github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-16 14:28:35 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #6819 from fidencio/topic/use-static-sandbox-resource-mgmt-for-TEEs

Browse Source 
runtime: Use static_sandbox_resource_mgmt=true for TEEs
This commit is contained in:
Fabiano Fidêncio
2023-05-18 22:38:31 +02:00
committed by GitHub
parent 2ea8acaaa5 ca1531fe9d
commit 0364620844
4 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/runtime/Makefile
View File

@@ -242,6 +242,7 @@ DEFVFIOMODE := guest-kernel
DEFSANDBOXCGROUPONLY ?= false
DEFSTATICRESOURCEMGMT ?= false
DEFSTATICRESOURCEMGMT_TEE = true
DEFBINDMOUNTS := []
@@ -599,6 +600,7 @@ USER_VARS += DEFVALIDENTROPYSOURCES
USER_VARS += DEFSANDBOXCGROUPONLY
USER_VARS += DEFSTATICRESOURCEMGMT
USER_VARS += DEFSTATICRESOURCEMGMT_FC
USER_VARS += DEFSTATICRESOURCEMGMT_TEE
USER_VARS += DEFBINDMOUNTS
USER_VARS += DEFSERVICEOFFLOAD
USER_VARS += DEFVFIOMODE

2
src/runtime/config/configuration-qemu-sev.toml.in
View File

@@ -578,7 +578,7 @@ sandbox_cgroup_only=@DEFSANDBOXCGROUPONLY@
# - When running with pods, sandbox sizing information will only be available if using Kubernetes >= 1.23 and containerd >= 1.6. CRI-O
# does not yet support sandbox sizing annotations.
# - When running single containers using a tool like ctr, container sizing information will be available.
static_sandbox_resource_mgmt=@DEFSTATICRESOURCEMGMT@
static_sandbox_resource_mgmt=@DEFSTATICRESOURCEMGMT_TEE@
# If specified, sandbox_bind_mounts identifieds host paths to be mounted (ro) into the sandboxes shared path.
# This is only valid if filesystem sharing is utilized. The provided path(s) will be bindmounted into the shared fs directory.

2
src/runtime/config/configuration-qemu-snp.toml.in
View File

@@ -618,7 +618,7 @@ sandbox_cgroup_only=@DEFSANDBOXCGROUPONLY@
# - When running with pods, sandbox sizing information will only be available if using Kubernetes >= 1.23 and containerd >= 1.6. CRI-O
# does not yet support sandbox sizing annotations.
# - When running single containers using a tool like ctr, container sizing information will be available.
static_sandbox_resource_mgmt=@DEFSTATICRESOURCEMGMT@
static_sandbox_resource_mgmt=@DEFSTATICRESOURCEMGMT_TEE@
# If specified, sandbox_bind_mounts identifieds host paths to be mounted (ro) into the sandboxes shared path.
# This is only valid if filesystem sharing is utilized. The provided path(s) will be bindmounted into the shared fs directory.

2
src/runtime/config/configuration-qemu-tdx.toml.in
View File

@@ -614,7 +614,7 @@ sandbox_cgroup_only=@DEFSANDBOXCGROUPONLY@
# - When running with pods, sandbox sizing information will only be available if using Kubernetes >= 1.23 and containerd >= 1.6. CRI-O
# does not yet support sandbox sizing annotations.
# - When running single containers using a tool like ctr, container sizing information will be available.
static_sandbox_resource_mgmt=@DEFSTATICRESOURCEMGMT@
static_sandbox_resource_mgmt=@DEFSTATICRESOURCEMGMT_TEE@
# If specified, sandbox_bind_mounts identifieds host paths to be mounted (ro) into the sandboxes shared path.
# This is only valid if filesystem sharing is utilized. The provided path(s) will be bindmounted into the shared fs directory.