`getfd` receives a file descriptor via SCM rights and assign it a name,
this command is useful to send file descriptors from the host, and then
hot plug devices that needs file descriptors like vhost-vsock-pci devices.
Signed-off-by: Julio Montes <julio.montes@intel.com>
`vhostfd` is used to specify the vhost-vsock device fd, and it holds
the context ID previously opened.
`disable-modern` is to disable the use of "modern" devices, by using virtio 0.9
instead of virtio 1.0. Particularly, this is useful when running the VM in a
nested environment.
Signed-off-by: Julio Montes <julio.montes@intel.com>
To use the filepath.Join() instead of the simple
string append method to form the file path, otherwise
it will lose the "/" between the two parts.
Fixes#543.
Signed-off-by: Fupan Li <lifupan@gmail.com>
To include ReseedRandomDev grpc.
Full commits:
e398fd4 agent: add ReseedRandomDev rpc
8a51909 codecov: remove codecov.yml
Signed-off-by: Peng Tao <bergwolf@gmail.com>
libcontainer limits the memory+swap usage by writing the limit at
/sys/fs/cgroup/memory/docker/$CONTID/memory.memsw.limit_in_bytes, this path
doesn't exist if CONFIG_MEMCG_SWAP and CONFIG_MEMCG_SWAP_ENABLED are not
enabled.
fixes#103
Signed-off-by: Julio Montes <julio.montes@intel.com>
Post Fix#111, the kernel config name is
expected is to be prefixed with powerpc instead
of ppc64le. Just rename the file to suit the scripts.
Fixes: #113
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
Remove the `initcall_debug` boot option from the kernel command-line as
we don't need it any more and it generates a ton of boot messages that
may well be impacting performance.
Fixes#526.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
And do not append sandbox id to kernel arguments since that
would fail qemu args comparison in vm factory.
Fixes: #523
Signed-off-by: Peng Tao <bergwolf@gmail.com>
To include SandboxId in CreateSandboxRequest.
Included commits:
745fa71 (origin/pr/309) agent: set sandbox id log field in CreateSandbox
a3321f4 (origin/pr/304) vendor: Revendor netlink to fix PID 1 segfault
a9ade15 (origin/pr/293) agent: Add sandbox level reference counter for sandbox storage
5f89c07 (origin/pr/263) yamux: disable yamux keep alive in server channel
815f831 (origin/pr/303) agent: do not quit on grpc serve errors
8abefd1 (origin/pr/301) protocols/client: close yamux session when closing the stream
67643cf (origin/pr/297) agent: Fix CPU tests for both initrd and rootfs image
cf8d3c8 (origin/pr/295) agent: disable yamux keep alive
ed656df (origin/pr/284) grpc: Ignore WriteStdin after the standard input has been closed
1a52204 grpc: Don't close the terminal on CloseStdin() call
04457e3 (origin/pr/292) logging: Add sandbox field
ba2a32a (origin/pr/286) create: Reduce cyclomatic complexity of CreateContainer
bce5f78 (origin/pr/289) logging: Redirect yamux warnings/errors to logger
23311ea namespace: Add check to make sure PID namespace is not received
7fe2eba (origin/pr/273) release: Kata Containers 1.1.0
4ef4971 (origin/pr/277) travis: Enable travis ci for ppc64le
57bf4e6 (origin/pr/279) namespace: do not create path using rand.
a589bdb (origin/pr/275) CI: update static-checks.sh in travis.yml
1372df2 (origin/pr/271) logging: Fix handling of non-string fields when PID 1
4018add (origin/pr/269) agent: honour CPU constraints when agent is the init process
1cff660 (origin/pr/268) mount: Remove redundant mkdir
cc74b5d (origin/pr/266) network: Setup localhost when running as init
dc06ec7 network: Add extra sanity checks
b580ae7 network: Check all function parameters
ee106e9 main: Exit(1) on error
5bf3909 network: Reduce cyclomatic complexity
cdf9bce namespace: Simplify code
0d7f36f (origin/pr/260) agent: update container cpuset cgroup parents
4cf1809 (origin/pr/258) agent: update container cpuset cgroup before setting the new configuration
d70e5bb agent: don't modify container's config
a30395a (origin/pr/253) grpc: signal frozen containers
Signed-off-by: Peng Tao <bergwolf@gmail.com>
When the hypervisor option `use_vsock` is true the runtime will check for vsock
support. If vsock is supported, not proxy will be used and the shims
will connect to the VM using VSOCKS. This flag is true by default, so will use
VSOCK when possible and no proxy will be started.
fixes#383
Signed-off-by: Jose Carlos Venegas Munoz jose.carlos.venegas.munoz@intel.com
Signed-off-by: Julio Montes <julio.montes@intel.com>
When tmp_dir is not set and lib.sh is sourced
could lead to fail.
Fix: #116
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
parseVSOCKAddr function is no more needed since now agent config
contains a field to identify if vsocks should be used or not.
Signed-off-by: Julio Montes <julio.montes@intel.com>
`appendVSockPCI` function can be used to cold plug vocks, vhost file descriptor
holds the context ID and it's inherit by QEMU process, ID must be unique and
disable-modern prevents qemu from relying on fast MMIO.
Signed-off-by: Julio Montes <julio.montes@intel.com>
add extra field in KataAgentConfig structure to specify if the
kata agent have to use a vsock instead of serial port.
Signed-off-by: Julio Montes <julio.montes@intel.com>
In order to see what proxy was started or not, we should log
its type and the URL
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Signed-off-by: Julio Montes <julio.montes@intel.com>
Add `use_vsock` option to enable or disable the use of vsocks
for communication between host and guest.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Signed-off-by: Julio Montes <julio.montes@intel.com>
We already save the URL used to connect to the agent in the `state.URL` this
variable is the used to connect the shim to agnet independently the socket type
(VSOCK or serial)
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
FindContextID generates a random number between 3 and max uint32
and uses it as context ID.
Using ioctl findContextID checks if the context ID is free, if
the context ID is being used by other process, this function
iterates from over all valid context IDs until one is available.
`/dev/vhost-vsock` is used to check what context IDs are free,
we need it to ensure we are using a unique context ID to
create the vsocks.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Implement function to check if the system has support for vsocks.
This function looks for vsock and vhost-vsock devices returning
true if those exist, otherwise false.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Signed-off-by: Julio Montes <julio.montes@intel.com>
add vhostfd and disable-modern to vhost-vsock-pci
shortlog:
3830b44 qemu: add vhostfd and disable-modern to vhost-vsock-pci
f700a97 qemu/qmp: implement function to hotplug vsock-pci
Signed-off-by: Julio Montes <julio.montes@intel.com>
Run new script in arm server to build kernel, then find a minor
typo. An extra "/" in the end of default_kernel_config_dir will
cause error:
ERROR: failed to find default config
../src/github.com/kata-containers/packaging/kernel/configs//aarch64_kata_kvm_4.14.x
Signed-off-by: Wei Chen <wei.chen@arm.com>
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
As we had dicussed in issue#140:
https://github.com/kata-containers/documentation/issues/140
We have normalized output for x86_64, arm64 and ppc64. And
James had implemented a kata-arch.sh in tests/.ci :
https://github.com/kata-containers/tests/blob/master/.ci/kata-arch.sh
But in build-kernel.sh the setup-kernel function had used the
"uname -m" output as target-arch directly, this will cause the
following scripts can't find kernel config files.
Fixed#111
Signed-off-by: Wei Chen <wei.chen@arm.com>
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
So that if there is any remaining state, we do not let it interfere
with the new one. This should fix the occasional vm factory hang.
Fixes: #535
Signed-off-by: Peng Tao <bergwolf@gmail.com>
