(whoami) /opt/firecracker
+RUN curl -fsSL https://github.com/firecracker-microvm/firecracker/releases/download/v1.1.1/firecracker-v1.1.1-x86_64.tgz | tar -xz --directory /opt/firecracker
+RUN curl -fsSL -o /opt/firecracker/vmlinux.bin https://s3.amazonaws.com/spec.ccfc.min/img/quickstart_guide/x86_64/kernels/vmlinux.bin
+
+# Link binaries on version-agnostic paths:
+RUN ln /opt/firecracker/release-*/firecracker-v* /opt/firecracker/firecracker
+RUN ln /opt/firecracker/release-*/jailer-v* /opt/firecracker/jailer
+
+RUN pip3 install typing-extensions 'aleph-message>=0.1.19'
+
+RUN mkdir -p /var/lib/aleph/vm/jailer
+
+ENV PYTHONPATH /mnt
+
+# Networking only works in privileged containers
+ENV ALEPH_VM_ALLOW_VM_NETWORKING False
+ENV ALEPH_VM_NETWORK_INTERFACE "tap0"
+# Jailer does not work in Docker containers
+ENV ALEPH_VM_USE_JAILER False
+# Use fake test data
+ENV ALEPH_VM_FAKE_DATA True
+# Allow connections from host
+ENV ALEPH_VM_SUPERVISOR_HOST "0.0.0.0"
+
+# Make it easy to enter this command from a shell script
+RUN echo "python3 -m vm_supervisor --print-settings --very-verbose --system-logs --profile -f ./examples/example_docker_container" >> /root/.bash_history
+
+
+ENV BENCHMARK_FAKE_DATA_PROGRAM="/opt/aleph-vm/examples/example_docker_container"
+ENV FAKE_DATA_MESSAGE="/opt/aleph-vm/examples/message_from_aleph_docker_runtime.json"
+ENV FAKE_DATA_DATA="/opt/aleph-vm/examples/data/"
+ENV FAKE_DATA_RUNTIME="/opt/aleph-vm/runtimes/aleph-docker/rootfs.squashfs"
+ENV FAKE_DATA_VOLUME="/opt/aleph-vm/examples/volumes/docker-data.squashfs"
+
+RUN mkdir /opt/aleph-vm/
+COPY ./vm_supervisor /opt/aleph-vm/vm_supervisor
+COPY ./firecracker /opt/aleph-vm/firecracker
+COPY ./guest_api /opt/aleph-vm/guest_api
+COPY ./examples /opt/aleph-vm/examples
+COPY ./runtimes /opt/aleph-vm/runtimes
+
+WORKDIR /opt/aleph-vm
+
+CMD "bash"

examples/example_docker_container/entrypoint.sh

@@ -0,0 +1,3 @@
+#!/bin/sh
+docker image ls
+docker run --rm -p 8080:8080 amozpay/hello_node

examples/message_from_aleph_docker_runtime.json

@@ -0,0 +1,99 @@
+{
+    "_id": {
+        "$oid": "6080402d7f44efefd611dc1e"
+    },
+    "chain": "ETH",
+    "item_hash": "fake-hash-fake-hash-fake-hash-fake-hash-fake-hash-fake-hash-hash",
+    "sender": "0x9319Ad3B7A8E0eE24f2E639c40D8eD124C5520Ba",
+    "type": "PROGRAM",
+    "channel": "Fun-dApps",
+    "confirmed": true,
+    "content": {
+        "type": "vm-function",
+        "address": "0x9319Ad3B7A8E0eE24f2E639c40D8eD124C5520Ba",
+        "allow_amend": false,
+        "code": {
+            "encoding": "squashfs",
+            "entrypoint": "entrypoint.sh",
+            "ref": "7eb2eca2378ea8855336ed76c8b26219f1cb90234d04441de9cf8cb1c649d003",
+            "use_latest": false
+        },
+        "variables": {
+            "VM_CUSTOM_NUMBER": "32",
+            "DOCKER_MOUNTPOINT": "/opt/docker"
+        },
+        "on": {
+            "http": true,
+            "message": [
+                {
+                    "sender": "0xb5F010860b0964090d5414406273E6b3A8726E96",
+                    "channel": "TEST"
+                },
+                {
+                    "content": {
+                        "ref": "4d4db19afca380fdf06ba7f916153d0f740db9de9eee23ad26ba96a90d8a2920"
+                    }
+                }
+            ]
+        },
+        "environment": {
+            "reproducible": true,
+            "internet": true,
+            "aleph_api": true,
+            "shared_cache": true
+        },
+        "resources": {
+            "vcpus": 1,
+            "memory": 512,
+            "seconds": 30
+        },
+        "runtime": {
+            "ref": "5f31b0706f59404fad3d0bff97ef89ddf24da4761608ea0646329362c662ba51",
+            "use_latest": false,
+            "comment": "Aleph Debian Linux with Docker"
+        },
+        "volumes": [
+            {
+                "mount": "/opt/docker/metadata",
+                "ref": "5f31b0706f59404fad3d0bff97ef89ddf24da4761608ea0646329362c662ba51",
+                "use_latest": false
+            },
+            {
+                "mount": "/opt/docker/layers",
+                "ref": "5f31b0706f59404fad3d0bff97ef89ddf24da4761608ea0646329362c662ba51",
+                "use_latest": false
+            },
+            {
+                "comment": "Working data persisted on the VM supervisor, not available on other nodes",
+                "mount": "/var/lib/example",
+                "name": "data",
+                "persistence": "host",
+                "size_mib": 5
+            }
+        ],
+        "data": {
+            "encoding": "zip",
+            "mount": "/data",
+            "ref": "7eb2eca2378ea8855336ed76c8b26219f1cb90234d04441de9cf8cb1c649d003",
+            "use_latest": false
+        },
+        "export": {
+            "encoding": "zip",
+            "mount": "/data"
+        },
+        "replaces": "0x9319Ad3B7A8E0eE24f2E639c40D8eD124C5520Ba",
+        "time": 1619017773.8950517
+    },
+    "item_content": "{\"type\": \"vm-function\", \"address\": \"0x9319Ad3B7A8E0eE24f2E639c40D8eD124C5520Ba\", \"allow_amend\": false, \"code\": {\"encoding\": \"squashfs\", \"entrypoint\": \"main:app\", \"ref\": \"7eb2eca2378ea8855336ed76c8b26219f1cb90234d04441de9cf8cb1c649d003\", \"use_latest\": false}, \"on\": {\"http\": true, \"message\": [{\"sender\": \"0xB31B787AdA86c6067701d4C0A250c89C7f1f29A5\", \"channel\": \"TEST\"}, {\"content\": {\"ref\": \"4d4db19afca380fdf06ba7f916153d0f740db9de9eee23ad26ba96a90d8a2920\"}}]}, \"environment\": {\"reproducible\": true, \"internet\": true, \"aleph_api\": true, \"shared_cache\": false}, \"resources\": {\"vcpus\": 1, \"memory\": 128, \"seconds\": 30}, \"runtime\": {\"ref\": \"5f31b0706f59404fad3d0bff97ef89ddf24da4761608ea0646329362c662ba51\", \"use_latest\": false, \"comment\": \"Aleph Alpine Linux with Python 3.8\"}, \"volumes\": [{\"mount\": \"/opt/venv\", \"ref\": \"5f31b0706f59404fad3d0bff97ef89ddf24da4761608ea0646329362c662ba51\", \"use_latest\": false}, {\"comment\": \"Working data persisted on the VM supervisor, not available on other nodes\", \"mount\": \"/var/lib/sqlite\", \"name\": \"database\", \"persistence\": \"host\", \"size_mib\": 5}], \"data\": {\"encoding\": \"zip\", \"mount\": \"/data\", \"ref\": \"7eb2eca2378ea8855336ed76c8b26219f1cb90234d04441de9cf8cb1c649d003\", \"use_latest\": false}, \"export\": {\"encoding\": \"zip\", \"mount\": \"/data\"}, \"replaces\": \"0x9319Ad3B7A8E0eE24f2E639c40D8eD124C5520Ba\", \"time\": 1619017773.8950517}",
+    "item_type": "inline",
+    "signature": "0x372da8230552b8c3e65c05b31a0ff3a24666d66c575f8e11019f62579bf48c2b7fe2f0bbe907a2a5bf8050989cdaf8a59ff8a1cbcafcdef0656c54279b4aa0c71b",
+    "size": 749,
+    "time": 1619017773.8950577,
+    "confirmations": [
+        {
+            "chain": "ETH",
+            "height": 12284734,
+            "hash": "0x67f2f3cde5e94e70615c92629c70d22dc959a118f46e9411b29659c2fce87cdc"
+        }
+    ]
+}

examples/volumes/build_squashfs.sh

@@ -10,5 +10,7 @@ else
   DOCKER_COMMAND=docker
 fi
 
+echo DOCKER_COMMAND=$DOCKER_COMMAND
+
 $DOCKER_COMMAND build -t aleph-vm-build-squashfs .
 $DOCKER_COMMAND run --rm -v "$(pwd)":/mnt aleph-vm-build-squashfs

run_supervisor_host.sh

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+export PYTHONPATH=$(pwd)
+
+export ALEPH_VM_ALLOW_VM_NETWORKING=False
+export ALEPH_VM_NETWORK_INTERFACE=tap0
+export ALEPH_VM_USE_JAILER=False
+export ALEPH_VM_FAKE_DATA=True
+export ALEPH_VM_SUPERVISOR_HOST=0.0.0.0
+
+export BENCHMARK_FAKE_DATA_PROGRAM=$(pwd)/examples/example_docker_container
+export FAKE_DATA_MESSAGE=$(pwd)/examples/message_from_aleph_docker_runtime.json
+export FAKE_DATA_DATA=$(pwd)/examples/data/
+export FAKE_DATA_RUNTIME=$(pwd)/runtimes/aleph-docker/rootfs.squashfs
+export FAKE_DATA_VOLUME=$(pwd)/examples/volumes/docker/layers:/opt/docker/layers,$(pwd)/examples/volumes/docker/metadata:/opt/docker/metadata
+
+
+python3 -m vm_supervisor --print-settings --very-verbose --system-logs --profile -f ./examples/example_docker_container

runtimes/aleph-alpine-3.13-python/init0.sh

@@ -43,5 +43,7 @@ log "Setup socat"
 socat UNIX-LISTEN:/tmp/socat-socket,fork,reuseaddr VSOCK-CONNECT:2:53 &
 log "Socat ready"
 
+pip show aiohttp
+
 # Replace this script with the manager
 exec /root/init1.py

runtimes/aleph-alpine-3.13-python/init1.py

@@ -10,22 +10,27 @@
 
 logger.debug("Imports starting")
 
-import ctypes
-import asyncio
-import os
-import socket
-from enum import Enum
-import subprocess
-import sys
-import traceback
-from contextlib import redirect_stdout
-from dataclasses import dataclass, field
-from io import StringIO
-from os import system
-from shutil import make_archive
-from typing import Optional, Dict, Any, Tuple, List, NewType, Union, AsyncIterable
-
-import aiohttp
+# import ctypes
+# import asyncio
+# import os
+# import socket
+# from enum import Enum
+# import subprocess
+# import sys
+# import traceback
+# from contextlib import redirect_stdout
+# from dataclasses import dataclass, field
+# from io import StringIO
+# from os import system
+# from shutil import make_archive
+# from typing import Optional, Dict, Any, Tuple, List, NewType, Union, AsyncIterable
+
+from aiohttp import (
+    ClientTimeout,
+    ClientConnectorError,
+    ClientSession
+)
+
 import msgpack
 
 logger.debug("Imports finished")
@@ -326,13 +331,13 @@ async def run_executable_http(scope: dict) -> Tuple[Dict, Dict, str, Optional[by
     headers = None
     body = None
 
-    timeout = aiohttp.ClientTimeout(total=5)
-    async with aiohttp.ClientSession(timeout=timeout) as session:
+    timeout = ClientTimeout(total=5)
+    async with ClientSession(timeout=timeout) as session:
         while not body:
             try:
                 tries += 1
                 headers, body = await make_request(session, scope)
-            except aiohttp.ClientConnectorError:
+            except ClientConnectorError:
                 if tries > 20:
                     raise
                 await asyncio.sleep(0.05)
@@ -361,7 +366,7 @@ async def process_instruction(
             # Close the cached session in aleph_client:
             from aleph_client.asynchronous import get_fallback_session
 
-            session: aiohttp.ClientSession = get_fallback_session()
+            session: ClientSession = get_fallback_session()
             await session.close()
             logger.debug("Aiohttp cached session closed")
         yield b"STOP\n"

runtimes/aleph-debian-11-python/create_disk_image.sh

@@ -17,7 +17,6 @@ apt-get install -y --no-install-recommends --no-install-suggests \
   python3-minimal \
   openssh-server \
   socat libsecp256k1-0 \
-  \
   python3-aiohttp python3-msgpack \
   python3-setuptools \
   python3-pip python3-cytoolz python3-pydantic \

runtimes/aleph-docker/create_disk_image.sh

@@ -0,0 +1,112 @@
+#!/bin/sh
+
+rm -f ./rootfs.squashfs
+
+set -euf
+
+rm -fr ./rootfs
+mkdir ./rootfs
+
+debootstrap --variant=minbase bullseye ./rootfs http://deb.debian.org/debian/
+
+chroot ./rootfs /bin/sh <<EOT
+
+set -euf
+
+apt-get install -y --no-install-recommends --no-install-suggests \
+  python3-minimal \
+  openssh-server \
+  socat libsecp256k1-0 \
+  \
+  python3-msgpack \
+  python3-setuptools \
+  python3-pip python3-cytoolz python3-pydantic \
+  iproute2 unzip \
+  curl\
+  docker.io\
+  cgroupfs-mount \
+  build-essential python3-dev
+pip3 install 'fastapi~=0.71.0'
+pip3 install aiohttp
+
+
+
+echo "Pip installing aleph-client"
+pip3 install 'aleph-client>=0.4.6' 'coincurve==15.0.0'
+
+# Compile all Python bytecode
+python3 -m compileall -f /usr/local/lib/python3.9
+
+echo "root:toor" | /usr/sbin/chpasswd
+
+mkdir -p /overlay
+
+mkdir -p /var/lib/docker
+cd /var/lib/docker
+mkdir -m  710 vfs
+mkdir -m 700 image
+mkdir -m 700 image/vfs
+mkdir -m 700 plugins
+mkdir -m 700 swarm
+cmkdir -m 750 network
+mkdir -m 700 trust
+mkdir -m 701 volumes
+mkdir -m 711 buildkit
+mkdir -m 710 containers
+
+# Set up a login terminal on the serial console (ttyS0):
+ln -s agetty /etc/init.d/agetty.ttyS0
+echo ttyS0 > /etc/securetty
+
+update-alternatives --set iptables /usr/sbin/iptables-legacy
+EOT
+
+echo "PermitRootLogin yes" >> ./rootfs/etc/ssh/sshd_config
+
+# Generate SSH host keys
+#systemd-nspawn -D ./rootfs/ ssh-keygen -q -N "" -t dsa -f /etc/ssh/ssh_host_dsa_key
+#systemd-nspawn -D ./rootfs/ ssh-keygen -q -N "" -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key
+#systemd-nspawn -D ./rootfs/ ssh-keygen -q -N "" -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
+#systemd-nspawn -D ./rootfs/ ssh-keygen -q -N "" -t ed25519 -f /etc/ssh/ssh_host_ed25519_key
+
+cat <<EOT > ./rootfs/etc/inittab
+# /etc/inittab
+
+::sysinit:/sbin/init sysinit
+::sysinit:/sbin/init boot
+::wait:/sbin/init default
+
+# Set up a couple of getty's
+tty1::respawn:/sbin/getty 38400 tty1
+tty2::respawn:/sbin/getty 38400 tty2
+tty3::respawn:/sbin/getty 38400 tty3
+tty4::respawn:/sbin/getty 38400 tty4
+tty5::respawn:/sbin/getty 38400 tty5
+tty6::respawn:/sbin/getty 38400 tty6
+
+# Put a getty on the serial port
+ttyS0::respawn:/sbin/getty -L ttyS0 115200 vt100
+
+# Stuff to do for the 3-finger salute
+::ctrlaltdel:/sbin/reboot
+
+# Stuff to do before rebooting
+::shutdown:/sbin/init shutdown
+EOT
+
+# Reduce size
+rm -fr ./rootfs/root/.cache
+rm -fr ./rootfs/var/cache
+mkdir -p ./rootfs/var/cache/apt/archives/partial
+rm -fr ./rootfs/usr/share/doc
+rm -fr ./rootfs/usr/share/man
+rm -fr ./rootfs/var/lib/apt/lists/
+
+# Custom init
+rm -f ./rootfs/sbin/init
+cp ./init0.sh ./rootfs/sbin/init
+cp ./init1.py ./rootfs/root/init1.py
+chmod +x ./rootfs/sbin/init
+chmod +x ./rootfs/root/init1.py
+
+mksquashfs ./rootfs/ ./rootfs.squashfs

runtimes/aleph-docker/init0.sh

@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -euf
+
+mount -t proc proc /proc -o nosuid,noexec,nodev
+
+log() {
+    echo "$(cat /proc/uptime | awk '{printf $1}')" '|S' "$@"
+}
+log "init0.sh is launching"
+
+# Switch root from read-only ext4 to to read-write overlay
+mkdir -p /overlay
+/bin/mount -t tmpfs -o noatime,mode=0755 tmpfs /overlay
+mkdir -p /overlay/root/rw /overlay/root/work
+/bin/mount -o noatime,lowerdir=/,upperdir=/overlay/root/rw,workdir=/overlay/root/work -t overlay "overlayfs:/overlay/root/rw" /mnt
+mkdir -p /mnt/rom
+pivot_root /mnt /mnt/rom
+
+mount --move /rom/proc /proc
+mount --move /rom/dev /dev
+
+mkdir -p /dev/pts
+mkdir -p /dev/shm
+
+mount -t sysfs sys /sys -o nosuid,noexec,nodev
+mount -t tmpfs run /run -o mode=0755,nosuid,nodev
+#mount -t devtmpfs dev /dev -o mode=0755,nosuid
+mount -t devpts devpts /dev/pts -o mode=0620,gid=5,nosuid,noexec
+mount -t tmpfs shm /dev/shm -omode=1777,nosuid,nodev
+
+
+# List block devices
+lsblk
+
+#cat /proc/sys/kernel/random/entropy_avail
+
+# TODO: Move in init1
+mkdir -p /run/sshd
+/usr/sbin/sshd &
+log "SSH UP"
+
+log "Setup socat"
+socat UNIX-LISTEN:/tmp/socat-socket,fork,reuseaddr VSOCK-CONNECT:2:53 &
+log "Socat ready"
+
+cgroupfs-mount
+
+export PATH=$PATH:/usr/local/bin:/usr/bin:/usr/sbin
+
+log "INIT 0 DONE2"
+# Replace this script with the manager
+exec /root/init1.py

runtimes/aleph-docker/update_inits.sh

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+rm ./rootfs.squashfs
+
+set -euf
+
+cp ./init0.sh ./rootfs/sbin/init
+cp ./init1.py ./rootfs/root/init1.py
+chmod +x ./rootfs/sbin/init
+chmod +x ./rootfs/root/init1.py
+
+mksquashfs ./rootfs/ ./rootfs.squashfs
+
+echo "OK"

vm_supervisor/conf.py

@@ -5,7 +5,8 @@
 from os.path import isfile, join, exists, abspath, isdir
 from pathlib import Path
 from subprocess import check_output
-from typing import NewType, Optional, List, Dict, Any
+from typing import NewType, Optional, List
+from os import environ
 
 from pydantic import BaseSettings, Field
 
@@ -118,20 +119,25 @@ class Settings(BaseSettings):
 
     FAKE_DATA_PROGRAM: Optional[Path] = None
     BENCHMARK_FAKE_DATA_PROGRAM = Path(
-        abspath(join(__file__, "../../examples/example_fastapi"))
+        environ.get("BENCHMARK_FAKE_DATA_PROGRAM")
+        or abspath(join(__file__, "../../examples/example_fastapi"))
     )
 
     FAKE_DATA_MESSAGE = Path(
-        abspath(join(__file__, "../../examples/message_from_aleph.json"))
+        environ.get("FAKE_DATA_MESSAGE")
+        or abspath(join(__file__, "../../examples/message_from_aleph.json"))
     )
     FAKE_DATA_DATA: Optional[Path] = Path(
-        abspath(join(__file__, "../../examples/data/"))
+        environ.get("FAKE_DATA_DATA")
+        or abspath(join(__file__, "../../examples/data/"))
     )
     FAKE_DATA_RUNTIME = Path(
-        abspath(join(__file__, "../../runtimes/aleph-debian-11-python/rootfs.squashfs"))
+        environ.get("FAKE_DATA_RUNTIME")
+        or abspath(join(__file__, "../../runtimes/aleph-debian-11-python/rootfs.squashfs"))
     )
     FAKE_DATA_VOLUME: Optional[Path] = Path(
-        abspath(join(__file__, "../../examples/volumes/volume-venv.squashfs"))
+        environ.get("FAKE_DATA_VOLUME")
+        or abspath(join(__file__, "../../examples/volumes/volume-venv.squashfs"))
     )
 
     CHECK_FASTAPI_VM_ID = (
@@ -176,9 +182,15 @@ def check(self):
             assert isfile(
                 self.FAKE_DATA_RUNTIME
             ), "Local runtime .squashfs build is missing"
-            assert isfile(
-                self.FAKE_DATA_VOLUME
-            ), "Local data volume .squashfs is missing"
+            if "," in str(self.FAKE_DATA_VOLUME): # allow multiple volumes with format "host_path:mountpoint,host_path:mountpoint"
+                for volume_bind in str(self.FAKE_DATA_VOLUME).split(","):
+                    assert isfile(
+                        volume_bind.split(":")[0]
+                    ), f"Local data volume {volume_bind.split(':')[0]} is missing"
+            else:
+                assert isfile(
+                    self.FAKE_DATA_VOLUME
+                ), f"Local data volume {volume_bind.split(':')[0]} is missing"
 
     def setup(self):
         os.makedirs(self.MESSAGE_CACHE, exist_ok=True)

vm_supervisor/storage.py

@@ -157,9 +157,14 @@ def create_ext4(path: Path, size_mib: int) -> bool:
 
 async def get_volume_path(volume: MachineVolume, namespace: str) -> Path:
     if isinstance(volume, ImmutableVolume):
+        print(volume)
         ref = volume.ref
         if settings.FAKE_DATA_PROGRAM and settings.FAKE_DATA_VOLUME:
-            return Path(settings.FAKE_DATA_VOLUME)
+            if "," not in str(settings.FAKE_DATA_VOLUME):
+                return Path(settings.FAKE_DATA_VOLUME)
+            for volume_bind in str(settings.FAKE_DATA_VOLUME).split(","):
+                if volume.mount == volume_bind.split(":")[1]:
+                    return volume_bind.split(":")[0]
 
         cache_path = Path(join(settings.DATA_CACHE, ref))
         url = f"{settings.CONNECTOR_URL}/download/data/{ref}"