diff --git a/docs/how-to/how-to-run-kata-containers-with-SE-VMs.md b/docs/how-to/how-to-run-kata-containers-with-SE-VMs.md index 799668f4f..41dcf8e35 100644 --- a/docs/how-to/how-to-run-kata-containers-with-SE-VMs.md +++ b/docs/how-to/how-to-run-kata-containers-with-SE-VMs.md @@ -224,10 +224,6 @@ $ diff ${runtime_config_path}.old ${runtime_config_path} < dial_timeout = 45 --- > dial_timeout = 90 -679c679 -< #service_offload = true ---- -> service_offload = true ``` ### Verification diff --git a/src/runtime-rs/config/configuration-qemu.toml.in b/src/runtime-rs/config/configuration-qemu.toml.in index 933960b82..12d0c7888 100644 --- a/src/runtime-rs/config/configuration-qemu.toml.in +++ b/src/runtime-rs/config/configuration-qemu.toml.in @@ -700,30 +700,3 @@ experimental=@DEFAULTEXPFEATURES@ # If enabled, user can run pprof tools with shim v2 process through kata-monitor. # (default: false) # enable_pprof = true - -# WARNING: All the options in the following section have not been implemented yet. -# This section was added as a placeholder. DO NOT USE IT! -[image] -# Container image service. -# -# Offload the CRI image management service to the Kata agent. -# (default: false) -#service_offload = true - -# Container image decryption keys provisioning. -# Applies only if service_offload is true. -# Keys can be provisioned locally (e.g. through a special command or -# a local file) or remotely (usually after the guest is remotely attested). -# The provision setting is a complete URL that lets the Kata agent decide -# which method to use in order to fetch the keys. -# -# Keys can be stored in a local file, in a measured and attested initrd: -#provision=data:///local/key/file -# -# Keys could be fetched through a special command or binary from the -# initrd (guest) image, e.g. a firmware call: -#provision=file:///path/to/bin/fetcher/in/guest -# -# Keys can be remotely provisioned. The Kata agent fetches them from e.g. -# a HTTPS URL: -#provision=https://my-key-broker.foo/tenant/ diff --git a/src/runtime/Makefile b/src/runtime/Makefile index b2386feea..c3847dc05 100644 --- a/src/runtime/Makefile +++ b/src/runtime/Makefile @@ -262,9 +262,6 @@ DEFSTATICRESOURCEMGMT_TEE = true DEFBINDMOUNTS := [] -# Image Service Offload -DEFSERVICEOFFLOAD ?= false - # Create Container Timeout in seconds DEFCREATECONTAINERTIMEOUT ?= 60 @@ -681,7 +678,6 @@ USER_VARS += DEFSTATICRESOURCEMGMT_FC USER_VARS += DEFSTATICRESOURCEMGMT_STRATOVIRT USER_VARS += DEFSTATICRESOURCEMGMT_TEE USER_VARS += DEFBINDMOUNTS -USER_VARS += DEFSERVICEOFFLOAD USER_VARS += DEFCREATECONTAINERTIMEOUT USER_VARS += DEFVFIOMODE USER_VARS += BUILDFLAGS diff --git a/src/runtime/config/configuration-clh.toml.in b/src/runtime/config/configuration-clh.toml.in index 7f037ad1d..b006d6fb6 100644 --- a/src/runtime/config/configuration-clh.toml.in +++ b/src/runtime/config/configuration-clh.toml.in @@ -456,30 +456,3 @@ experimental=@DEFAULTEXPFEATURES@ # (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout) and create_container_timeout. # In essence, the timeout used for guest pull=runtime-request-timeout diff --git a/src/runtime/config/configuration-qemu-nvidia-gpu.toml.in b/src/runtime/config/configuration-qemu-nvidia-gpu.toml.in index f20ba3d53..1fac77b34 100644 --- a/src/runtime/config/configuration-qemu-nvidia-gpu.toml.in +++ b/src/runtime/config/configuration-qemu-nvidia-gpu.toml.in @@ -687,30 +687,3 @@ experimental=@DEFAULTEXPFEATURES@ # (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout) and create_container_timeout. # In essence, the timeout used for guest pull=runtime-request-timeout diff --git a/src/runtime/config/configuration-qemu-se.toml.in b/src/runtime/config/configuration-qemu-se.toml.in index 35516f9b0..919391608 100644 --- a/src/runtime/config/configuration-qemu-se.toml.in +++ b/src/runtime/config/configuration-qemu-se.toml.in @@ -652,30 +652,3 @@ experimental=@DEFAULTEXPFEATURES@ # (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout) and create_container_timeout. # In essence, the timeout used for guest pull=runtime-request-timeout diff --git a/src/runtime/config/configuration-qemu-sev.toml.in b/src/runtime/config/configuration-qemu-sev.toml.in index 4b47ca1bb..91f5e100a 100644 --- a/src/runtime/config/configuration-qemu-sev.toml.in +++ b/src/runtime/config/configuration-qemu-sev.toml.in @@ -630,30 +630,3 @@ experimental=@DEFAULTEXPFEATURES@ # (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout) and create_container_timeout. # In essence, the timeout used for guest pull=runtime-request-timeout diff --git a/src/runtime/config/configuration-qemu-snp.toml.in b/src/runtime/config/configuration-qemu-snp.toml.in index 08b204691..38bec359d 100644 --- a/src/runtime/config/configuration-qemu-snp.toml.in +++ b/src/runtime/config/configuration-qemu-snp.toml.in @@ -670,30 +670,3 @@ experimental=@DEFAULTEXPFEATURES@ # (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout) and create_container_timeout. # In essence, the timeout used for guest pull=runtime-request-timeout diff --git a/src/runtime/config/configuration-qemu-tdx.toml.in b/src/runtime/config/configuration-qemu-tdx.toml.in index e41f6e63c..34b34eb55 100644 --- a/src/runtime/config/configuration-qemu-tdx.toml.in +++ b/src/runtime/config/configuration-qemu-tdx.toml.in @@ -666,30 +666,3 @@ experimental=@DEFAULTEXPFEATURES@ # (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout) and create_container_timeout. # In essence, the timeout used for guest pull=runtime-request-timeout diff --git a/src/runtime/config/configuration-qemu.toml.in b/src/runtime/config/configuration-qemu.toml.in index 134e7f6fd..e32473933 100644 --- a/src/runtime/config/configuration-qemu.toml.in +++ b/src/runtime/config/configuration-qemu.toml.in @@ -699,30 +699,3 @@ experimental=@DEFAULTEXPFEATURES@ # (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout) and create_container_timeout. # In essence, the timeout used for guest pull=runtime-request-timeout diff --git a/src/runtime/config/configuration-remote.toml.in b/src/runtime/config/configuration-remote.toml.in index 1fdf8e72c..786ed5821 100644 --- a/src/runtime/config/configuration-remote.toml.in +++ b/src/runtime/config/configuration-remote.toml.in @@ -296,31 +296,3 @@ experimental=@DEFAULTEXPFEATURES@ # (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout) and create_container_timeout. # In essence, the timeout used for guest pull=runtime-request-timeout diff --git a/src/runtime/pkg/katautils/config.go b/src/runtime/pkg/katautils/config.go index 997b83ed2..695002eaa 100644 --- a/src/runtime/pkg/katautils/config.go +++ b/src/runtime/pkg/katautils/config.go @@ -64,16 +64,10 @@ const ( type tomlConfig struct { Hypervisor map[string]hypervisor Agent map[string]agent - Image image Factory factory Runtime runtime } -type image struct { - Provision string `toml:"provision"` - ServiceOffload bool `toml:"service_offload"` -} - type factory struct { TemplatePath string `toml:"template_path"` VMCacheEndpoint string `toml:"vm_cache_endpoint"` diff --git a/tools/packaging/static-build/shim-v2/build.sh b/tools/packaging/static-build/shim-v2/build.sh index f37cb91f4..77303d0e7 100755 --- a/tools/packaging/static-build/shim-v2/build.sh +++ b/tools/packaging/static-build/shim-v2/build.sh @@ -26,7 +26,6 @@ EXTRA_OPTS="${EXTRA_OPTS:-""}" [ "${CROSS_BUILD}" == "true" ] && container_image_bk="${container_image}" && container_image="${container_image}-cross-build" if [ "${MEASURED_ROOTFS}" == "yes" ]; then - EXTRA_OPTS+=" DEFSERVICEOFFLOAD=true" info "Enable rootfs measurement config" root_hash_file="${repo_root_dir}/tools/osbuilder/root_hash.txt"