Arm CI failed on the following error:
Gopkg.lock is out of sync:
github.com/opencontainers/runc/libcontainer/system:
imported or required, but missing from Gopkg.lock's input-imports.
Fixes: #2434
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Recently, ARM CI frequently failed on the following golint error:
Error: pkg/rootless/rootless.go:57:2: comment on exported var
`IsRootless` should be of the form `IsRootless ...` (golint)
Fixes: #2434
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Since the codes in logging.rs is weakly related to the project,
separating it from the project will reduce coupling and make it reusable.
Fixes: #131
Signed-off-by: Tim Zhang <tim@hyper.sh>
The error raised by toGrpc() mentions Firecracker instead of
mockHypervisor, which is incorrect; the fromGrpc() functions
right above it gets this right.
Fixes: #2424
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Do not ignore ipv6 addresses and routes. These are now processed
along with ipv4 addresses/routes. Add unit tests to verify ipv6.
Fixes#147
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
libcontainer already has an API to detect if the runtime is running rootless.
Use libcontainer API instead of reinventing the wheel.
fixes#2415
Signed-off-by: Julio Montes <julio.montes@intel.com>
Since we don't know how many CPUs can have the host, we should
use the maximum number of CPUs supported by KVM (240).
255 is the maximum number of CPUs supported in the kernel, but the
maximmum number of CPUs recommended by KVM is 240, if more than 240
CPUs are used, next error will be returned by QEMU
```
Number of hotpluggable cpus requested (255) exceeds the
recommended cpus supported by KVM (240)
```
fixes#922fixeskata-containers/runtime#2413
Signed-off-by: Julio Montes <julio.montes@intel.com>
Update agent client to improve CI stability.
Changes:
660e61f Revert: client.go: HybridVSockDialer: Change Read EOT to recv peek
6cfb75d Revert: client.go: HybridVSockDialer: Check return size n of unix.Recvfrom
54eb918 Revert: client.go: HybridVSockDialer: Close dup fd after receive packet
2f49115 agent: Fix mem-hotplug on x86 when ARCH_MEMORY_PROBE is set
Fixes: #2397
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Although CONFIG_IPV6 is enabled, this additional config is
needed so that multiple route tables are used for ipv6.
Without this, the kernel adds routes for "fe80::/64"
with proto kernel in the main table instead of the
local routing table.
This makes the behaviour similar to regular containers.
Fixes#920
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
This commit adds qemu virtio-mem support.
Then qemu can use virtio-mem support memory resize.
To enable this function, need the Linux and the qemu that support
virtio-mem.
Use command "echo 1 > /proc/sys/vm/overcommit_memory" to enable memory
overcommitment of the Linux kernel. Because qemu virtio-mem device need
to allocate a lot of memory.
Set "enable_virtio_mem" of kata configuration to true.
Fixes: #2406
Signed-off-by: Hui Zhu <teawater@antfin.com>
The sandbox cgroup will be constrained if there is no container
type annotation, otherwise kata will rely on container engine's cgroup
configuration
Depends-on: github.com/kata-containers/tests#2255
fixes#2408
Signed-off-by: Julio Montes <julio.montes@intel.com>
These instructions cover how to install and setup SPDK
vhost-user target, construct a vhost-user-blk device based
memory, configure the vhost-user-blk device to be available
for kata container, and run kata container with SPDK
vhost-user-blk device via docker.
Fixes: #586
Signed-off-by: Liu Xiaodong <xiaodong.liu@intel.com>
Add DOCKER_RUNTIME variable to change container runtime depending on the
CI/environment.
fixes#397
Signed-off-by: Julio Montes <julio.montes@intel.com>
In Container#mountSharedDirMounts, if sandbox.storeSandboxDevices() returns error, we should detach the device.
Fixes#2301
Signed-off-by: Ted Yu yuzhihong@gmail.com
It should restore to it's previous cwd after it
create container in which it would change it's
cwd to container's bundle path.
Fixes: #126
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
To check is the oci spec passed in, other wise,
it would crash the agent unwrap it directly.
Fixes: #124
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
Leaving nsdax behind may create some isses for the distro packages
of kata-osbuilder, as every package would have to take care of purging
the file on each distro.
Knowing that, we better remove the file as part of the script, mainly
because the file is already regenerated everytime in any case.
Fixes: #394
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
ioutil.TempFile creates a new temporary file in the directory dir.
It is the caller's responsibility to remove the file
when no longer needed.
Fixes: #2398
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Normally, ioutil.TempDir will create a new temporary
dir under /tmp.
And we should do cleaning up after ioutil.TempDir().
Fixes: #2398
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
os.Exit will skip all deferred instructions.
So we should reconstruct TestMain to leave all setup-related
code in setup(), and all cleanup-related code in shutdown().
Fixes: #2398
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
