Introduce constants for the network model strings, so as to
avoid using the strings directly at multiple places.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Introduce a new mode that uses tc filters to redirect traffic from
the network interface created by the network plugin to a
tap interface that we connect to the VM.
This mode will help support ipvlan as well.
Fixes#144
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Move to golang version 1.10.4 -- the oldest stable golang release at the
time of writing -- since golang 1.10+ is needed to make namespace
handling safe.
Re-ordered a couple of structs (moved `sync.WaitGroup` fields) to keep
the `maligned` linter happy. Previously:
``
virtcontainers/pkg/mock/cc_proxy_mock.go:24:18⚠️ struct of size 160 could be 152 (maligned)
virtcontainers/monitor.go:15:14⚠️ struct of size 80 could be 72 (maligned)
```
See:
- https://github.com/golang/go/issues/20676
- 2595fe7fb6
Also bumped `languages.golang.meta.newest-version` to golang version
1.11, which is the newest stable release at the time of writing.
Fixes#148.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Updated `externals.cri-containerd.version` in `versions.yaml` to the
newest version that includes the fix for building on golang 1.10.2:
- 8b0d53c09c
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Instead of using ethtool for getting the driver for network
devices, use sysfs instead. This is because in case of virtio
devices, ethtool returns virtio-net instead of virtio-pci for
virtio network devices. We need to bind/unbind from virtio-pci
driver in case of virtio-net devices.
Fixes#612
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Refactor these functions so differernt types of endpoints can use a unified
function to hotplug nics.
Fixes#731
Signed-off-by: Ruidong Cao <caoruidong@huawei.com>
reflect.DeepEqual would return false when comparing nil map/slice with
empty map/slice. We would want to return success in such case, since it
is possible for upper layers to send these kind of configs.
Fixes: #844
Signed-off-by: Peng Tao <bergwolf@gmail.com>
The bundle path was documented as defaulting to the current directory
but was not being set to that value if not explicitly specified.
Also moved factory creation code to a new `handleFactory()` function to
avoid cyclomatic complexity issues.
Fixes#821.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
As we try to make sure we don't pull unneeded dependency when using
QEMU or NEMU as the hypervisor, and because SeaBIOS and OVMF firmware
already handle what's done by the default efi-virtio.rom binary, this
commit gets rid of this dependency by providing a default empty one.
Fixes#812
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
We have optionally handled it in kernel parameter in
genericArchKernelParamHandler but kata-check still forcely require it to
be present. Let's only require it when running on baremetal.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
We do not really require nested VT to run kata containers. Let's not
depend on it being there.
Fixes: #820
Signed-off-by: Peng Tao <bergwolf@gmail.com>
addResources is just a special case of updateResources. Combine the shared codes
so that we do not maintain the two pieces of identical code.
Signed-off-by: Clare Chen <clare.chenhui@huawei.com>
When create sandbox, we setup a sandbox of 2048M base memory, and
then hotplug memory that is needed for every new container. And
we change the unit of c.config.Resources.Mem from MiB to Byte in
order to prevent the 4095B < memory < 1MiB from being lost.
Depends-on:github.com/kata-containers/tests#813
Fixes#400
Signed-off-by: Clare Chen <clare.chenhui@huawei.com>
Signed-off-by: Zichang Lin <linzichang@huawei.com>
Explicitly check for "veth" intergace type while creating a
veth endpoint. Error out for unsupported network interfaces.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
As this really represents a veth pair rather than a generic
virtual interface, rename VirtualEndpoint to VethEndpoint.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Sort endpoints by name to control the order in which
they are passed to the VM as the interface name inside
the VM depends on the order in which it is passed.
Long term we should come up with a more robust approach.
Fixes#785
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Then we can remove the arbitrary sleep waiting for migration
completion when creating a tempalte vm.
Fixes: #728
Signed-off-by: Peng Tao <bergwolf@gmail.com>
The virt machine type provided by the NEMU project needs to be
supported the same way we support pc and q35 machine types.
First, this patch takes care of adding the hotpluggable block device
capability to this machine type, this way when using devicemapper, we
prevent the code from falling back on using 9pfs instead of SCSI.
It also add one or several bridges to this machine type, as the code
is tightly coupled to the fact that a bridge is required for PCI
hotplug.
At last, it changes the name of the PCI host bridge (main bus), to
use "pcie.0". The default set up from pc machine type "pci.0" is not
suitable for this machine type.
Fixes#804
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Add unit tests in network_test.go and qemu_arch_base_test.go
for macvlan and macvtap network endpoints.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
