github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-07-16 00:16:52 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #3954 from bergwolf/github/backport-stable-2.4

Browse Source 
backport main commits to stable 2.4
This commit is contained in:
Bin Liu 2022-03-25 14:45:17 +08:00 committed by GitHub
commit 2ce9ce7b8f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 126 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/runtime/Makefile
View File

@ -589,12 +589,10 @@ $(GENERATED_FILES): %: %.in $(MAKEFILE_LIST) VERSION .git-commit
generate-config: $(CONFIGS)
test: install-hook go-test
test: hook go-test
install-hook:
hook:
make -C virtcontainers hook
echo "installing mock hook"
sudo -E make -C virtcontainers install
go-test: $(GENERATED_FILES)
go clean -testcache

2
src/runtime/pkg/katautils/hook_test.go
View File

@ -20,7 +20,7 @@ import (
var testKeyHook = "test-key"
var testContainerIDHook = "test-container-id"
var testControllerIDHook = "test-controller-id"
var testBinHookPath = "/usr/bin/virtcontainers/bin/test/hook"
var testBinHookPath = "../../virtcontainers/hook/mock/hook"
var testBundlePath = "/test/bundle"
func getMockHookBinPath() string {

2
tools/packaging/kata-deploy/README.md
View File

@ -143,7 +143,7 @@ $ kubectl -n kube-system wait --timeout=10m --for=delete -l name=kata-deploy pod
After ensuring kata-deploy has been deleted, cleanup the cluster:
```sh
$ kubectl apply -f https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup-stabe.yaml
$ kubectl apply -f https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup-stable.yaml
```
The cleanup daemon-set will run a single time, cleaning up the node-label, which makes it difficult to check in an automated fashion.

2
tools/packaging/kernel/kata_config_version
View File

@ -1 +1 @@
89
90

139
utils/kata-manager.sh
View File

@ -208,11 +208,14 @@ Description: Install $kata_project [1] (and optionally $containerd_project [2])
Options:
-c <version> : Specify containerd version.
-d : Enable debug for all components.
-f : Force installation (use with care).
-h : Show this help statement.
-k <version> : Specify Kata Containers version.
-o : Only install Kata Containers.
-r : Don't cleanup on failure (retain files).
-t : Disable self test (don't try to create a container after install).
-T : Only run self test (do not install anything).
Notes:
@ -402,13 +405,21 @@ install_containerd()
sudo tar -C /usr/local -xvf "${file}"
sudo ln -sf /usr/local/bin/ctr "${link_dir}"
for file in \
/usr/local/bin/containerd \
/usr/local/bin/ctr
do
sudo ln -sf "$file" "${link_dir}"
done
info "$project installed\n"
}
configure_containerd()
{
local enable_debug="${1:-}"
[ -z "$enable_debug" ] && die "no enable debug value"
local project="$containerd_project"
info "Configuring $project"
@ -460,26 +471,55 @@ configure_containerd()
info "Backed up $cfg to $original"
}
local modified="false"
# Add the Kata Containers configuration details:
local comment_text
comment_text=$(printf "%s: Added by %s\n" \
"$(date -Iseconds)" \
"$script_name")
sudo grep -q "$kata_runtime_type" "$cfg" || {
cat <<-EOT | sudo tee -a "$cfg"
[plugins]
[plugins."io.containerd.grpc.v1.cri"]
[plugins."io.containerd.grpc.v1.cri".containerd]
default_runtime_name = "${kata_runtime_name}"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.${kata_runtime_name}]
runtime_type = "${kata_runtime_type}"
EOT
# $comment_text
[plugins]
[plugins."io.containerd.grpc.v1.cri"]
[plugins."io.containerd.grpc.v1.cri".containerd]
default_runtime_name = "${kata_runtime_name}"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.${kata_runtime_name}]
runtime_type = "${kata_runtime_type}"
EOT
info "Modified $cfg"
modified="true"
}
if [ "$enable_debug" = "true" ]
then
local debug_enabled
debug_enabled=$(awk -v RS='' '/\[debug\]/' "$cfg" |\
grep -E "^\s*\<level\>\s*=\s*.*\<debug\>" || true)
[ -n "$debug_enabled" ] || {
cat <<-EOT | sudo tee -a "$cfg"
# $comment_text
[debug]
level = "debug"
EOT
}
modified="true"
fi
[ "$modified" = "true" ] && info "Modified $cfg"
sudo systemctl enable containerd
sudo systemctl start containerd
info "Configured $project\n"
local msg="disabled"
[ "$enable_debug" = "true" ] && msg="enabled"
info "Configured $project (debug $msg)\n"
}
install_kata()
@ -540,11 +580,48 @@ install_kata()
info "$project installed\n"
}
configure_kata()
{
local enable_debug="${1:-}"
[ -z "$enable_debug" ] && die "no enable debug value"
[ "$enable_debug" = "false" ] && \
info "Using default $kata_project configuration" && \
return 0
local config_file='configuration.toml'
local kata_dir='/etc/kata-containers'
sudo mkdir -p "$kata_dir"
local cfg_from
local cfg_to
cfg_from="${kata_install_dir}/share/defaults/kata-containers/${config_file}"
cfg_to="${kata_dir}/${config_file}"
[ -e "$cfg_from" ] || die "cannot find $kata_project configuration file"
sudo install -o root -g root -m 0644 "$cfg_from" "$cfg_to"
sudo sed -i \
-e 's/^# *\(enable_debug\).*=.*$/\1 = true/g' \
-e 's/^kernel_params = "\(.*\)"/kernel_params = "\1 agent.log=debug initcall_debug"/g' \
"$cfg_to"
info "Configured $kata_project for full debug (delete $cfg_to to use pristine $kata_project configuration)"
}
handle_kata()
{
local version="${1:-}"
install_kata "$version"
local enable_debug="${2:-}"
[ -z "$enable_debug" ] && die "no enable debug value"
install_kata "$version" "$enable_debug"
configure_kata "$enable_debug"
kata-runtime --version
}
@ -556,6 +633,9 @@ handle_containerd()
local force="${2:-}"
[ -z "$force" ] && die "need force value"
local enable_debug="${3:-}"
[ -z "$enable_debug" ] && die "no enable debug value"
local ret
if [ "$force" = "true" ]
@ -572,7 +652,7 @@ handle_containerd()
fi
fi
configure_containerd
configure_containerd "$enable_debug"
containerd --version
}
@ -617,20 +697,32 @@ handle_installation()
local only_kata="${3:-}"
[ -z "$only_kata" ] && die "no only Kata value"
local enable_debug="${4:-}"
[ -z "$enable_debug" ] && die "no enable debug value"
local disable_test="${5:-}"
[ -z "$disable_test" ] && die "no disable test value"
local only_run_test="${6:-}"
[ -z "$only_run_test" ] && die "no only run test value"
# These params can be blank
local kata_version="${4:-}"
local containerd_version="${5:-}"
local kata_version="${7:-}"
local containerd_version="${8:-}"
[ "$only_run_test" = "true" ] && test_installation && return 0
setup "$cleanup" "$force"
handle_kata "$kata_version"
handle_kata "$kata_version" "$enable_debug"
[ "$only_kata" = "false" ] && \
handle_containerd \
"$containerd_version" \
"$force"
"$force" \
"$enable_debug"
test_installation
[ "$disable_test" = "false" ] && test_installation
if [ "$only_kata" = "true" ]
then
@ -647,21 +739,27 @@ handle_args()
local cleanup="true"
local force="false"
local only_kata="false"
local disable_test="false"
local only_run_test="false"
local enable_debug="false"
local opt
local kata_version=""
local containerd_version=""
while getopts "c:fhk:or" opt "$@"
while getopts "c:dfhk:ortT" opt "$@"
do
case "$opt" in
c) containerd_version="$OPTARG" ;;
d) enable_debug="true" ;;
f) force="true" ;;
h) usage; exit 0 ;;
k) kata_version="$OPTARG" ;;
o) only_kata="true" ;;
r) cleanup="false" ;;
t) disable_test="true" ;;
T) only_run_test="true" ;;
esac
done
@ -674,6 +772,9 @@ handle_args()
"$cleanup" \
"$force" \
"$only_kata" \
"$enable_debug" \
"$disable_test" \
"$only_run_test" \
"$kata_version" \
"$containerd_version"
}

2
versions.yaml
View File

@ -153,7 +153,7 @@ assets:
kernel:
description: "Linux kernel optimised for virtual machines"
url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/"
version: "v5.15.23"
version: "v5.15.26"
tdx:
description: "Linux kernel that supports TDX"
url: "https://github.com/intel/tdx/archive/refs/tags"