runtime-rs: Add cdh_api_timeout_ms configuration parameter

Add the cdh_api_timeout_ms parameter to runtime-rs. Note the go runtime
has cdh_api_timeout is seconds, but the suggestions was to move everything
to ms. This parameter controls the timeout for Confidential Data
Hub API timeout in the agent.

Changes:
- Add cdh_api_timeout_ms field to Agent config struct in kata-types
  - Defaults to 50,000 milliseconds internally
- Add cdh_api_timeout to confidential computing configuration files:
  - configuration-qemu-coco-dev-runtime-rs.toml.in
  - configuration-qemu-se-runtime-rs.toml.in
  - configuration-qemu-snp-runtime-rs.toml.in
  - configuration-qemu-tdx-runtime-rs.toml.in

The parameter is only added to confidential computing configurations
where the Confidential Data Hub is used.

Assisted-by: IBM Bob
Signed-off-by: stevenhorsman <steven@uk.ibm.com>
This commit is contained in:
stevenhorsman
2026-04-27 16:40:59 +01:00
parent ea5755572c
commit 6237a43a8d
6 changed files with 32 additions and 7 deletions

View File

@@ -113,6 +113,10 @@ pub struct Agent {
#[serde(default = "default_reconnect_timeout")]
pub reconnect_timeout_ms: u32,
/// Confidential Data Hub API timeout value in milliseconds
#[serde(default = "default_cdh_api_timeout_ms")]
pub cdh_api_timeout_ms: u32,
/// Agent request timeout value in millisecond
/// This timeout value is used to set the maximum duration for the agent to process a CreateContainerRequest.
/// It's also used to ensure that workloads, especially those involving large image pulls within the guest,
@@ -180,9 +184,10 @@ impl std::default::Default for Agent {
log_port: DEFAULT_AGENT_LOG_PORT,
passfd_listener_port: DEFAULT_PASSFD_LISTENER_PORT,
dial_timeout_ms: DEFAULT_AGENT_DIAL_TIMEOUT_MS,
reconnect_timeout_ms: 3_000,
request_timeout_ms: 30_000,
health_check_request_timeout_ms: 90_000,
reconnect_timeout_ms: default_reconnect_timeout(),
cdh_api_timeout_ms: default_cdh_api_timeout_ms(),
request_timeout_ms: default_request_timeout(),
health_check_request_timeout_ms: default_health_check_timeout(),
kernel_modules: Default::default(),
container_pipe_size: 0,
launch_process_timeout: 0,
@@ -218,6 +223,11 @@ fn default_reconnect_timeout() -> u32 {
3_000
}
fn default_cdh_api_timeout_ms() -> u32 {
// ms
50_000
}
fn default_request_timeout() -> u32 {
// ms
30_000

View File

@@ -574,6 +574,10 @@ launch_process_timeout = 6
# Defaults to @DEFCREATECONTAINERTIMEOUT_COCO@ second(s)
create_container_timeout = @DEFCREATECONTAINERTIMEOUT_COCO@
# Confidential Data Hub API timeout value in milliseconds
# (default: 50000)
cdh_api_timeout_ms = 50000
[agent.@PROJECT_TYPE@.mem_agent]
# Control the mem-agent function enable or disable.
# Default to false

View File

@@ -551,6 +551,10 @@ launch_process_timeout = 6
# Defaults to @DEFCREATECONTAINERTIMEOUT@ second(s)
create_container_timeout = @DEFCREATECONTAINERTIMEOUT@
# Confidential Data Hub API timeout value in milliseconds
# (default: 50000)
cdh_api_timeout_ms = 50000
[runtime]
# If enabled, the runtime will log additional debug messages to the
# system log

View File

@@ -593,6 +593,10 @@ launch_process_timeout = 6
# Defaults to @DEFCREATECONTAINERTIMEOUT_COCO@ second(s)
create_container_timeout = @DEFCREATECONTAINERTIMEOUT_COCO@
# Confidential Data Hub API timeout value in milliseconds
# (default: 50000)
cdh_api_timeout_ms = 50000
[runtime]
# If enabled, the runtime will log additional debug messages to the
# system log

View File

@@ -569,6 +569,10 @@ launch_process_timeout = 6
# Defaults to @DEFCREATECONTAINERTIMEOUT_COCO@ second(s)
create_container_timeout = @DEFCREATECONTAINERTIMEOUT_COCO@
# Confidential Data Hub API timeout value in milliseconds
# (default: 50000)
cdh_api_timeout_ms = 50000
[runtime]
# If enabled, the runtime will log additional debug messages to the
# system log
@@ -702,4 +706,3 @@ enable_pprof = false
# to the hypervisor.
# (default: /run/kata-containers/dans)
dan_conf = "@DEFDANCONF@"

View File

@@ -314,9 +314,9 @@ debug_console_enabled = false
# (default: 45000)
dial_timeout_ms = 45000
# Confidential Data Hub API timeout value in seconds
# (default: 50)
cdh_api_timeout = 50
# Confidential Data Hub API timeout value in milliseconds
# (default: 50000)
cdh_api_timeout_ms = 50000
# Create Container Request Timeout
# This timeout value is used to set the maximum duration for the agent to process a CreateContainerRequest.