As virtio v1.1 spec states:
The guest_cid configuration field MUST be fetched to determine the current CID when a VIRTIO_VSOCK_EVENT_TRANSPORT_RESET event is received.
Existing connections MUST be shut down when a VIRTIO_VSOCK_EVENT_TRANSPORT_RESET event is received.
Listen connections MUST remain operational with the current CID when a VIRTIO_VSOCK_EVENT_TRANSPORT_RESET event is received.
We should be able to use vm templating together with vsock easily, as
qemu already sends VIRTIO_VSOCK_EVENT_TRANSPORT_RESET event to guest.
Fixes: #1773
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
We need to add a few extra defaultQemuMachineOptions
for ppc64le for kata to work with qemu 4.0 version.
Fixes: #1771
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
Recent change to always build tools from the local repository if the
script is run in a CI environment fails during a release build as the
variable ${CI} is not initialized. This fix addresses that issue.
Fixes: #537
Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
- fc-toml: remove proxy section in config
- virtcontainers: support vm factory in QEMU 4
- docs: Fix spelling and formatting
- runtime: Enable file based backend
- runtime : delete redundant code in CreateContainer
- data/kata-collect-data: support kata containers snap
- shimv2: Improve shim shutdown logic
- Fix the issue that ctrl-c stop vmcache server will stop all containers that its VM is created by it
- virtcontainers: kill hypervisor if startSandbox fails
- data: Revert pull request #1405
- nemu: update nemu version
- versions: Update cri-containerd yaml
- shimv2: remove use containerd ns as netns
- fix the issue of hypervisor process is killed by kubelet
- ci: Build kata-runtime before running static checks
- virtcontainers: Set test qemu version for unit test
- shim v2: Close vhostfd after vm get vhostfd
- Add missing docs
- agent: fix agent debug console
- virtcontainers: Set correct Shmsize for ppc64le
- nemu-config: Add machine_type to config file
- katautils: don't mask systemd units
- Add virtiofsd log and fix qemu hang due to virtiofsd vq setup failure
- versions: Update golang to 1.11.10
- kata_proxy: Open a special goroutine do cmd.Wait
- versions: Update CRI-O version to 1.14.1
- network: delete IP addrs on bridge model to prevent ARP conflict
bbe5584 fc-toml: remove proxy section in config
b780c16 virtcontainers: support vm factory in QEMU 4
bdae295 runtime : delete redundant code in CreateContainer
1af68aa docs: Fix spelling and formatting
eabfd99 shimv2: Improve shim shutdown logic
a41894d runtime: Enable file based backend
722ac5a nemu-config: fix nemu for ci
590ed09 vendor: update gogo/protobuf, containerd and agent vendors
7bf6c67 cache: Call vm.Disconnect() when close vm
19115ef kata_proxy: Set Setsid to true when exec kata-proxy
82e51d4 data: Revert pull request #1405f301c95 shimv2: shutdown the sandbox when sandbox container exited
d6b3bff shimv2: remove use containerd ns as netns
0d535f5 shimv2: kill a container return directly once the container termianted
19288aa data/kata-collect-data: support kata containers snap
0d98e24 ci: Build kata-runtime before running static checks
5e1f5ca shimv2: fix the issue of passing the wrong container id
f7cc028 vc:Execute TestQemuPPC64leMemoryTopology depending on qemu version
7381cd5 agent: fix agent debug console
b203fdb versions: Update cri-containerd yaml
6be5e5f nemu-config: Add machine_type to config file
1789b65 virtcontainers: Set correct Shmsize for ppc64le
d66d855 katautils: don't mask systemd units
89e0dfa qemu: stop qemu process when virtiofsd quits
d0aae80 qemu: print virtiofsd logs when debug is on
c22b15d versions: Update golang to 1.11.10
f89834a virtcontainers: avoid unnecessary error checking in startVM
a27a3e7 virtcontainers: kill hypervisor if startSandbox fails
5d527d7 versions: Update CRI-O version to 1.14.1
071030b shimv2: Close vhostfd after vm get vhostfd
da2749c docs: Add missing docs
1563263 docs: Simplify link
bdb1047 network: delete IP addrs on bridge model to prevent ARP conflict
00d03c1 kata_proxy: Open a special goroutine do cmd.Wait
Signed-off-by: katacontainersbot <katacontainersbot@gmail.com>
- clear: Add util-linux-bin package to Clearlinux rootfs
- tmp: Do not remove tmp.mount unit file from the rootfs
- docs: Fix spelling and formatting
- image-builder: create /etc/machine-id
- rootfs-builder: fix chrony service
- rootfs: Don't hardcode alpine version for golang images
- image-builder/boot time: remove unneeded systemd units and files
adee8b0 clear: Add util-linux-bin package to Clearlinux rootfs
6f294f4 tmp: Do not remove tmp.mount unit file from the rootfs
1453471 docs: Fix spelling and formatting
a438d08 image-builder: create /etc/machine-id
456be67 rootfs-builder: fix chrony service
d8c5706 rootfs: Don't hardcode alpine version for golang images
02b3b3b image-builder: remove unneeded systemd units and files
Signed-off-by: katacontainersbot <katacontainersbot@gmail.com>
update yaml, and update README to describe creation of the CRD in
Kubernetes versions < 1.14.
Fixes: #560
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
When building locally (without Docker), the Go version installed on the
system, needed to build the agent, must satisfy the minimum Go version
requirement specified in runtime/versions.yaml.
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
Detect the Go version required to build the agent from the versions.yaml
file in the runtime repository.
Fixes: #291
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
proxy will never be use with the Firecracker VMM. Keeping this header
will result in runtime failures, since the configuration will be parsed
on the path searched for.
Since vsock will always be used, remove the proxy section.
Fixes: #1761
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Update the README explaining that Kata Containers are Linux-based and
run on Linux hosts.
Fixes: #1759.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Fixes: #1659
our testing found that the client does not open
stdin with O_WRONLY, so the shim v2 was blocked forever
in open stdin with O_RDONLY. It's better to make it
opened with O_NONBLOCK, and do not block starting process
of container. and the containerd runc shim has done this
by bc1ff514 as well.
Signed-off-by: Yang, Wei <w90p710@gmail.com>
Signed-off-by: Yang, Wei <wei.yang1@linux.alibaba.com>
This package contains mount command among several other commands.
Unlike other distros, this package is not auto-pulled with systemd.
Add this package explicitly.
Fixes#302
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
The runtime package is faling to build due to
compatiblity issues with gcc + golang because
the redhat version provided in OBS old.
Disable temporarily to allow release CI work.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Disable PAM authentication for QEMU 4+: it's a feature used together with VNC
access that's not used in Kata.
See QEMU commit 8953caf for more details on PAM auth.
Fixes: #550
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
Let's define agnostic commonkernelRootParams for all hypervisors,
including qemu, firecracker, etc. for now, it has two scenarios,
one for NVDIMM, one for virtio-blk.
Fixes: #1642
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Update pkgcloud pacakge to add Fedora 30 to the list of distros
supported by to Packagecloud.
Shortlog since last vendoring of github.com/mlafeldt/pkgcloud:
926cf4b Update list of distros (Add Fedora 30)
Fixes: #546
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
When specifying a "Depends: (= VERSION" match in deb packages, the full
"VERSION" needs to be specified, including the trailing release number.
This fixes a regression introduced in: 63413814Fixes: #531
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
Correct typos and resolve formatting issues including incorrect heading
levels and missing TOC entries.
Fixes: #541.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Editing systemd unit files to customize Docker for Kata may generate conflicts
with what's specified in /etc/sysconfig/docker, so use that file directly.
Also, libcgroup1 dependency is wrong for newer distros, and should be
pulled automatically for older ones.
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
normal users might not have the correct permissions to run
docker without sudo.
In addition, as docker will run with sudo, fix permissions
on the qemu and nemu files.
Fixes: #544.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
