- kata-monitor: add index page
- clh: Refine the usage of guest console and kernel parameters with Cloud Hypervisor
- agent: exec should inherit container process capabilities
- GitHubActions: fix invalid format of require-pr-porting-labels.yaml
- agent: flush root span before process finish
- Extend PCI submodules to represent non-zero functions and addresses
- packaging/kernel: Add CONFIG_PCI_MMCONFIG to x86 guest kernel configuration
- runtime: don't start shim management server in tests
- qemu: use GitLab repos instead of qemu.org
- runtime: optimize code for managing temp users for rootless mode
- Agent configuration file and API restriction
- Delete file virtcontainers-setup.sh
- vendor: Update containerd to v1.5.7
- runtime: Optimize func noNeedForOutput and add test cases
- runtime: Fix !x86 static checks
- #2676: fixing centos gpg key url for ppc64le
- Pass the host route IP family to the guest
- cmd: get return value for setCPUtype
- packaging: Configure QEMU with --enable-pie
- clh: Enable guest userland output
- cmd: Fix mismatched types in testModuleData
- runtime: update .gitignore to ignore monitor_address file
- runtime: fix the make check-go-static command error
- virtcontainers: clean up useless code
- Remove forced PCI rescans from agent
- kernel: Enable SGX in experimental kernel.
- runtime: fix nil reference in cleanup rootless user
- qemu: prepare to upgrade qemu version to 6.1.0 for arm
- kata-monitor (minor) improvements
- virtcontainers: Fix incorrect scripts path
- runtime: clear virtcontainers cgroup duplicated function
- Kata monitor: cache improvements
- virtiofs: fix error report in TestVirtiofsdStart when go test running
176dee6f agent: exec should inherit container process capabilities
7b2bfd4e virtcontainers: clh: Use 'quiet' as the default kernel parameter
3e24e46c virtcontainers: clh: Turn-off serial and virtio-console by default
2d7b65e8 agent: flush root span before process finish
5c77cc2c runtime: don't start shim management server in tests
72044180 agent/device: Return PCI address from wait_for_pci_device()
e50b05d9 agent/pci: Add type to represent PCI addresses
8528157b agent/pci: Extend Slot type to represent PCI function as well
bf8f582c runtime: optimize code for managing temp users for rootless mode
a9c2a4ba GitHubActions: fix invalid format of require-pr-porting-labels.yaml
c4236cb2 packaging/kernel: Add CONFIG_PCI_MMCONFIG to x86 guest kernel configuration
08360c98 agent: Add an agent configutation file example
8a4e69d2 agent: rpc: Return UNIMPLEMENTED for not allowed endpoints
0ea2e3af agent: config: Allow for building the configuration from a file
63539dc9 agent: config: Add allowed endpoints
a953fea3 agent: config: Simplify configuration creation
b888edc2 agent: config: Implement Default
7eac2ec7 protection: add confidential compute frame for arm
8acfc154 check: fix typecheck failure in qemu_arm64_test.go
5b02d54e virtcontainers: fix lint failure on ppc64le
ff9728f0 virtcontainers: nolint guestProtection
5c138c8f runtime: Fix field alignment on s390x
191d0016 vendor: Update containerd to v1.5.7
f7f6bd01 kata-monitor: add index page
a44cde7e agent: netlink: Use the grpc IP family field when updating the route
71ce6cfe runtime: Pass the route IP family to the agent
99450bd1 agent: protos: Add a Family field to the Route payload
f85fe702 runtime: vendor: Bump the netlink package dependency
e439cec7 cmd: fix field alignment on ppc64le
e5159ea7 cmd: get return value for setCPUtype
2ce8d426 clh: Suppress hypervisor output to make guest output visible
cd1064b1 packaging: Configure QEMU with --enable-pie
762922a5 runtime: delete func ConstraintsToVCPUs
4f485430 runtime: delete virtcontainers-setup.sh
80f6b977 osbuilder: fixing centos gpg key url for ppc64le
bb99bfb4 runtime: fix the make check-go-static command error
870771d7 runtime: update .gitignore to ignore monitor_address file
18bff584 runtime: Optimize func noNeedForOutput and add test cases
e5fe53f0 runtime: fix nil reference in cleanup rootless user
2304a596 runtime: set the sandbox storage path static
315295e0 runtime: rename GetSanboxesStoragePath() --> GetSandboxesStoragePath()
13e65f2e cmd: Fix mismatched types in testModuleData
da42cbc0 actions: Build experimental kernel on kata-deploy push action
dffc5092 kernel: Enable SGX in experimental kernel.
ff6a677d kernel-build: Enable multiple config types.
90046964 experimental-kernel: bump 5.13.10
1fbb7304 build: kata-deploy kernel experimental
907459c1 agent/device: Don't force PCI rescans
75f426dd agent: Simplify do_add_swap()
aad1a873 runtime/device: Give the agent information about VFIO devices
ebd7b618 runtime: Don't repeat GetDeviceByID between appendDevices() and append*()
ad45c52f runtime/device: Record guest PCI path for VFIO devices
5c2af3e3 runtime/device: Refactor hotplugVFIODevice() to have common exit path
8bc71105 agent/device: Add device type for VFIO devices
f7a27075 agent: Move driver type constants into device.rs
5b1eb08b agent/uevent: Improve logging of wait_for_uevent()
cf36fd87 runtime: Fix some leftover go fmt errors
6d94957a kernel: reduce alignment size of memory hotplug to 128M
48090f62 qemu: disable plug on arm64 when pie is added
57e3712d virtiofs: fix error report in TestVirtiofsdStart when go test running
8b0bc1f4 kata-monitor: bump version to 0.2.0
bfb556d5 kata-monitor: refresh kata sandbox list on fs events
0e854f3b kata-monitor: improve detection of kata workloads
80463b44 qemu: use GitLab repos instead of qemu.org
3b0c4bf9 runtime: clear virtcontainers cgroup duplicated function
afad910d kata-monitor: add getSandboxFS()
e38686f7 runtime: add GetSandboxesStoragePath()
245a12bb kata-monitor: improve sandbox caching
fc067d61 kata-monitor: warn when unable to retrive the lower level runtime
53ec4df9 kata-monitor: minor fixes
47516988 virtcontainers: Fix incorrect scripts path
814cea96 virtcontainers: clean up useless code
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
- virtiofs: Create shared directory with 0700 mode, not 0750
- watcher: ensure we create target mount point for storage
- packaging: fix qemu build on ppc64le
- runtime: tracing: Use root context to stop tracing
- Replace SHPC with ACPI PCI hotplug for Kata guests
- kata-deploy: Also provide "stable" & "latest" tags
- runtime: tracing: Fix logger passed in newContainer
- virtcontainers: update VC SandboxConfig API add SandboxBindMounts field
- sandbox: Allow the device to be accessed,such as /dev/null and /dev/u…
- qemu: add v5.1.0 dir under tag_patches
- threat-model: Add missing threat-model document
- docs: documentation for running non-root VMM
- workflows,release: Upload the vendored cargo code
- runtime: run the QEMU VMM process with a non-root user
- runtime: update .gitignore file cleare the vc shim config
- runtime: fix empty cgroup path validation error
- ci: Call agent shutdown test only in the correspondent CI_JOB
- runtime: Remove outdated TestStoreContainer
- runtime: refactor commandline code directory
- virtcontainers: update VC HypervisorConfig API add three lost fields
- virtcontainers: add unit tests for container.go
- runtime: clh: Enable hugepages support
- agent: Simplify mount point creation
- versions: Allow newer Rust versions
- runtime/qemu: Move from query-cpus to query-cpus-fast
- Update Kata to use qemu-6.1
- Host cgroups improvements and simplifications
- Add doc for guest swap
- versions: Upgrade to Cloud Hypervisor v18.0
- runtime: Fix README link
- qemu: remove default config for arm64.
- sandbox: Add device permissions such as /dev/null to cgroup
- virtcontainers: fc: parse vcpuID correctly
- kata-tarball: Build and test fixes
- test: enable running tests under root user
- osbuilder: Change to "=" operator to make script more portable
- makefile: Fix error exit status code
- osbuilder: fix inconsistent calculation of fs size
- virtcontainers: Remove NewStoreFeature
- snap: Test variable instead of executing "branch"
- license: drop redundent license files
- Fix swap fail insert fail issue
272771dc watcher: ensure we create target mount point for storage
439e5ac3 packaging: fix qemu build on ppc64le
8bbcb06a qemu: Disable SHPC hotplug
cc4983ee runtime: Remove unused qemuArchBase.appendBridges definition
e248de46 vendor: Update govmm
0ca8c272 qemu: add v5.1.0 dir under tag_patches
3bdcfaa6 kata-deploy: Add more info about the stable tag
41c590fa kata-deploy: Improve README
debf3c9f kata-deploy: Remove qemu-virtiofs runtime class
43a72d76 release: update the kata-deploy yaml files accordingly
ea9b2f9c kata-deploy: Add "stable" info to the README
e5411056 kata-deploy: Update the README
9acf4e5d kata-deploy: Add `stable` yaml files
a86babe0 kata-deploy: Point to the `latest` release
a156288c workflows: Add "stable" & "latest" tags to kata-deploy
305afc8b docs: documentation for running non-root VMM
1fe080fd threat-model: Add missing threat-model document
21c85116 workflows,release: Upload the vendored cargo code
9a6d56f1 runtime: fix empty cgroup path validation error
90e63887 ci: Call agent shutdown test only in the correspondent CI_JOB
48fb1d92 virtiofs: Create shared directory with 0700 mode, not 0750
077b77c1 runtime: tracing: Fix logger passed in newContainer
39cd05e0 runtime: tracing: Use root context to stop tracing
1cfe5930 runtime: Run QEMU using a non-root user/group
fd983738 runtime: update .gitignore file cleare the vc shim config
067c44d0 runtime: fix UT build failure
9353cd77 runtime: Remove outdated TestStoreContainer
9a311a2b docs: fix invalid kernel dax doc url
e7c42fbc runtime: unify generated config
4f7cc186 runtime: refactor commandline code directory
9d3cd984 agent/mount: Remove unused ensure_destination_exists()
64aa5623 agent: Correct mount point creation
08d7aebc agent/mount: Split out regular file case from ensure_destination_exists()
9fa3beff agent: Remove unnecessary BareMount structure
49282854 agent: Simplify BareMount::mount by using nix::mount::mount
d00decc9 runtime: clh: Enable hugepages support
64bb803f runtime/qemu: Move from query-cpus to query-cpus-fast
25ac3524 versions: Allow newer Rust versions
851d5f86 tests: Correct heading in static checks test
4b7e4a4c runtime: Vendoring update
8d9d6e6a docs: Host cgroups documentation update
9bed2ade virtcontainers: Convert to the new cgroups package API
b42ed393 virtcontainers: cgroups: Add a containerd API based cgroups package
f17752b0 virtcontainers: container: Do not create and manage container host cgroups
dc7e9bce virtcontainers: sandbox: Host cgroups partitioning
f811026c virtcontainers: Unconditionally create the sandbox cgroup manager
a6066404 virtcontainers: update VC HypervisorConfig API add three lost fields
bb18cd47 virtcontainers: update VC SandboxConfig API add SandboxBindMounts field
58e77a3c sandbox: Allow the device to be accessed,such as /dev/null and /dev/urandom
d67a414b src/runtime/README.md: Fix URL of Licence
13b8bb0c runtime: Fix README link
25670d30 packaging/qemu: Update qemu-exerimental version to v6.1.0
041a513f versions: Update qemu to v6.1.0
62baa48e virtcontainers: fc: parse vcpuID correctly
81de2d47 packaging: Correct error message in apply_patches.sh
f785ff0b virtcontainers: clh: Revert the workaround incorrect default values
0e0e59dc virtcontainers: clh: Re-generate the client code
f0b53314 versions: Upgrade to Cloud Hypervisor v18.0
11652136 actions: test make kata-tarball
626d659f actions: kata-deploy on PRs and use makefile
78d99f51 kata-deploy: Make verbose single builds
59486b85 kata-deploy: Add tarball suffix to makefile targets
96e1246b makefile: Include kata-deploy targets
74d645cd how-to: Add how-to-setup-swap-devices-in-guest-kernel.md
d865c809 virtcontainers: add unit tests for container.go
71f915c6 sandbox: Add device permissions such as /dev/null to cgroup
2174fee4 docs: Add swap annotations introduction
2abc450a test: enable running tests under root user
924a68d0 osbuilder: Change to "=" operator to make script more portable
1fff9be7 qemu: remove default config for arm64.
e2a9e78c virtcontainers: Remove NewStoreFeature
bfcee911 osbuilder: fix inconsistent calculation of fs size
4996f9b7 snap: Test variable instead of executing "branch"
256c3b27 license: drop redundent license files
bcc9fa3b hotplugAddBlockDevice: Use ExecuteBlockdevAddWithDriverCache with swap
bd85da04 vendor: Update vendor/github.com/kata-containers/govmm
d422789f makefile: Fix error exit status code
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
- tracing: Change runtime tracing tags to vars
- shimv2: add logging to shimv2 api calls
- drop qemu-lite support
- runtime: delete types or const that no longer needed
- runtime: Optimize the way slice created
- virtcontainers: simplify tests
- virtcontainers: clh: Upgrade to the openapi-generator v5.2.1
- build_image: Fix error soft link about initrd.img
- ci: Temporarily skip agent shutdown test on s390x
- Fix version parsing for firecracker version 0.25 and over
- Osbuilder fixes
- docs: update the GoDoc url from runtime project to kata-containers/sr…
- docs: update `how-to` README file for Firecracker config
- ci/openshift-ci: Pull centos from registry.centos.org
- docs: update containerd CRI plugin url
2250360b docs: remove mentioning of qemu-lite
a9de761d runtime: drop qemu-lite support
8ae3edbc runtime: fix default hypervisor path
0c7789fa runtime: Add container field to logs
72e3538e shimv2: add information to method comment
8dadca9c shimv2: add logging to shimv2 api calls
a99fcc3a virtcontainers: simplify tests
39ffd8ee runtime: delete types or const that no longer needed
ff37f5c7 runtime: Optimize the way slice created
8f0f949a tracing: Move dynamically added attributes to Trace()
932ee41b virtcontainers: clh: Workaround incorrect default values
bff38e4f virtcontainers: clh: Fix the unit test
d967d3cb virtcontainers: clh: Use constructors to ensure proper default value
87de26bd tracing: Modify Trace() to accept multiple tag maps
8058e972 tracing: Change runtime tracing tags to vars
a6a2e525 virtcontainers: clh: Migrate to use the updated client APIs
9de1129b osbuilder: Fix rootfs-builder when running in VMs
65a1e131 osbuilder: Allow running the tool several times
a4214738 osbuilder: Fix Makefile
b8717f35 ci: Temporarily skip agent shutdown test on s390x
938981be build_image: Fix error soft link about initrd.img
2304f935 docs: update the GoDoc url from kata 1.x to 2.x
2a614577 docs: update `how-to` README file for Firecracker config
486baba7 docs: update containerd CRI plugin url
46eb07e1 virtcontainers: clh: Re-generate the client code
80fba4d6 virtcontainers: clh: Upgrade to the openapi-generator v5.2.1
8594f80c ci/openshift-ci: Pull centos from registry.centos.org
87bbae1b fc: fix version parsing for fc >= 0.25
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
- use CRI in kata-monitor
- config: Enable jailer by default when using firecracker
- workflows: Actually push the release to quay.io
- docs: update general wording for installation documentation
- Cleanup kernel packaging
- tracing: Return context in runHooks() span creation
- osbuilder: Document no Alpine support on s390x
- osbuilder: Upgrade Ubuntu guest to 20.04
- agent: watcher / inotify stability fixes
- enable snap build for arm64
- agent: Fix cargo 1.54 clippy warning
- osbuilder: Drop Go agent support
- kernel: PTP_KVM support for arm/arm64 in Kata
- docs: update the docs project url from kata 1.x to 2.x
- clh: correct cloud-hypervisor installation on non-x86
- virtcontainers: fc: properly remove jailed block device
- CI: Call agent shutdown test
- kata deploy: always update the base image
- docs: Remove kata-proxy and invalid script reference
- workflows: Actually login to quay.io
- kata-deploy: Update our content to use / point to quay.io/kata-containers rather than katadocker
- agent: Create the process CWD when it does not exist
- Update Kata to allow it to use Qemu 6.1
- osbuilder/dracut: Add missing libraries
- osbuilder: pass env OS_VERSION
- tools: shorten directory path
- virtcontainers: clh: Do not use the default HTTP client
- docs: update kata deploy README doc to add cloud-hypervisor test command
- Container: Add initConfigResourcesMemory and call it in newContainer
- qemu/arm: remove nvdimm/"ReadOnly" option on arm64
- Fix issue container start fail if io.katacontainers.container.resource.swap_in_bytes and memory_limit_in_bytes are not set
- docs: Add tracing proposals doc
- docs: Remove table of contents
- static-checks: Check for the `force-skip-ci` label on each step
- docs: update the kata release url in the kata deploy document
- kata-deploy: Allow build kata-deploy tarball from HEAD
- mod: unify runc and containerd dependencies
- how-to-use-virtio-mem-with-kata.md: Remove undefined ${REPORT_DIR}
- ci: Run static checks when PRs are updated
- docs: update url for log parser in how-to-import-kata-logs-with-fluen…
- versions: Upgrade to Cloud Hypervisor v17.0
- snap: Substitute image configuration with initrd
- docs: Update url for log parser in Developer guide
- mount: fix the issue of missing check file exists
- build(deps): bump github.com/containerd/containerd from 1.5.2 to 1.5.4 in /src/runtime
- docs: Update experimental documentation
- snap: do not export agent version
- Upgrade runc to 1.0.1
- runtime: read-only NVDIMM
- osbuilder/scripts: add support to yq version 4 and above
- osbuilder: update centos arm rootfs image config 'GPG_KEY_ARCH_URL'
- monitor: mv the monitor socket into sbs directory
- fix govet fieldalignment
- docs: added a glossary to support SEO tactics
- ci: expand $CI to nothing
- Add swap support
- snap: fixed snap aarch64 qemu patches dir in snapcraft.yaml file
- agent: clear MsFlags if the option has clear flag set
- snap: Remove QEMU before clone
- docs: fix minikube installation guide runtimeclasses error
- docs: fixed kata-deploy path for kata logs with fluentd doc
- agent/agent-ctl: update tokio to 1.8.1
- ci: set -o nounset
- static-checks: Add a make target to run static-checks locally
- virtiofsd: fix the issue of missing stop virtiofsd
- docs: Update containerd configuration format
- osbuilder: Skip installing golang for building rootfs
- agent-ctl: Use a common Makefile style like other components
- vsock-exporter: switch to tokio runtime
- config: Fix description for OCI hooks
- shimv2: fix the issue of kata-runtime exec failed
7a5ffd4a config: Enable jailer by default when using firecracker
2cb7b513 docs: update general wording for installation documentation
76f4588f workflows: Actually push the release to quay.io
b980c62f packaging/kernel: Update kernel build doc
99e9a6ad packaging/kernel: Update versions.yaml kernel urls
c23ffef4 packaging/kernel: Remove old Jenkins pipeline
9586d482 tracing: Return context in runHooks() span creation
6a6dee7c osbuilder: Document no Alpine support on s390x
71f304ce agent: watcher: cleanup mount if needed when container is removed
f1a505db agent: Temporarily allow unknown linters
961aaff0 agent: watcher: fixes to make more robust
7effbdeb osbuilder: Upgrade Ubuntu guest to 20.04
99ab91df docs: update the docs project url from kata 1.x to 2.x
4fe23b19 kernel: PTP_KVM support for arm/arm64 in Kata
f981fc64 clh: correct cloud-hypervisor installation
f87cee9d kata-deploy: Rely directly on a centos:7 image
6871aeaa snap: enable snap build for arm64
15e0a3c8 kata-deploy: Remove unneeded yum cached files
d01aebeb kata-deploy: Ensure the system is up-to-date
77160e59 workflows: Actually login to quay.io
b9e03a1c docs: update the image repository to quay.io
f47cad3d tools: Update the image repository to quay.io
9fa1febf workflows: Also push the image to quay.io
233b53c0 agent: Fix cargo 1.54 clippy warning
2d8386ea kata-monitor: add few unit tests
8714a350 kata-monitor: make code to identify kata pods simpler
68a6f011 kata-monitor: drop the runtime info from the sandbox cache
97dcc5f7 kata-monitor: drop getMonitorAddress()
0b03d97d vendor: update vendors for kata-monitor
c2f03e89 kata-monitor: talk to the container engine via the CRI
c867d1e0 osbuilder: Drop Go agent support
1d25d7d4 docs: Remove kata-proxy and binaries reference
64dd35ba virtcontainers: fc: properly remove jailed block device
b8133a18 osbuilder/dracut: Add missing libraries
831c2fee packaging: Remove reference to sheepdog driver
2e28b714 packaging: Drop support for qemu < 5.0
d5f85698 vendor: Update govmm
31650956 runtime/qemu: Use explicit "on" for kernel_irqchip parameter
a72b0811 osbuilder: pass env OS_VERSION
d007bb85 kata-deploy: shorten directory path
e6408fe6 Container: Add initConfigResourcesMemory and call it in newContainer
49083bfa agent: Create the process CWD when it does not exist
ee90affc newContainer: Initialize c.config.Resources.Memory if it is nil
767a41ce updateResources: Log result after calculateSandboxMemory
760ec4e5 virtcontainers: clh: Do not use the default HTTP client
3fe6695b static-checks: Check for the `force-skip-ci` label on each step
7df56301 CI: Call agent shutdown test
57b696a5 docs: Removed mention of 1.x
4f0726bc docs: Remove table of contents
f186c5e2 docs: Fix invalid URLs
7c610a6f docs: Fix shell code
80afba15 docs: update kata deploy README doc to add cloud-hypervisor test command
5a0d3c4f docs: update the kata release url in the kata deploy document
9514dda5 mod: unity containerd dependency
6ffe37b9 mod: unify runc dependency
5b514177 docs: Add tracing proposals doc
b53e8405 how-to-use-virtio-mem-with-kata.md: Remove undefined ${REPORT_DIR}
5957bc7d ci: Run static checks when PRs are updated
81e6bf6f kata-deploy: Split shimv2 build in a separate container.
d46ae324 kernel: build: Add container build
b789a935 actions: release: Use new kata-deploy scripts.
85987c6d kata-deploy: Add Makefile
b9d2eea3 kata-deploy: Add script to merge kata tarballs.
4895747f Rootfs: Add curl to alpine rootfs builder.
fc90bb53 Actions: Add new workflow to create static tarballs
bbb06c49 actions: Remove scripts from actions directory.
2f9859ab build: Reuse firecracker directory on builds.
3533a5b6 Packaging: stop using GOPATH for yq.
0c5ded4b kata-deploy: build kata only with docker in host
2ec31093 docs: update url for log parser in how-to-import-kata-logs-with-fluentd.md
cc0bb9ae versions: Upgrade to Cloud Hypervisor v17.0
8e9ffe6f snap: Substitute image configuration with initrd
8b15eafa docs: Update url for log parser in Developer guide
77604de8 qemu/arm: remove nvdimm/"ReadOnly" option on arm64
4fbae549 docs: Update experimental documentation
07f7ad9d build(deps): bump github.com/containerd/containerd in /src/runtime
9c0b8a7f snap: do not export agent version
3727caf7 versions: Update runc to 1.0.1
116c29c8 cgroups: manager's Set() now takes Resources as its parameter
c0f801c0 rootless: RunningInUserNS() is now part of userns namespace
b5293c52 runtime: update runc dependency to 1.0.1
2859600a runtime: virtcontainers: make rootfs image read-only
8befb1f3 kata-deploy: Refactor builder options.
7125f5d8 image-builder: Allow build image and initrd independently.
0f8c0dbc osbuilder/scripts: add support to yq version 4 and above
070590fb vendor: update govmm
b4c45df8 runtime: tools/packaging/cmd/kata-pkgsync: fix govet fieldalignment
aec53090 runtime: virtcontainers/utils: fix govet fieldalignment
1e4f7faa runtime: virtcontainers/types: fix govet fieldalignment
bb9495c0 runtime: virtcontainers/pkg: fix govet fieldalignment
80ab91ac runtime: virtcontainers/persist: fix govet fieldalignment
54bdd018 runtime: virtcontainers/factory: fix govet fieldalignment
dd58de36 runtime: virtcontainers/device: fix govet fieldalignment
47d95dc1 runtime: virtcontainers: fix govet fieldalignment
8ca7a7c5 runtime: netmon: fix govet fieldalignment
31de8eb7 runtime: pkg: fix govet fieldalignment
2b80091e runtime: containerd-shim-v2: fix govet fieldalignment
0dc59df6 runtime: cli: fix govet fieldalignment
c1042523 ci: expand $CI to nothing
add480ed monitor: mv the monitor socket into sbs directory
f7c6f170 docs: added a glossary to support SEO tactics
a8649acf snap: fixed snap aarch64 qemu patches dir in snapcraft.yaml file
38826194 osbuilder: update centos arm rootfs image config 'GPG_KEY_ARCH_URL'
c5fdc0db docs: fix minikube installation guide runtimeclasses error
f2ef25c6 docs: fixed kata-deploy path for kata logs with fluentd doc
cb6b7667 runtime: Add option "enable_guest_swap" to config hypervisor.qemu
a733f537 runtime: newContainer: Handle the annotations of SWAP
2c835b60 ContainerConfig: Set ocispec.Annotations to containerConfig.Annotations
243d4b86 runtime: Sandbox: Add addSwap and removeSwap
e1b91986 runtime: Update golang proto code for AddSwap
4f066db8 agent: agent.proto: Add AddSwap
4f23b8cd ci: set -o nounset
35cbc93d agent: clear MsFlags if the option has clear flag set
ff87da72 config: Fix description for OCI hooks
8e0daf67 shimv2: fix the issue of kata-runtime exec failed
b12b21f3 osbuilder: Skip installing golang for building rootfs
558f1be6 snap: Remove QEMU before clone
5371b921 mount: fix the issue of missing check file exists
27b299b2 agent-ctl: Use a common Makefile style like other components
05084699 agent-ctl: bump to latest tokio
acf69328 agent: update tokio to 1.8.1
dcd29867 static-checks: Call the static-checks make target
afd97850 makefile: Add static-checks target
34828df9 virtiofsd: fix the issue of missing stop virtiofsd
73d3798c vsock-exporter: switch to tokio runtime
7960689e tracing: replace SimpleSpanProcessor with BatchSpanProcessor
e887b39e docs: Update containerd configuration format
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
- runtime: Register defer function at early stage
- Ensure the go vendored code is up-to-date and that we actually can call `cargo vendor` on every pull-request
- ci: add golang 1.16 to the CI
- Update outdated comments and do some minor reworks
- snap: Build initrd on ppc64le & s390x
- ci: static checks: use defined target_branch
- trace-forwarder: Add option rustflags, target, build-type for the make
- CI: Honour force-skip-ci label
- qemu: stop the virtiofsd specifically
- tracing: Consolidate tracing into a new katatrace package
- runtime: return error if clh's binary doesn't have a normal stat
- osbuilder: Fix the order of checking the distro config directory
- agent: Fix to parsing of /proc/self/mountinfo
- runtime: Fix lint issues
- snap: Miscellaneous s390x fixes
- runtime: Use CC=gcc on all RPM-based s390x
- s390x: Enable virtio-blk-ccw
- forwarder: Add dump only option
- shimv2: fix the issue of leaking the hypervisor processes
- runtime: Remove the version check for cloud hypervisor
- agent: fix wrong regular exp to fetch guest-cid
- runtime: refact virtcontainers/pkg/oci
- agent: enhance tests of execute_hook
- agent: Cleanup config
- Pass span context from runtime to agent to get a full trace #1968
- agent: update netlink libraries
- shimv2: update containerd vendor
- runtime: Format golang proto code
- agent: delete some lint attributes
- docs: Fix url in virtiofs documentation
- tools: agent-ctl: Fix build failure
- cargo: Use latest nix crate for all Rust code bases
- virtcontainers: Don't fail memory hotplug
- Add "watchable-mounts" concept to allow for inotify support of specific types of mounts.
- tracing: Make runHooks() span creation return context
- kernel: Add Secure Execution guest
- packaging: Support Podman in QEMU build
- Update qat version
- docs: Set LIBC=gnu for s390x too
- shimv2: fix the issue of leaking wait goroutines
- runtime: report finish time in containers stats
- docs: Fix typos in Developer Guide
- docs: Update urls for Documentation Requirements document
- runtime: update default machine type to q35
- docs: fix brackets usage error for developer guide
- Remove the pc machine
- runtime: do not hot-remove PMEM devices
- docs: Update kata-deploy urls for installation document
- docs: Update url for installation guides
- agent: Add some mount options and sort the options alphabetically
- runtime: using detail propertites instead of function name in log field
- qemu: Add nvdimm read-only file support
- ci: snap: Fetch history to all branches and tags
- memory_offset must be larger than 32 bit
- containerd-shim-v2: Skip TestIoCopy unit test
- ppc64le: Adding test for appendProtectionDevice
- agent: Update rust version for tokio
- Upgrade mio to v0.7.13 to fix epoll_fd leak problem
- osbuilder: fix log message that is not error but seems like an error
- docs: Update url for breaking compatibility
- docs: Remove docker support with kata 2.x and sysctls
- docs: Update README for runtime documentation
- Support SEV
- test: Add a unit test for ioCopy()
- versions: Upgrade to cloud-hypervisor v16.0
e3860691 static-checks: Restrict static checks to go 1.15 and 1.16
f4fbf723 runtime: Update vendored code
a20074d4 static-checks: Check the vendored code
ac8f972e build: Add `make vendor`
f9643d83 agent-ctl: Add `make vendor`
5e69b498 trace-forwarder: Add `make vendor`
a104f132 agent: Add `make vendor`
579b3f34 runtime: Add `make vendor`
930ca55d runtime: Add `make handle_vendor`
39546a10 runtime: delete not used functions
d0bc148f runtime: Register defer function at early stage
350acb2d virtcontainers: refactoring code for error handling in sandbox
858f39ef virtcontainers: update wrong comments for code
e0a19f6a virtcontainers: update API documentation
8d6dd2ad snap: support golang 1.16.x
a48dc93f versions: update newest golang version
37996791 ci: add 1.16 to the list of golang versions to test
6999dcca trace-forwarder: Add option rustflags, target, build-type for the make
7db8a85a CI: Honour force-skip-ci label
007a6561 snap: Build initrd on ppc64le & s390x
9b8cc458 ci: static checks: use defined target_branch
9081bee2 runtime: return error if clh's binary has not a normal stat
b10e3e22 tracing: Consolidate tracing into a new katatrace package
88e70759 osbuilder: Fix the order of checking the distro config directory
1ab72518 agent: Fix to parsing of /proc/self/mountinfo
8f76626f qemu: stop the virtiofsd specifically
da3de3c2 shim-v2: Fix `gosimple` issue on utils_test.go
305fb054 virtcontainers: Fix `gosimple` issue on client.go
89cf168c virtcontainers: Ignore a staticcheck error on cpuset.go
2cc9006c snap: Miscellaneous s390x fixes
28b2c629 runtime: Use CC=gcc on SUSE s390x too
cfd690b6 virtcontainers: Use virtio-blk-ccw on s390x
8758ce26 agent: Enable virtio-blk-ccw
a33d6bae forwarder: Add dump only option
4c809a53 shimv2: fix the issue of leaking the hypervisor processes
d08603be runtime: Remove the version check for cloud hypervisor
2c943012 agent: fix wrong regular exp to fetch guest-cid
e6b1766f agent: Cleanup config
55c5c871 agent: enhance tests of execute_hook
bd595124 runtime: add spans and attributes for agent/mount
65d2fb5d agent: remove instrument attribute for some simple functions
cfb8139f agent: add more instruments for RPC calls
ae46e7bf runtime: pass span context to agent in ttRPC client
66dd8719 runtime: refact virtcontainers/pkg/oci
d671f789 agent: fix the issue of convert OCI spec to RPC spec
f607641a shimv2: fix the issue bring by updating containerd vendor
79e632bc version: update the cri-containerd to v1.5.2
32c9ae13 shimv2: update containerd vendor
aa264f91 agent: update netlink libraries
34bdddbe docs: Fix url in virtiofs documentation
3e8a07c4 tools: agent-ctl: Fix build failure
f6294226 cargo: Use latest nix crate for all Rust code bases
064dfb16 runtime: Add "watchable-mounts" concept for inotify support
3f0f1ceb docs: inotify: add initial documentation
6a93e5d5 agent: Initial watchable-bind implementation
57c0cee0 runtime: Cleanup mountSharedDirMounts, shareFile parameters
772c117d kernel: Add Secure Execution guest
f35ba94d packaging: Support Podman in QEMU build
8310a3d7 virtcontainers: Don't fail memory hotplug
ecd13ec4 docs: Update QAT docs with newer driver version
a822cdf6 osbuilder: Update QAT driver version
6a1a051c runtime: report finish time in containers stats
fe0085ca docs: Set LIBC=gnu for s390x too
08984b6e docs: Update urls for Documentation Requirements document
b3623a2c shimv2: fix the issue of leaking wait goroutines
2322f935 runtime: update default machine type to q35
11f9a914 docs: fix brackets usage error for developer guide
1316fa53 docs: Fix typos in Developer Guide
ac6b9c53 runtime: Hot-plug virtio-mem device on PCI bridge
789a5954 virtcontainers: Remove the pc machine
caf5760c runtime: Update golang proto code
bd20701f docs: Update kata-deploy urls for installation document
a9aa36ce docs: Update url for installation guides
ecdd137c runtime: do not hot-remove PMEM devices
000049b6 agent: delete some lint attributes
3f39df0d qemu: Add nvdimm read-only file support
23d31d5a ci: snap: Fetch history to all branches and tags
2022c64f runtime: using detail propertites instead of function name in log field
361bee91 runtime/virtcontrainers: fix alignment structures
6be8bf5c docs: update annotations documentation
7834f412 virtcontainers: change memory_offset to uint64
bd27f7ba agent: Sort PROPAGATION and OPTIONS alphabetically to scan easily
ad06eb90 containerd-shim-v2: Skip TestIoCopy unit test
ea9bb8e9 ppc64le: Adding test for appendProtectionDevice
799cb272 agent: Upgrade mio to v0.7.13 to fix epoll_fd leak problem
45fd58d1 osbuilder: fix log message that is not error but seems like an error
2fb176dd docs: Update url for breaking compatibility
601e2b65 docs: Remove docker support with kata 2.x and sysctls
be316945 virtcontainers: Fix TestQemuAmd64AppendProtectionDevice()
240aae96 docs: Update README for runtime documentation
8825bb29 agent: Update rust version for tokio
cabddcc7 tracing: Make runHooks() span creation return context
e544779c agent: Add some mount options
85c40001 versions: Upgrade to cloud-hypervisor v16.0
b26d5b1d virtcontainers: Support SEV
81c6e4ca runtime/vendor: add github.com/intel-go/cpuid
a918c46f test: Add a unit test for ioCopy()
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
- Update CC=gcc setting for Fedora s390x
- osbuilder: Streamline s390x CMake & musl handling
- runtime: remove the call to storeSandbox at the end of createSandboxFromConfig
- virtcontainers: Add support for Secure Execution
- agent: Conform to the latest nix version (0.21.0)
- docs: Update the stable branch strategy to what was proposed in our ML
- runtime: add more traces for network
- tools/packaging: clone meson and dependencies before building QEMU
- runtime: remove covertool from cli test
- factory: Use lazy unmount
- docs: Fix Release Process document
- Add sandbox and container ID to trace spans
- agent: Fix fd leak caused by netlink
- metrics: Add virtiofsd exporter
- versions: Update kubernetes to 1.21.1
- tracing: Add basic VSOCK tracing
- agent: Upgrade tokio-vsock to fix fd leak of vsock socket
- runtime: fix some comments and logs
- runtime: Add support for PEF
- cleanup TODOs in runtime
- tracing: Make runtime span attributes more consistent
- virtiofsd: refactor qemu.go to use code in virtiofsd.go
- runtime: remove unused doc.go
- cgroup: fix the issue of set mem.limit and mem.swap
- agent: re-enable the standard SIGPIPE behavior
- virtiofsd: Fix file descriptors leak and return correct PID
- runtime: and cgroup and SandboxCgroupOnly check for check sub-command
- kernel: add ppc64le fragments
- docs: Use --ignore-preflight-errors=all flag
- agent: fix start container failed when dropping all capabilities
- agent: Remove unnecessary underscore(_) variables
- docs: Add instructions for getting QEMU source
- qemu: align before memory hotplug on arm64
- workflows: release kata 2.x snap through the stable channel
- Sandbox bindmount cleanup
- docs: Update add customer agent command
- agent: Stop relying in the unmaintained prctl crate
- how-to-use-virtio-mem-with-kata.md: Update doc to make it clear
- docs: Add document for memory hotplug on arm64
- github: Run require porting labels only at main
- kernel: add confidential guest build option
- rustjail: separated the propagation flags from mount flags
- runtime: improve sandbox cleanup logic
- docs: add note for connecting debug console for old versions
- image_build: align image size to 128M for arm64
- agent: avoid reaping the exit signal of execute_hook in the reaper
- agent: move the dependency tempfile to the dev-dependencies section
- docs: Document test repository changes when creating a stable branch
- docs: Remove horizontal ruler markers that disable spell checks
- docs/Developer-Guide: Add instructions to apply QEMU patches
- runtime: make dialing timeout configurable
- Get sandbox metrics cli
- Support TDx
- packaging/kata-cleanup: add k3s containerd volume
- osbuilder: Upgrade alpine version to 3.13.5
- Monitor cleanup
- Open CONFIG_VIRTIO_MEM in x86_64 Linux kernel
- agent: delete code which is no longer used
- cli: delete tracing code for kata-runtime binary
- docs: add per-Pod Kata configurations for `enable_pprof`
- Fix issue of virtio-mem
- Set fixed NOFILE limit value for kata-agent
- ci/install_yq.sh: install_yq: Check version before return
- runtime: use s.ctx instead ctx for checking cancellation
- runtime: fix some comments
a1247bc0 agent: Conform to the latest nix version (0.21.0)
3130e66d runtime: remove storeSandbox at the end of createSandboxFromConfig
7593ebf9 runtime: Use CC=gcc on Fedora s390x
a484d6db osbuilder: Streamline s390x CMake & musl handling
da2d9ab8 osbuilder: Remove CC=gcc for Fedora s390x
c0c05c73 virtcontainers: Add support for Secure Execution
78f21710 virtcontainers/s390x: Put consts into one block
784025bb runtime: add more traces for network
9ec9bbba tools/packaging: clone meson and dependencies before building QEMU
9158ec68 docs: Fix Release Process document
9e3349c1 agent: Fix fd leak caused by netlink
3d0e0b27 tracing: Add network model to span
8ca02072 tracing: Add sandbox and container ID to trace spans
a9a0eccf tracing: Add basic VSOCK tracing
2234b730 metrics: Add virtiofsd exporter
9bf781d7 agent: Upgrade tokio-vsock to fix fd leak of vsock socket
b68334a1 runtime: fix some comments and logs
1f5b229b runtime: remove FIXME in SandboxState about CgroupPath
fee0004a runtime: remove TODO about hot add memory in qemu.go
2e29ef9c runtime: remove TODO comment from StatusContainer
72cd8f5e virtiofsd: refactor qemu.go to use code in virtiofsd.go
0b22c48d runtime: remove unused doc.go
30f4834c cgroup: fix the issue of set mem.limit and mem.swap
0ae364c8 agent: re-enable the standard SIGPIPE behavior
05a46fed tracing: Make runtime span attributes more consistent
727bfc45 runtime: and cgroup and SandboxCgroupOnly check for check sub-command
b25ad1ab tracing: Make trace-forwarder async
45f02227 tracing: Add trace points
773deca2 virtiofsd: Fix file descriptors leak and return correct PID
37a426b4 runtime: Add support for PEF
fe670c5d docs: Use --ignore-preflight-errors=all flag
5b5047bd docs: Add instructions for getting QEMU source
3e4ebe10 agent: fix start container failed when dropping all capabilities
9a43d76d workflows: release kata 2.x snap through the stable channel
7f1030d3 sandbox-bindmount: persist mount information
089a7484 sandbox: Cleanup if failure to setup sandbox-bindmount occurs
f65acc20 docs: Update add customer agent command
20a382c1 agent: Remove unnecessary underscore(_) variables
4b88532c docs: Don't use Docker as an example of a container manager
4142e424 docs: Don't mention 1.x components as part of the stable branch strategy
a0af2bd7 docs: Use stable-2.x / 2.x.y as example in the branch strategy document
a5e1f66a docs: Maintain only one stable branch per major release
419773b8 docs: Emphasize behaviour changes may be a reason for a major bump
54a75008 docs: Refer to `main` branch in the stable branch strategy document
7dde0b5d kernel: add ppc64le fragments
84906181 kernel: skip fragments for ppc64le
9676b86b kernel: move CONFIG_RANDOMIZE_BASE
bd0cde40 factory: Use lazy unmount
f52468be agent/agent-ctl: Replace prctl crate by the capctl one
d289b1d6 agent-ctl: Perform a `cargo update`
bc36b7b4 qemu: align before memory hotplug on arm64
8aefc793 agent: Perform a `cargo update`
785be0bb how-to-use-virtio-mem-with-kata.md: Update doc to make it clear
f8a16c17 kernel: add confidential guest build option
a65f11ea docs: Add document for memory hotplug on arm64
1b607056 runtime: remove covertool from cli test
fc42dc07 github: Run require porting labels only at main
dbef2b29 versions: Update kubernetes to 1.21.1
35151f17 runtime: sandbox delete should succeed after verifying sandbox state
e5fe572f rustjail: separated the propagation flags from mount flags
ffbb4d9b docs: add note for connecting debug console for old versions
a5bb383c agent: avoid reaping the exit signal of execute_hook in the reaper
ce7a5ba2 agent: move the dependency tempfile to the dev-dependencies section
e24e9462 docs/Developer-Guide: Add instructions to apply QEMU patches
850cf8cd docs: Document test repository changes when creating a stable branch
8068a469 kata-runtime: add `metrics` command
37873061 kata-monitor: export get stats for sandbox
01b56d6c runtime: make dialing timeout configurable
e8038718 osbuilder: Upgrade alpine version to 3.13.5
3caed6f8 runtime: shim: dedup client, socket addr code
4bc006c8 runtime: Short the shim-monitor path
5fdf617e docs: Fix spell-check errors found after new text is discovered
42425456 docs: Remove horizontal ruler markers that disable spell checks
3883e4e2 kernel: configs: Open CONFIG_VIRTIO_MEM in x86_64 Linux kernel
4f61f4b4 virtcontainers: Support TDX
0affe886 virtcontainers: define confidential guest framework
539afba0 runtime: define config options to enable confidential computing
79831faf runtime: use s.ctx instead ctx for checking cancellation
f6d5fbf9 runtime: fix some comments
9381e5f3 packaging/kata-cleanup: add k3s containerd volume
7f7c3fc8 qemu.go: qemu: resizeMemory: Fix virtio-mem resize overflow issue
c9053ea3 qemu.go: qemu: setupVirtioMem: let sizeMB be multiple of 2Mib
a188577e agent: Set fixed NOFILE limit value for kata-agent
88cf3db6 runtime: implement CPUFlags function
2b0d5b25 image_build: align image size to 128M for arm64
d601ae34 agent: delete not used comments
6038da19 agent: delete rustjail/src/configs directory
84ee8aa8 agent: delete not used functions
d8896157 ci/install_yq.sh: install_yq: Check version before return
95e54e3f docs: add per-Pod Kata configurations for enable_pprof
13c23fec cli: delete tracing code for kata-runtime binary
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
- Update kata-deploy to use CRI-O drop-in files
- Update dependencies versions
- fix build kernel shell error when setup with `-f`
- virtcontainers: Fix virtio-fs on s390x
- Runtimeclass updates
- versions: Upgrade to cloud-hypervisor v15.0
- clh: return error if apiSocketPath failed
- runtime: fix dropped error
- agent: Update seccomp configuration for errnoRet and flags
- Fix the issue that sandbox size is not right after update
- docs: Document limitation regarding subpaths
- qemu: kill virtiofsd if failure to start VMM
- runtime/virtcontainers: Fix typo on qmp error msg
- cli: delete not used files
- runtime: delete not used function parameter builtIn
- add io.katacontainers.config.hypervisor.virtio_fs_extra_args handling
- Entropy source annotation
- runtime: Fix stdout/stderr output from container being truncated
- fix the issue of missing set fsGroup for EphemeralStorage
- qemu: Fix assertion failure on shutdown
- Assorted clippy fixes for Rust agent
- agent: use channel instead of pipe(2) to send exit signal of process
- Improve agent shutdown handling
- Enable virtio-fs on s390x
- block: Generate PCI path for virtio-blk devices on clh
- runtime: Disable trace for healthcheck
- agent/rustjail: Fix accidental damage from tokio conversion
- cli: Use genericGetExpectedHostDetails on s390x
- runtime/tests: Change "moo FAILURE" message
- Update the information about the release process
- remove ProcessListContainer API
2047f26f kata-deploy: Adapt CRI-O config to use drop-in files
8de2f914 kata-deploy: Rely on CRIO default's values for manage_ns_lifecycle
ea9936e0 versions: Bump runc to v1.0.0-rc93
9c333b2c versions: Bump CRI-O version to 1.21.x
e33f207b versions: Bump critools version to 1.21.0
8e5df723 versions: Bump kubernetes version to 1.21.0
d15f84c9 versions: Remove Docker entry
516f4ec0 versions: Remove OpenShift entry
be101ac1 versions: Remove CRI-O meta dependencies
1ca6bedf versions: Upgrade to cloud-hypervisor v15.0
906c0df4 kata-deploy: don't update worker pool nodes
3ee61776 virtcontainers: Enable virtio-fs on s390x
8385ff95 runtime: Re-vendor GoVMM
adba4532 virtcontainers: Revert "virtcontainers: Allow s390x appendVhostUserDevice"
ede078bc kata-deploy: aks-test: bump kubernetes/containerd
484af12b kata-deploy: update to handle new runtimeclass path
05c224c3 runtimeclass: add nodeSelector
ee7de8ab tools: fix build kernel shell error
7d5a4252 docs: Document limitation regarding subpaths
36776408 runtime/virtcontainers: Fix typo on qmp error msg
12a65d23 runtimeclass: drop stale runtimeclass definitions
0787ea80 cgroupsCreate: not set resources to c.config.Resources
831224aa Sandbox: Fix ContainerConfig ptr in CreateContainer and createContainers
a57c8ab1 qemu: kill virtiofsd if failure to start VMM
ff2b9e54 cli: delete not used files
0d0a520d clh: return error if apiSocketPath failed
fc6bb01a runtime: fix dropped error
30ff6ee8 runtime: handle io.katacontainers.config.hypervisor.virtio_fs_extra_args
677f0d99 runtime: delete not used function parameter builtIn
dcb9f403 config: Protect annotation for entropy_source
f4c26aad agent: fix the issue of missing set fsGroup for EphemeralStorage
628d55bf kata-agent: fix the issue of fsGroup missing
0405beb2 agent: Remove unused Default implementation for NamespaceType
7b83b7ec agent/uevent: Better initialize Uevent in test
b0190a40 agent: Use vec![] macro rather than init-then-push
1c43245e agent/device: Remove unneeded Result<> wrappers from uev matchers
e41cdb8b agent: Use str::is_empty() method in config::get_string_value()
2377c097 agent: Use CamelCase for NamespaceType values
75eca6d5 agent/rustjail: Clean up error path in execute_hook()s async task
6ce1e56d agent/rustjail: Remove an unnecessary PathBuf
3c4485ec agent/rustjail: Clean up some static definitions with vec! macro
eaec5a6c agent/oci: Change name case to make clippy happy
3f5fdae0 agent/rustjail: (trivial) Clean up comment on process_grpc_to_oci()
210f39a4 agent/rustjail: Simplify renaming imports
d4a54137 runtime: Fix stdout/stderr output from container being truncated
8ecf8e5c agent: use channel instead of pipe to send exit signal of process
81c5ff12 agent: Update seccomp configuration for errnoRet and flags
8a33bd4c qemu: Fix assertion failure on shutdown
7f609113 virtcontainers: Allow s390x appendVhostUserDevice
67ac4f45 runtime: update GoVMM for memory backend support
6577b01a agent/rustjail: Fix accidental damage from tokio conversion
de2631e7 utils: Make WaitLocalProcess safer
9256e590 shutdown: Don't sever console watcher too early
51ab8700 utils: Improve WaitLocalProcess
507ef636 utils: Add waitLocalProcess function
1d5098de agent/block: Generate PCI path for virtio-blk devices on clh
e7c97f0f runtime/tests: Change "moo FAILURE" message
8bc53498 docs: Simplify the repo bumping section
8a47b05a docs: Mention that an app token should be used with hub
d434c2e9 docs: OBS account is not require anymore
543f9da3 runtime: Disable trace for healthcheck
421439c6 API: remove ProcessListContainer/ListProcesses
1366f0fb cli: Use genericGetExpectedHostDetails on s390x
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
- release: Do not git add kata-{deploy,cleanup}.yaml for the tests repo
- kata-deploy: add runtimeclass that includes pod overhead
- release: automatically bump the version of the kata-deploy images
- Refine uevent matching conditions
- docs: update dev-guide to include fixes from 1.x
- virtcontainers: replace newStore by store in Sandbox struct
- agent: log the mount point if it is already mounted
- tools/agent-ctl: Update Cargo.lock
- agent: Rework the debug console
- oci: Update seccomp configuration
- kernel: update experimental kernel to 5.10.x
- kata-deploy: Fix `test-kata.sh` and do some small cleanups / improvements in the kata-deploy script
- github: Fix slash-command-action usage
- rustjail: fix the issue of missing default home env
- Make uevent watching mechanism more flexible
- ci/openshift-ci: Prepare to build on CentOS 8
- docs: update configuration for passing annotations in conatinerd
- Revert "github: Remove kata-deploy-test action"
- runtime: increase dial timeout
- qemu experimental: Move to latest tree on virtio-fs-dev (qemu 6.0 + DAX patches).
- github: Remove kata-deploy-test action
- agent: s390x statfs constants
- kernel: upgrade kernel to 5.10.x for arm64.
- Don't do anything in Pipestream::shutdown
- Fix fsgroup
- agent: Remove many "panic message is not string literal" warnings
- osbuilder: Update QAT Dockerfile with new QAT driver version
- osbuilder: update dockerfiles to utilize IMAGE_REGISTRY
- Only keep one VERSION file
- Dechat deruntime
- runtime: Format auto-generated client code for cloud-hypervisor API
- runtime: use concrete KataAgentConfig instead of interface type
- versions: Update cloud-hypervisor to release v0.14.1
- runtime: import runtime/v2/runc/options to decode request from Docker
- virtcontainers/fc: Upgrade Firecracker to v0.23.1
- docs: Remove ubuntu installation guide
- docs: Update snap install guide
- docs: update how-to-use-k8s-with-cri-containerd-and-kata.md
- Update install docs for Fedora and CentOS
- action: fix missing qemu tag
- Remove installation guides for SLE and openSUSE
- kernel: Enable OVERLAY_FS_{METACOPY,XINO_AUTO}
- versions: kernel 5.10.x
- virtcontainers: Fix missing contexts in s390x
- runtime: makefile allow override DAX value
11897248 release: Do not git add kata-{deploy,cleanup}.yaml for the tests repo
2b5f79d6 release: automatically bump the version of the kata-deploy images
8682d6b7 docs: update dev-guide to include fixes from 1.x
f444adb5 kata-cleanup: Explicitly add tag to the container image
12582c2f kata-deploy: add runtimeclass that includes pod overhead
d75fe956 virtcontainers: replace newStore by store in Sandbox struct
342eb765 tools/agent-ctl: Update Cargo.lock
24b0703f agent: fix test for the debug console
79033257 agent: async the debug console
8ea2ce9a agent/device: Remove legacy uevent matching
5d007743 agent/device: Refine uevent matching for pmem devices
9017e110 agent: start to rework the debug console
a59e07c1 agent/define: Refine uevent matching for virtio-scsi devices
484a3647 agent/device: Rework uevent handling for virtio-blk devices
7873b7a1 github: Fix slash-command-action usage
eda8da1e github: Revert "github: Remove kata-deploy-test action"
a938d903 rustjail: fix the issue of missing default home env
b0e4618e docs: update configuration for passing annotations in conatinerd
d43098ec kata-deploy: Adapt regex for testing kata-deploy
107ceca6 kernel: update experimental kernel to 5.10.x
ca4dccf9 release: Get rid of "master"
c2197cbf release: Use sudo to install hub
49eec920 agent: log the tag and mount point if it is already mounted
16f732fc ci/lib: Use git to clone the tests repository
9281e567 ci/openshift-ci: Add build root dockerfile
1cce9300 github: Remove kata-deploy-test action
0828f9ba agent/uevent: Introduce wait_for_uevent() helper
16ed55e4 agent/device: Use consistent matching for past and future uevents
4b16681d agent/uevent: Put matcher object rather than "device address" in watch list
b8b32248 agent/uevent: Consolidate event matching logic
d2caff6c agent: Re-organize uevent processing
55ed2ddd agent: Store uevent watchers in Vec rather than HashMap
91e0ef5c agent/uevent: Report whole Uevents to device watchers
36420054 agent: Store whole Uevent in map, rather than just /dev name
06162025 agent/device: Move GLOBAL_DEVICE_WATCHER into Sandbox
11ae32e3 agent/device: Fix path matching for PCI devices
4f608804 agent/device: Update test_get_device_name()
ee6a590d agent: add test test_pipestream_shutdown
4a2d4370 agent: don't do anything in Pipestream::shutdown
e3e670c5 agent/device: Forward port test for get_device_name() from Kata 1.x
ed08980f agent: Remove many "panic message is not string literal" warnings
f365bdb7 versions: qemu-experimental: 6.0~rc 470dd6
6491b9d7 qemu: Add support to build static qemu for dev tree
13653e7b runtime: increase dial timeout
935460e5 osbuilder: update dockerfiles to utilize IMAGE_REGISTRY
010d57f4 osbuilder: Update QAT Dockerfile with new QAT driver version
adb866ad kata-deploy: Adapt to the correct tag name
60adc7f0 VERSION: Use the correct form
a4c125a8 trace: move gRPC requests from debug to trace
50fff977 trace: move trace span chatter to trace rather than info
28bd8c11 kernel: upgrade kernel to 5.10.x for arm64.
6fe48329 runtime: use concrete KataAgentConfig instead of interface type
64939425 mount: fix the issue of missing set fsGroup
88e58a4f agent: fix the issue of missing pass fsGroup
572aff53 build: Only keep one VERSION file
0c38d9ec runtime: Fix the format of the client code of cloud-hypervisor APIs
52cacf88 runtime: Format auto-generated client code for cloud-hypervisor API
84b62dc3 versions: Update cloud-hypervisor to release v0.14.1
4a38ff41 docs: Update snap install guide
ede1ab86 docs: Remove ubuntu installation guide
6255cc19 virtcontainers/fc: Upgrade Firecracker to v0.23.1
2c47277c docs: update how-to-use-k8s-with-cri-containerd-and-kata.md
317f55f8 docs: Update minimum version for Fedora
1ce29fc9 docs: Update CentOS install docs
3f90561b docs: Update Fedora install docs
8a1c6c3f action: fix missing qemu tag
a9ff9c87 docs: Remove openSUSE installation guide
2888ceb0 docs: Remove SLE installation guide
09d454ac runtime: import runtime/v2/runc/options to decode request from Docker
0b502d15 runtime: makefile allow override DAX value
a65519b9 versions: keep using kernel 5.4.x for ARM
31ced01e virtcontainers: Fix missing contexts in s390x
52a276fb agent: Fix type for PROC_SUPER_MAGIC on s390x
5b7c8b7d agent: Update cgroups-rs to 0.2.5
c035cdb3 versions: kernel 5.10.x
660b0473 oci: Update seccomp configuration
8c1e0d30 kernel: Enable OVERLAY_FS_{METACOPY,XINO_AUTO}
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Following what's been done in the past for 1.x repos, the version should
be 2.1.0-alpha1 (instead of 2.1-alpha1).
Fixes: #1617
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
- test: install mock hook binary before test
- cgroups: fix the issue of get wrong online cpus
- build: remove unused variables from Makefile
- container: on cleanup, rm container directory for mounts path
- runtime: add support for QEMU 6
- agent: Enable clean shutdown
- runtime: fix virtiofsd RO volume sharing
- runtime: update virtcontainers API documentation
- runtime: Fix trace span ordering and static checks
- fix runtime UTs and enable static check
- kata-deploy: Use the correct tag for 2.1-alpha1 release
- ci: fix virtiofs-experimental build
- Verify container ID
- rustjail: rework execute_hook
- agent: Allow server address to be specified on kernel command-line
- agent: disconnect rpc get_oom_event when destroy_sandbox.
- docs: Update QAT instructions to work with Kata 2.0 repos
- agent: Update Cargo.lock for earlier dependency change
- osbuiler: fixing USE_DOCKER for ppc64le
- agent: Fix unused import warning in unit tests
- [forwardport] Fixup systemd cgroup handling
- runtime: Fix ordering of trace spans
- runtime: add support for readonly sandbox bindmounts
- Bump to QEMU 5.2.0 - respin
- runtime: return hypervisor Pid in TaskExit event
- agent: makefile: Add codecov target
- Bump to QEMU 5.2.0
- exec: ensure sup groups are added to agent request
- rustjail: fix the issue of home_dir function
- osbuilder: Port QAT Dockerfile to 2.0 repo
- agent-ctl: Unbreak build
- rustjail: fix the issue of bind mount device file from guest
- musl/arm64: decompression before use the tarball.
- osbuilder/arm64: build musl toolchain from source code if needed
- runtime: Fix missing 'name' field on containerd-shim-v2 logs
- agent: don't error of virtiofs share is already mounted
- shimv2: return the hypervisor's pid as the container pid
- runtime: check if error loading runtime config
- agent: fix clippy for rustc 1.5
- agent: Upgrade tokio to 1.2.0
- rustjail: fix blkio conversion
- agent: Agent invokes OCI hooks with wrong PID
- kata-deploy: stop mentioning qemu-virtiofsd, as the default qemu supports virtiofsd already (plus some cleanups)
- agent: Stop receive message from Receiver if got None
- Remove "Docker" & "[kata] runtime" references from the release scripts & process documentation
- kata-deploy: Ensure CRI-O uses shimv2 & the "vm" runtime type
- makefile: agent: Add self documented help
- runtime: connect guest debug console bypass kata-monitor
- Clean up PCI path handling
- runtime: Create tracer later in shimv2
- Agent: OCI hooks return malformed json
- osbuilder: Allow image registry to be customizable
- docs: Update licensing strategy to use kata 2.0 repository
- runtime: clh-config: add runtime hooks to the clh toml
- Fix Snap CI
- runtime: cpuset: when creating container, don't pass cpuset details
- agent: Remove bogus check from list_interfaces() unit test
- cli: Add aliases for `kata-` options
- github: Only run kata-deploy-test on pull-requests
- docs: Fix the installation directory of virtiofsd
- osbuilder: Fix USE_DOCKER on s390x
- Add katacontainers end-to-end arch image
- Build for glibc on s390x
- packaging: Fix vmlinux kernel install on s390x
- ci: Upgrade to yq 3.4.1
- kernel: Don't fail if "experimental" dir doesn't exist
- kata-deploy: Remove kata-deploy-docker.sh
- runtime: migrate from opentracing to opentelemetry
- rustjail: use rlimit crate
- rustjail: get all capabilities dynamically
- agent: README update to install protoc for ppc64le
- qemu: Add security fixes for CVE-2020-35517
- Fix lints and remove allow attributes which silence these warnings
- arm64: enable acpi for qemu/virt.
- osbuilder: Enforcing LIBC=gnu to rootfs build for ppc64le
- Fix async problems
- kata-monitor: set buildmode to exe to avoid build failing
- osbuilder: add description for how to use DISTRO variable
- kata-monitor: allow for building for alpine
- shimv2: log a warning and continue on post-stop hook failure
- kernel: Updates to kernel config for ppc64le
- agent: add secure_join to prevent softlink escape
- rustjail: fix the issue of container's cgroup root path
- osbuilder: remove traces of cmake
- versions: Update cloud-hypervisor to release v0.12.0
- clh: Use vanilla kernel.
- osbuilder: miscelaneous fixes/improvements
- branch: change 2.0-dev to main
- snap: Don't release Kata Alpha/RC in snap store
- Migrate to rtnetlink
- agent: Add underscore for constants
- github: Update ubuntu version to 20.04
- agent: implement NVDIMM/PMEM block driver
- rustjail: fix the issue of missing destroy contaienr cgroups
- agent: switch to async runtime
9a4e866 container: on cleanup, rm container directory for mounts path
48e5e4f test: install mock hook binary before test
1d44881 uevent: Add shutdown channel for task
d8d5b4c signal: Move to a new module
011f7d7 logging: Rework for shutdown
7d5f88c agent: Enable clean shutdown
dcb39c6 main: Create logger task
2cf2897 main: Use task list for stopping tasks
039df1d main: Refactor main logic into new async function
2a648fa logging: Use guard to make threaded logging safe
38f0d8d config: Fix assert_error testing macro
3f46e63 cgroups: fix the issue of getting wrong online cpus
e349244 runtime: fix virtiofsd RO volume sharing
532ff7c runtime: update virtcontainers API documentation
6fcfea8 runtime: Fix static check errors
f3ebbb1 runtime: Fix trace span ordering
5a3ee7d snap: Use qemu.version to build snap
0f78a5d kernel: rename exeperimental kernel symlink.
f791052 qemu: Build experimental qemu.
1555bfd runtime: add support for QEMU 6
fc0f93a actions: enable unit tests in PR check
74192d1 runtime: fix static check errors
a2dee1f runtime: fix vm factory UT failure
076bc50 agent-ctl: update Cargo.lock
0153f76 runtime: gofmt code
60f6315 kata-deploy: Use the correct tag for 2.1-alpha1 release
b0e51e5 qemu: Improve cache build
bc587da qemu: Add suffix for qemu binaries.
5493517 qemu: add CACHE_TIMEOUT
98d01ce qemu: Apply patches for specific versions.
190f813 runtime/katautils: PFlash should be initialized
b2ec5a4 runtime: fix cleanupSandboxBindMounts panic
9b689ea runtime/cli: fix TestMainBeforeSubCommandsLoadConfigurationFail failure
8e71c4f runtime: fix missing context argument in mocked sandbox APIs
8ff62be runtime: fix vcmock build failure
0e4b28e rustjail: rework execute_hook
a09e58f packaging: Use local file for assets.
451b45f agent: Make use of test consts for error messages
8c4d334 agent: disconnect rpc get_oom_event when destroy_sandbox.
07cfa4c qemu: patches: Fail if not patches directory
e221c45 versions: Update qemu database
5abdd2a qemu: move 5.0.0 patches to its own dir.
259c179 docs: Update QAT instructions to work with Kata 2.0 repos
34e7d5e agent: Validate CID
b265870 runtime: Validate CID
12e9f7f runtime: Add missing test mock function
ea51c17 agent: Allow server address to be specified on kernel command-line
4bf84b4 runtime: Add contexts to calls in unit tests
9e4932a runtime: use root span for shimv2 tracing
6b0dc60 runtime: Fix ordering of trace spans
3a77e4e build: remove unused variables from Makefile
d7cb3df cgroups: Add systemd detection when creating cgroup manager
f659871 cgroups: remove unused SystemdCgroup variable and accessor/mutators
b0e966c agent: Fix unused import warning in unit tests
d5a9d56 agent: Update Cargo.lock for earlier dependency change
0f7950f packaging: configure QEMU with -O2
224c50f snap: Package virtiofsd and fix path
f0d4985 exec: ensure sup groups are added to agent request
b034458 runtime: return hypervisor Pid in TaskExit event
81607e3 rustjail: fix the issue of home_dir function
c258ea2 agent-ctl: Function parameter cleanup
fcd45de agent-ctl: Unbreak build
efe625d build: Remove whitespace
48ed8f3 runtime: add support for readonly sandbox bindmounts
7ae349c agent: makefile: Add codecov target
f580d33 musl/arm64: decompression before use the tarball.
2da058e osbuild: build musl toolchain from source if needed
6417067 osbuilder: Port QAT Dockerfile to 2.0 repo
85601cd snap: Update for QEMU 5.2.0
88cef33 versions: update QEMU to 5.2.0
21bdaaf runtime: Fix missing 'name' field on containerd-shim-v2 logs
74a893f packaging: Refactor version comparisons on configure-hypervisor.sh
34dc861 rustjail: fix the issue of bind mount device file from guest
0f70983 runtime: check if error loading runtime config
6f72076 agent: fix clippy for rustc 1.5
4a21472 agent: Fix test
02079db agent: upgrade tokio to 1.0
a42dc74 agent: Agent invokes OCI hooks with wrong PID
17e9a2c agent: don't error of virtiofs share is already mounted
947913f agent/protocols: Remove cargo:rerun-if-changed in build.rs
bc0ac52 shimv2: return the hypervisor's pid as the container pid
10ed3da release: Rename runtime-release-notes to release-notes
f5dab6a release: We're not compatible with Docker.
2c8ea0a kata-deploy: Add copyright to the kata-deploy's Dockerfile
4e494e3 packaging: Remove NEMU mentions
f21c54a kata-deploy: QEMU, for 2.x, already includes virtiofs
657bd78 kata-deploy: Get rid of references to the docker script
dcea086 rustjail: fix blkio conversion
bc34cbb agent: Stop receive message from Receiver if got None
01481d6 kata-deploy: Ensure CRI-O uses the VM runtime type
d1c7173 kata-deploy: Move the containerd workarounds to their own functions
5013634 kata-deploy: Stop shipping kata-{clh,fc,qemu,qemu-virtiofs} binaries
2270f19 kata-deploy: Update README to reflect the current distributed artifacts
a494c4d makefile: agent: Add self documented help
72cb928 vhost-user-blk: Use PciPath type for vhost user devices
74f5b5f runtime/block: Use PciPath type through block code
32b40f5 runtime/network: Use PciPath type through network handling
87c5823 agent/device: Add unit test for pcipath_to_sysfs()
066ce7a agent/device: Pass root bus sysfs path to pcipath_to_sysfs()
fda48a9 agent/device: Use pci::Path type, name things consistently
c12b86d agent/device: Generalize PCI path resolution to any number of bridges
3715c57 agent/device: Rename and clarify semantics of get_pci_device_address()
7e92831 protocols: Update PCI path names / terminology in agent protocol def
8e5fd8e runtime: Introduce PciSlot and PciPath types
7464d05 agent: PCI path type
b22259a agent: PCI slot type
8c2f9e6 gitignore: Ignore *~ editor backup files
b412e15 osbuilder: Port QAT Dockerfile to 2.0 repo
5096103 osbuiler: fixing USE_DOCKER for ppc64le
a44b272 runtime: Create tracer later in shimv2
49bdbac osbuilder: Allow image registry to be customizable
fdc573d docs: Update licensing strategy to use kata 2.0 repository
2e2749a runtime: clh-config: add runtime hooks to the clh toml
ef72926 ci: snap: run snap CI on every pull request
919d512 snap: fix kernel setup
d054841 ci: snap: build targets that not need sudo first
a115338 ci: snap: define proxy variables
df14d38 Agent: OCI hooks return malformed json
3721351 runtime: cpuset: when creating container, don't pass cpuset details
c9c7c12 agent: Remove bogus check from list_interfaces() unit test
cb6d2f3 osbuilder: alphabetize fields
056d742 docs: Update documentation with new prefixless config options
fdcde79 cli: use new prefixless config options in tools scripts
02ee8b0 cli: Add aliases for kata- options
c6bc43b docs: Fix broken link to fluentbit.io docs
20b27a1 docs: Fix the installation directory of virtiofsd
11fe6a3 osbuilder: Fix USE_DOCKER on s390x
10f1c30 kata-runtime: use filepath.Join() to compose file path
f4ae9c8 docs: Update Developer-Guide.md
9963428 docs: update document for using debug console
44cde6e runtime: connect guest debug console bypass kata-monitor
3406502 runtime: add jaeger configuration items
fbab262 kernel: Don't fail if "experimental" dir doesn't exist
e1dce3a rustjail: use rlimit crate
8045104 ci: Upgrade to yq 3.4.1
3d3e4dc packaging: Fix vmlinux kernel install on s390x
a252d86 rustjail: get all capabilities dynamically
62cbaf4 kata-deploy: Remove kata-deploy-docker.sh
50fea9f github: Only run kata-deploy-test on pull-requests
b548114 qemu: Add security fixes for CVE-2020-35517
11680ef agent: README update to install protoc for ppc64le
f16ab49 agent: fix non_camel_case_types lint and stop hiding the warning
8ffe4d6 agent: fix unused_parens lint and stop hiding the warning
f70ca69 agent: remove #![allow(unused_unsafe)]
e28bf7a agent: fix dead_code lint
05da23a agent: fix non_snake_case lint and remove ![allow(non_snake_case)]
afb4197 osbuilder: Build for glibc on s390x
a1cedc5 agent: Build for glibc on s390x
9f237aa docs: add katacontainers end-to-end arch image
254b98d rustjail: fix unit test test_process
b25575b agent: remove crate signal-hook which are no longer used
b1880b3 rustjail: remove unnecessary #[async_trait]
83e9414 rustjail: add unittest test_execute_hook
d204100 rustjail: close stdin in execute_hook after it was sent
bb08131 rustjail: fix fork/child in execute_hook
17df9b1 runtime: migrate from opentracing to opentelemetry
71aeb92 osbuilder: updates for feedback
8e2b19a osbuilder: add description for how to use DISTRO variable
b6c2a60 kata-monitor: set buildmode to exe to avoid build failing
9f7a7a4 osbuilder: Enforcing LIBC=gnu to rootfs build for ppc64le
a88b896 kernel: Updates to kernel config for ppc64le
b7a1f75 arm64: enable acpi for qemu/virt.
448771f rustjail: fix the issue of container's cgroup root path
fd39f0f osbuilder: Add "Agent init" on terms glossary
e111093 agent: add secure_join to prevent softlink escape
1273e48 osbuilder: Fix urls to repositories
ba9fa49 osbuilder: Use Fedora and CentOS registries
c2d14cd versions: Update cloud-hypervisor to release v0.12.0
0e57393 shimv2: log a warning and continue on post-start hook failure
e7043fe shimv2: log a warning and continue on post-stop hook failure
3718df6 osbuilder: Remove leftover pieces related to cmake
d1bf829 kernel: ACPI: Always build evged for stable kernel
6f3d591 clh: Use vanilla kernel.
fd5592d branch: change 2.0-dev to main
2b880d2 snap: Don't release Kata Alpha/RC in snap store
14a63cc agent: Add underscore for constants
fa93831 agent: Address linter and tests
96762ab agent: Remove old netlink crate
0ea8243 github: Update ubuntu version to 20.04
33367be agent: Integrate netlink
23f3aef agent: Implement new netlink module
12551de agent: implement NVDIMM/PMEM block driver
6abb1be rustjail: fix the issue of missing destroy contaienr cgroups
fe67f57 agent: set edition = "2018" in .rustfmt.toml to fix rustfmt about async fn
df68771 agent-ctl: Update ttrpc to 0.4.14 for agent-ctl
37e285b agent: Make debug console async
f3bd439 agent: fix tests for async functions
9f79ddb agent: use tokio Notify instead of epoll to fix#1160332fa4c agent: switch to async runtime
5561755 agent: Initial switch to async runtime
2f1cb79 kata-monitor: allow for building for alpine
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
- snap: Fix yq error in build
- storage: cleanup and support read only block dev hotplug
- rootfs: Don't fallthrough in the docker_extra_args() switch
- github: Add github actions
- shimv2: Avoid double removing of container from sandbox
- Agent: return error on trying to persist a pid namespace and minor improvements
- rustjail: allow network sysctls
- rustjail: fix the issue of sync read
- rustjail: fix the issue of bind mount /dev
- qemu: no state to save if QEMU isn't running
- packaging/qemu: Build and package completely inside the container
- agent: upgrade cgroups to 0.2.0
- agent: Simplify .or_else() to .or()
- Fix error reporting in listInterfaces() and listRoutes()
- improve rustjail validator
- Add void "install" targets for both "trace-forwarder" and "agent-ctl"
- [forwardport] Add support for Gentoo
- oci: fix a typo in "addtionalGids"
- Don't update cpusets if no CPUs changed closes#1172
- rootfs: reduce size of debian image
- runtime: Allow to overwrite DESTDIR
- snap: fix snap release channel
- Don't leak fd when reseeding rng
- Fixes for make generate-protocols
- docs: Fix docs in docs/architecture.md
- docs: Update the Cloud Hypervisor description in virtualization.md
- agent: exit from exec hangs if background process is present
- [forwardport] install: Improve snap documentation
- handle vcpus properly utilized in the guest
- docs: fix the custom agent binary file path for creating initrd image
- shimv2: handle ctx passed by containerd
- runtime: clh: Enforce to call 'cleanupVM' for 'stopSandbox'
- agent: Adjust OOM Score to avoid agent being killed.
- [forward port] cli: make check subcommand more tolerant to failures
- docs: add link to VMT on top level README
- rustjail: fork a new child process to change the pid ns
- rustjail: remove the network ns validation against container
- snap: update apps section
- runtime: don't wait the second shim process in shim start
- agent: create pci root Bus Path for arm64
- agent: enable lto flag for Cargo to get better optimized code
- virtcontainers: revert CleanupContainer from PR 1079
- docs: Create hypervisor summary document
- Add hyperlink and fix typo
- versions: Use CRI-O v1.18.4-4-g6dee3891e
- runtime: change configuration key name from EnablePprof to enable_pprof
- runtime: delete sandboxlist.go and sandboxlist_test.go
- versions: Use release-1.18 (commit ee9128444bec10)
- runtime: clh: disable virtiofs DAX when FS cache size is 0
- release: Fix release candidate to major version upgrade check
- runtime: sleep 1 second after GetOOMEvent failed
- Agent: README updates for build on ppc64le
- runtime: clean/refactor code
- Forward port annotation doc
- versions: Update cloud-hypervisor to release v0.11.0
- docs: Add instructions for enabling VM templating
- Revert "version: revert back to crio 1.8.3"
- Dump guest memory when kernel panic for QEMU
- clh: Consolidate the code path for device unplug
- agent: Log ttrpc messages
- annotations: Improve asset annotation handling
- runtime: readonly volume should be bind mounted readonly on the host
- docs: Fix incorrect docs in config file
- CI: Fix incorrect URL
- docs: Update top-level README
- versions: Update crio version
- runtime: cloud-hypervisor: reduce memory footprint
- agent: Improve unit test coverage for src/sandbox.rs
- rustjail: fix the issue of create thread failed causing current thread panic
- Improve unit test coverage for rustjail/container.rs
- agent: Update build instructions
- cli: Provide aliases for kata-* subcommands and options
- runtime: Restore QEMUVIRTIOFSPATH variable in Makefile
- Use apply_patches.sh in qemu and kernel scripts
- clean up agent proto files
- agent: fixes the permissions of PID 1's STDIO
- Feature/1004 add version for kata monitor
- agent: Generate proto files programmatically
- runtime: Fix firecracker config
- docs: remove the 1.x version description about shim and proxy
- arm64: correct bridge type for QEMUVIRT
- snap: add GH actions jobs to release the snap package
- agent: clear clippy warnings
- agent: simplify ttrpc error construction
- Replace @RUNTIME_NAME@ with the target in generated files
- 2.0 update doc for hypervisor related information
- virtcontainers: Append max_ports to virtio-serial device
- snap: install libseccomp-dev
- runtime: set virtio-fs as default fs sharing method
- VirtioFS: backports & default settings to improve performance
- tools: Make agent-ctl support more APIs
- Validate runtime annotations
- kernel: update to 5.4.71
- config: make virtio-fs part of standard kernel
- agent: Optimize error handling
- versions: Update Kubernetes, containerd, cri-o and cri-tools
- agent: fix crashers if API requests empty
- rustjail: add length check for uid_mappings in rootless euid mapping
- kata-monitor: use regexp to check if runtime is kata containers
- docs: update the build kata containers kernel document
- cgroup and cpuset fixes from 1.x
- docs: Update upgrading guide
- agent: fix panic on malformed device resource in container update
- Forward port device conflict fixes from Kata 1 / Go agent
- docs: Add containerd install guide
- agent: simplify codes
- agent: fix errorneous parsing for guest block size
- agent: use macro to simplify parse_cmdline function in config.rs
- fix arm CI
- packaging: fix missing cloud_hypervisor_repo
- docs: Add crictl example json files
- ci: snap: add event filtering
- agent: do not follow link when mounting container proc and sysfs
- agent-ctl: include cargo lock updates
- agent: set init process non-dumpable
- runtime: Clear the VCMock 1.x API Methods from 2.0
- virtiofs: Disable DAX
- docs: Update docs for enabling agent debug console
- Remove compilation warnings
- osbuilder: Create target directory for agent
- versions: add plugins section
- snap: specify python version
- packaging: fix image build script
- Main packaging fixups
- clh: Support VFIO device unplug
- ci: add github action to test the snap
- docs: update networking description
- docs: update dev guide for agent build
- rust-agent: Update README
- docs: update architecture.md
- runtime: add support for SGX
- version: upgrade qemu version to v5.1.0 for arm64
- agent: Fix OCI Windows network shared container name typo
- github: Remove issue template and use central one
- docs: fix broken links
- Packaging: release notes script using error kernel path urls
- rust-agent: Replaces improper use of match for non-constant patterns
- devices: fix go test warning in manager_test.go
- action: Allow long lines if non-alphabetic
- Indicates never return function and remove unreachable code
- agent: propagate the internal detail errors to users
- Update Installation Guide to better reflect the current state of the project
- ci: fix clone_tests_repo function
- agent: Set LIBC=gnu for ppc64le arch by default
- fc: integrate Firecracker's metrics
- Fix to qemu experimental and improvements
- ci: resurrect travis static checkers
- agent: fix UT failures due to chdir
- agent: Only allow proc mount if it is procfs
- kata 2.0: add debug console service
- runtime: Call s.newStore.Destroy if globalSandboxList.addSandbox
- shimv2: add a comment in checkAndMount()
- osbuilder: specify default toolchain verion in rust-init
- runtime: Update CLH client pkg to version v0.10.0
- agent/oci: Don't use deprecated Error::description() method
- runtime: Fix linter errors in release files
- packaging: Build from source if the clh release binary is missing
- runtime: add podman configuration to data collection script
- ci: use Travis cache to reduce build time
- agent: update cgroups crate
- docs: Update the reference path of kata-deploy in the packaging
- runtime: make kata-check check for newer release
- how-to: add privileged_without_host_devices to containerd guide
- agent: Unit tests for rustjail/mount.rs
- docs: Fix the kata-pkgsync tool's docs script path
- Fix developer guide
- fix guest panic when running agent as init
- packaging: update version file url for kata 2.0 in Makefile
- Fix release notes
789fd7c1 blk-dev: hotplug readonly if applicable
12777b26 volumes: cleanup / minor refactoring
fbc1d123 vendor: revendor govmm
6cc1920c snap: Fix yq error in build
b329a74f rootfs: Fix indentation inside a switch
8879f9a0 rootfs: apparmor=unconfined is needed for non Red Hat host OSes
bbeebcdb rootfs: Always add SYS_ADMIN, CHROOT, and MKNOD caps to docker cmdline
90ec2fa8 rootfs: Don't fallthrough in the docker_extra_args() switch
ebd9fcc2 actions: Run static checks before make agent
0d3736d5 rustjail: fix the issue of sync read
0dc02f6d rustjail: fix the issue of bind mount /dev
894fa42a rustjail: allow network sysctls
d4cd2554 agent: Avoid container stats panic caused by cgroup controller non-exist
157e055f agent: upgrade crate cgroups to 0.2.0
e3ec1d50 agent: Simplify .or_else() to .or()
14e7042c agent: Clean up commented use declarations
5fe5b321 agent: Fix temp prefix on Namespace::test_setup_persistent_ns
3a891d4e agent: Return error on trying to persist a pid namespace
5c464018 shimv2: Avoid double removing of container from sandbox
b366af93 jail: add more test cases for validator
d38a5d3f jail/validator: introduce helpers to reduce duplicated code
76ad3213 jail/validator: avoid unwrap() for safety
51fd624f rustjail: add more context info for errors
9321e1b2 oci: fix two incompatible issues with OCI spec
406a91ff agent: consume ttrpc crate from crates.io
9a7bcccc qemu: no state to save if QEMU isn't running
6181570c oci: fix a typo in "addtionalGids"
a5372e00 github: Add github actions
4af5beda agent/sandbox: Don't update cpuset when ncpus = 0
e004616b runtime/network: Fix error reporting in listRoutes()
1ae8e81a runtime/network: Correct error reporting in listInterfaces()
a19263e5 agent/protocols: Remove unneeded import from oci.proto
a19cf28c agent/protocols: Remove some unnecessary include directives from protoc
2b452090 agent/protocols: Remove some unneeded dependencies for protocol generation
b36c9ea3 docs: Fix docs in docs/architecture.md
3db1c805 agent: Don't leak fd when reseeding rng
8ac93f65 rootfs-builder: add support for gentoo
9897238f rootfs: reduce size of debian image
d47122e9 docs: Update the Cloud Hypervisor description in virtualization.md
10e9bfc6 runtime: Allow to overwrite DESTDIR
f740032c packaging/qemu: Delete the temporary container
e5c710e8 packaging/qemu: Build and package completely in the container
4c3377de packaging/qemu: Add QEMU_DESTDIR argument to dockerfiles
faed2369 rootfs-builder: add functions to run before and after the container
8e5603e6 snap: fix snap release channel
8f538935 install: Improve snap documentation
1ca415d8 agent: exit from exec hangs if background process is present
a00f7c34 docs: fix the custom agent binary file path for creating initrd image
0155fe12 shimv2: handle ctx passed by containerd
a793b8d9 agent: update cpuset of container path
705182d0 agent: ignore updating cpuset error when update cgroups
647331ac runtime: clh: Enforce to call 'cleanupVM' for 'stopSandbox'
e684a541 docs: add link to VMT on top level README
68f66c51 agent-ctl: Add void "install" target
5e407758 trace-forwarder: Add void "install" target
70f198d7 cli: check modules and permissions before loading a module
cb684cf8 cli: don't fail if rate limit is exceeded
9216f2ad rustjail: fork a new child process to change the pid ns
3b08376c rustjail: remove the network ns validation against container
c388ec5b runtime: don't wait the second shim process in shim start
d6acc4c0 agent: enable lto flag for Cargo to get better optimized code
13a8e4e3 snap: update apps section
fdbf7d32 virtcontainers: revert CleanupContainer from PR 1079
91a390f0 docs: Create hypervisor summary document
3eeb25a1 docs: Tidied up virtualisation summary table
8ec3cf08 docs: Adding hyperlink to virtio-net in kata documentation 2.0
b5b67db8 docs: Fixing typo in virtualization.md file
4d46d0f0 versions: Use CRI-O v1.18.4-4-g6dee3891e
53b5d063 agent: Adjust OOM Score to avoid agent being killed.
14a21c3a runtime: change configuration key name from EnablePprof to enable_pprof
4e3a8c01 runtime: remove global sandbox variable
29020394 runtime: delete sandboxlist.go and sandboxlist_test.go
9b88a96b versions: Use release-1.18 (commit ee9128444bec10)
36f65ce1 runtime: clh: update cloud-hypervisor
e1396f04 runtime: clh: disable virtiofs DAX when FS cache size is 0
8f38265b release: Fix release candidate to major version upgrade check
2e0bf40a tests: Ensure semver build metadata is ignored
4024a827 release: Make error format string consistent
cb0e6094 runtime: sleep 1 second after GetOOMEvent failed
4c78814b docs: Fix pre-existing spelling mistakes caught by the CI
6c083d94 docs: Add a link to document describing how to use annotations
d67921a2 docs: Document restricted annotations
1fc7b764 docs: Repair inconsistencies between 2.0 and 1.x
21801a11 versions: Revert "version: revert back to crio 1.8.3"
b8414045 runtime: remove nsenter
e3510be8 runtime: use one line if statement to check if err is nil for qemu.go
378308e2 docs: Add instructions for enabling VM templating
92c1c4c6 versions: Update cloud-hypervisor to release v0.11.0
8907a339 agent: Only show ttrpc logs for trace log level
21cd7ad1 agent: Log ttrpc messages
286eebf0 agent: Add env var to set log level
b9c6db4b agent: Add env var tests
705e9955 agent: Add env var comment
5ced96e9 hypervisor: Remove unused methods
e82c9dae annotations: Improve asset annotation handling
0f26f1cd annotations: Add missing hypervisor control annotation
76064e3e asset: Formatting, grammar and whitespace
40418f6d runtime: add geust memory dump
ff13bde3 version: revert back to crio 1.8.3
6c2fc233 agent: create pci root Bus Path for arm64
a958eaa8 runtime: mount shared mountpoint readonly
125e21ce runtime: readonly mounts should be readonly bindmount on the host
5f0abc20 CI: Fix incorrect URL
b6f8a1d5 docs: Fix incorrect docs in config file
93d79625 clh: Consolidate the code path for device unplug
18a22459 Agent: README updates for build on ppc64le
655f2649 Agent: README updates for build on ppc64le
62c7e094 docs: Remove credits
679df0fb docs: Update top-level README
dfe364f8 Agent: README updates for build on ppc64le
77b50969 runtime: cloud-hypervisor: reduce memory footprint
2e1a8f0a agent: Improve unit test coverage for src/sandbox.rs
87848e87 versions: Update crio version
172d015e rustjail: fix the issue of create thread failed causing thread panic
9e93463b agent/rustjail: improve unit test coverage for rustjail/container.rs
ad4f7b86 agent/rustjail: make mount and umount2 public
926a6186 agent/rustjail: fix typo
8130d9b2 agent/rustjail: don't use unwrap in container::oci_state
5d111071 rustjail: add mock implementation for cgroup manager
e3eff0eb agent: Update build instructions
0896ce80 agent: update proto file copyright
6e9ca457 agent: generate proto files properly
837343f0 agent-ctl: update cargo.lock
b3166618 runtime: remove the unused proto files
54e23c83 agent: move gogo.proto out of the github.com namespance
583e6ed3 agent: types.pb.go is not regenerated
bb19fcb9 docs: Update documentation with new subcommand forms
d2fe7091 cli: Use new subcommand forms in kata-manager script
4d9ab0cd cli: Support new subcommand forms in bash completion
c5d355e1 cli: Remove `kata-` prefix from env and check subcommands
f134b4a3 agent: Update build instructions
9e9988df agent/protocols: Move agent.proto out of the mock folder of agent
e90aa7b4 agent: fixes the permissions of PID 1's STDIO
b9b281e7 packaging: Use apply-patches.sh in build-kernel.sh
163e6104 packaging: Make qemu/apply_patches.sh common
d4cf3057 packaging: qemu/apply_patches.sh should sort the patches
5b065eb5 runtime: change govmm package
9cb41507 agent/protocols: Fix copyright header checking
0d58d919 agent/protocols: Stop generate agent proto files in the shellscript
7559382b agent/protocols: Ignore generated files and remove these files from repo
fdc33fb7 agent/protocols: Generate proto files programmatically
f1c3bf6b runtime: let kata-collect-data.sh collect kata-monitor info
993a8da3 kata-monitor: add version subcommand
4ee78120 runtime: Restore QEMUVIRTIOFSPATH variable in Makefile
df4ce9fa ci: add `cargo clippy` for agent
2e138788 agent: clear match_like_matches_macro/vec_resize_to_zero warnings
227edfdc agent: clear module_inception/type_complexity warnings
698d25b7 agent: clear redundant_field_names clippy warning
4dd9bd7a agent: clear clippy `len_zero` warnings
bf7dec5c agent: clear clippy warnings
56f867ee rustjail: clear clippy warnings
16757ad4 oci: clear clippy warnings
f32f49bd logging: clear clippy warnings
5b079a3b snap: add GH actions jobs to release the snap package
2738b18b runtime: Fix firecracker config
e5d4259a runtime: Simplify make variables for clh
9eab3015 arm64: correct bridge type for QEMUVIRT
b88aac04 docs: Update how-to Readme with hypervisor information.
d6464117 docs: Update Readme to remove hypervisor information
b4f9fb51 docs: Remove docs for nemu
96a4ed7d Makefile: Replace @RUNTIME_NAME@ with the target in generated files
7159fc2e agent: simplify ttrpc error construction
0f894986 snap: install libseccomp-dev
9a351509 package: drop qemu-virtiofs shim
6ed669a1 packaging: install virtiofsd for normal qemu build as well
da79b4be virtcontainers: Append max_ports to virtio-serial device
bcf48530 runtime: enable virtiofs by default
e2221d34 tools: Improve agent-ctl README
2d1f2c7b kernel: update to 5.4.71
d3c98620 config: make virtio-fs part of standard kernel
edf02af1 tools: Make agent-ctl support more APIs
56201803 tools: Remove commented out code in agent-ctl
9bac4ee6 tools: Log request in agent-ctl tool if debug enabled
68821f08 tools: Rename agent-ctl command to GetGuestDetails
8553f062 tools: Fix comment in agent-ctl
6ba294a1 agent: remove `unwrap()` for `e.as_errno()`
e77482fe agent: Use `?` instead of `match` when the error returns directly
1b7ed328 kata-monitor: use regexp to check if runtime is kata containers
47ff2fb9 agent: use anyhow `context` to attach context to `Error` instead of `match`
2f690a2b agent: remove useless match
1d8def66 agent: Use `ok_or_else` instead of match for Option -> Result
84953066 agent: Fix crasher if AddARPNeighbors request empty
3d084c7d agent: Fix crasher if UpdateRoutes request empty
5615e5a7 agent: Fix crasher if UpdateInterface request empty
0dce817e agent: replace `match Result` with `or_else`
7bf4073d agent: replace unnecessary `match Result` with `map_err`
7f9e5913 agent: replace check! with map_err for readability
09aca49e agent: remove `check!` in child process because we cant' see logs.
a18899f1 agent: refactor namespace::setup to optimize error handling
a3c64e5c agent: replace `if let Err` with `or_else`
6ffa8283 agent: replace `if let Err` with `map_err`
863f918a rustjail: add length check for uid_mappings in rootless euid mapping
720eab78 versions: Update Kubernetes, containerd, cri-o and cri-tools
c5771be2 annotations: Correct unit tests to validate new protections
398d7918 annotations: Split addHypervisorOverrides to reduce complexity
b2b3bc7a annotations: Add unit test for checkPathIsInGlobs
6f52179c annotations: Add unit test for regexpContains function
966bd573 makefile: Add missing generated vars to `USER_VARS`
be6ee255 makefile: Improve names of config entries for annotation checks
b1194274 annotations: Give better names to local variabes in search functions
b5db114a annotations: Rename checkPathIsInGlobList with checkPathIsInGlobs
d65a7d10 config: Add better comments in the template files
7c6aede5 config: Whitelist hypervisor annotations by name
f047fced config: Use glob instead of regexp to match paths in annotations
11b9c90c annotations: Fix typo in comment
c16cdcb2 config: Add makefile variables for path lists
4e89b885 config: Protect file_mem_backend against annotation attacks
aae9656d config: Protect vhost_user_store_path against annotation attacks
55881653 config: Add security warning on configuration examples
b21a829c config: Protect ctlpath from annotation attack
27b6620b config: Protect jailer_path annotation
07669017 config: Add examples for path_list configuration
2d431c61 annotations: Simplify negative logic
2ca9ca89 config: Add hypervisor path override through annotations
2e093dfd config: Fix typo in function name
bf13ff0a config: Protect virtio_fs_daemon annotation
8c75de19 config: Add 'List' alternates for hypervisor configuration paths
fc6468ef agent: fix panic on malformed device resource in container update
d8a8fe47 cpuset: don't set cpuset.mems in the guest
88cd7128 sandbox: consider cpusets if quota is not enforced
77a463e5 cpuset: support setting mems for sandbox
2d690536 cpuset: add cpuset pkg
1a9515a9 runtime: Pass `--thread-pool-size=1` to virtiofsd
1c528cd1 packaging: Apply virtiofs performance related fixes to 5.x
5b520003 docs: Update upgrading guide
0e0564a5 docs: update the build kata containers kernel document
ae6b8ec7 agent/device: Check type as well as major:minor when looking up devices
859301b0 agent/device: Index all devices in spec before updating them
2477c355 agent/device: Forward port update_spec_device_list() unit test
08d80c1a agent/device: update_spec_device_list() should error if dev not found
12cc0ee1 sandbox: don't constrain cpus, mem only cpuset, devices
b6cf68a9 cgroups: add ability to update CPUSet
b812d4f7 virtcontainers: add method for calculating cpuset for sandbox
f63f7405 agent: fix errorneous parsing for guest block size
43d70a32 docs: Add containerd install guide
11c1ab8b agent: use ok_or/map_err instead of match
6b9f9915 rustjail: use Iterator to manipulate vector elements
a7251651 docs: remove the 1.x version description about shim and proxy
dc1442c3 rustjail: delete codes commented out
aa04111d rustjail: delete unused test code
eae685dc agent: use chain of Result to avoid early return
5e3d1fb6 agent: add blank lines between methods
980e48ca agent: delete unused field in agentService
52b821fa agent: use no-named closure to reduce codes
82e94501 packaging: fix cloud-hypervisor binary path
b1f95e8d agent: use a local fn to reduce duplicated codes
154a356a packaging: apply qemu v5.1 stable fixes
c781a808 agent: fix aarch64 build
906b3844 agent: update not accurate comments
78318c18 packaging: fix missing cloud_hypervisor_repo
b7309943 agent: use macro to simplify parse_cmdline function in config.rs
9834a766 docs: add namespace key to pod/container config files
37e7de72 ci: snap: add event filtering
9a02e6eb docs: Add crictl example json files
b7147eda agent: do not follow link when mounting container proc and sysfs
15b71563 agent: set init process non-dumpable
00ad3fd3 agent-ctl: include cargo lock updates
8cd62d7b versions: add plugins section
c4472481 virtiofs: Disable DAX
3e56de81 snap: specify python version
e3cdc89b osbuilder: Create target directory for agent
7cad865d packaging: fix image build script
0e898c6b rust-agent: Treat warnings as error
0e4baaab rust-agent: Identify unused results in tests
5b2b5652 rust-agent: Log returned errors rather than ignore them
d617caf1 rust-agent: Remove unused imports
ee739c5d rust-agent: Report errors to caller if possible
d5b492a1 rust-agent: Ignore write errors while writing to the logs
c635c46a rust-agent: Remove unused code that has undefined behavior
ec24f688 rust-agent: Remove 'mut' where not needed
c8f406d4 rust-agent: Remove uses of deprecated functions
f832d8a6 rust-agent: Remove or rename unused parameters
5a1d3311 rust-agent: Remove or rename unused variables
27efe291 rust-agent: Remove unused functions
d76ece0c rust-agent: Remove useless braces
3682812e rust-agent: Remove unused macros
483209bf actions: add kata deploy test
07930024 packaging: cleaning, updating based on new filepaths
f0f205cd packaging: remove obs-packaging
4b1753c5 packaging: pull versions, build-image out from obs dir
3f6cd4d5 packaging: Revert "packaging: Stop providing OBS packages"
c33ee54a clh: Support VFIO device unplug
1f4dfa31 clh: Remove unnecessary VmmPing
cc80ae0a versions: cloud-hypervisor: Bump to version 6d30fe05
0fec7a4d docs: Change kata_tap0 to tap0_kata
3394a6a5 docs: update networking description
2e83f405 dev-guide: update kata-agent install details
ffea705a docs: Update docs for enabling agent debug console
777f3981 docs: update dev guide for agent build
aa8eefd8 ci: add github action to test the snap
ea1cb37b versions: cloud-hypervisor: bump version
0ebffdf2 runtime: cloud-hypervisor: tag openapi-generator-cli container
e51a1ea3 docs: use-cases: Add Intel SGX use case
7d638231 runtime/vendor: add k8s.io/apimachinery/pkg/api/resource
6df165c1 runtime: add support for SGX
a5b3e1cd docs: drop docker installation guide
6c4300c6 docs: fix static check errors in docs/install/README.md
59224a76 docs: update architecture.md
a89deb3e rust-agent: Update README
80c52834 github: Remove issue template and use central one
0ccbca3b agent: Fix OCI Windows network shared container name typo
a6221a74 qemu: upgrade qemu version to 5.1.0 for arm64.
f30b86f1 Packaging: release notes script using error kernel path urls
a7faeaac docs: fix broken links
4501c25a agent: propagate the internal detail errors to users
1984e635 ci: fix clone_tests_repo function
02c1a59f agent: Set LIBC=gnu for ppc64le arch by default
7019e72c agent: remove unreachable code
942999ed agent: Change do_exec return type to ! because it will never return
757dfa70 fc: integrate Firecracker's metrics
b03d958e gitignore: ignore agent service file
64b4f698 agent: fix UT failures due to chdir
85d22301 runtime: fix TestNewConsole UT failure
e90e9a2c travis: skip static checker for ppc64
5611283e runtime: fix golint errors
daf2a54d agent: fix cargo fmt
c05c4ba5 ci: always checkout 2.0-dev of test repository
1569b3b3 docs: fix static check errors
df3119b6 runtime: fix make check
484a595f runtime: add enable_debug_console configuration item for agent
febdf8f6 runtime: add debug console service
07d339c7 devices: fix go test warning in manager_test.go
a4afe3af rust-agent: Replaces improper use of match for non-constant patterns
acaa806c agent: Only allow proc mount if it is procfs
ca501e54 osbuilder: specify default toolchain verion in rust-init.
03517327 action: Allow long lines if non-alphabetic
33513fb4 rustjail: make the mount error info much more clear
45b0b4ed agent/oci: Don't use deprecated Error::description() method
a34478ff runtime: Update cloud-hypervisor client pkg to version v0.10.0
ce675075 static-build/qemu-virtiofs: Refactor apply virtiofs patches
512b38cf packaging/qemu: Add common code to apply patches
edce2712 static-build/qemu-virtiofs: Fix to apply QEMU patches
86a864b8 packaging: Build from source if the clh release binary is missing
33585a8e runtime: Fix linter errors in release files
e3a0f9b3 ci: use export command to export envs instead of env config item
36ce7018 agent: update cgroups crate
3523167d runtime: Call s.newStore.Destroy if globalSandboxList.addSandbox
9e5a4b8b ci: use Travis cache to reduce build time
52984b67 docs: Update the reference path of kata-deploy in the packaging
eae21591 runtime: add podman configuration to data collection script
d1277848 how-to: add privileged_without_host_devices to containerd guide
98c4d11b docs: fix k8s containerd howto links
f107b12b docs: fix up developer guide for 2.0
9f2f5201 docs: Fix the kata-pkgsync tool's docs script path
96f8769a travis: enable RUST_BACKTRACE
cda7acf7 agent/rustjail: add more unit tests
98cc979a agent/rustjail: remove makedev function
b99fefad agent/rustjail: add unit tests for ms_move_rootfs and mask_path
d79fad2d agent/rustjail: implement functions to chroot
25c91afb agent/rustjail: add unit test for pivot_rootfs
7cf0fd95 agent/rustjail: implement functions to pivot_root
672da4d0 agent/rustjail: add unit test for mount_cgroups
ab61cf7f agent/rustjail: add unit test for init_rootfs
0a0714c9 agent/rustjail/mount: don't use unwrap
3dc9452b agent/rustjail: add tempfile crate as depedency
d756f52c rustjail: implement functions to mount and umount files
a02d1787 gitignore: ignore agent version.rs
b518ddea agent: fix agent panic running as init
1a77f69e runtime: make kata-check check for newer release
61181b9f packaging: use local version file for kata 2.0 in Makefile
e1c6aa27 docs: fix release process doc
1acfba4d packaging: fix release notes
1839dfd9 runtime: Clear the VCMock 1.x API Methods from 2.0
7225460a shimv2: add a comment in checkAndMount()
22ca2da6 packaging: Stop providing OBS packages
afa88c1b install: Add contacts to the distribution packages
3955cc89 install: Update information about Community Packages
218f77d7 install: Update SUSE information
2a0e76a8 install: Update openSUSE information
691f1364 install: Update RHEL information
270fc4b2 install: Update Fedora information
492b4e90 install: Update CentOS information
Signed-off-by: Eric Ernst <eric_ernst@apple.com>
- agent: add cgroup v2 support
- runtime: Don't use hard-coded crio config
- Generate version file with more information in it.
- ci: replace spaces by tabs as indent
- fix issues with short life time container/exec processes
- action: Add issue to project and move to "In progress" on linked PR
- virtiofsd: fix typo in test code
- agent: setup DNS for guest
- ci: run agent test under root user
- docs: update sandbox apis doc for kata 2.0-dev
- rustjail: fix the issue of invalid cgroup_parent path
- osbuilder: update usage of RUST_AGENT variable
- agent: add retry between doing CPU hotplug and make it online.
- kernel: update to the latest LTS kernel 5.4.60
- osbuilder: fix rootfs build on ppc64le
- kernel: Enabling PTP clock support in kernel
- rootfs-builder: fix unbootable dracut-based initramfs on Fedora
- [fwport-2.0] osbuilder/image-builder: disable reflink
- virtcontainers: Add unit test for utils/compare.go
- reimplement error handling: use anyhow
- docs: update yaml file link for prometheus deployment
- docs: Update the doc for minikube installing kata
- trivial: Fix spelling of "privilege"
- [port] image-builder: disable reflink
- runtime: qemu: reduce boot time and memory footprint
- snap for kata 2.0
- runtime: Fix typo in hotplugVFIODevice()
- drivers: Correct isPCIeDevice logic
- docs: Add documentation for VFIO-AP passthrough
- [fwport-2.0] qemu: update build dependencies to support QEMU 5
- kata-deploy: add ACRN runtime to Docker configuration
- runtime: Add support for VFIO-AP pass-through
- agent: update Cargo files authors
- packaging: adjustment for 2.0 branch
- Fix epthemeral mount issue
- clh: Disable the 'seccomp' option temporarily
- Subject: [PATCH] qemu: add annotations for iommu_platform for s390x v…
- Foward-port :virtiofs: Update virtiofs docs
- Forward-port kata deploy conf
- initrd: Increase Alpine Version to 3.12
- [forward port]: osbuilder: Update yq
- tools: Add Unix socket support to agentl-ctl
- agent: Add target optimize for Makefile
- server: Allow address to be specified
- rustjail: default permission of device node should be 666
- packaging: Add VFIO-AP fragment for s390x
- console: Fix crash if debug console disabled
- agent: support guest hooks
- virtcontainers: Add to utils unit tests
- sandbox: Disconnect from agent after VM shutdown
- runtime: Re-vendor GoVMM for hotplugging IBM Adjunct Processor (AP) devices over VFIO
- clh: Port cloud-hypervisor related changes from kata-runtime
- docs: remove outdated dependencies from agent docs
- [forward-port] packaging: s390x kernel config fragments
- action: Fix subsystem check
- osbuilder : ppc64le support for rust agent based rootfs/initrd image
- packaging: add usage instructions for -a (arch_target) option
- rustjail: add the "HOME" env for process
- rustjail: fix the issue of missing set propagation for bind mount
- agent: add unit tests for rustjail/process.rs
- ci: Update experimental kernel tag to enable CLH CI
- virtcontainers: fix outdated example code in api document
- agent: setup the "lo" interface run agent as init
- Fix commit-message-check and do some updates about github actions
- virtcontainers: cleanup codes, delete not used APIs
- Use github action to do Fixes/Length/Subsystem check for commit message
- docs: Remove installation of proxy
- virtcontainers: Add unit test for types/container.go
- shimv2: fix the issue of close IO stream
- docs: Update contributions section in limitations document kata 2.0
- Fix fd leakage in execute_hook
- Kata 2.0-dev port of #2867 (NoReboot Knob)
- qemu: remove multidev in fsdev parameter on arm64
- Makefile: add CLHCMD in arm64-options.mk
- runtime: change un-structured log to structured log
- virtcontainers: Add function to capabilities test
- virtcontainers: Expand unit test coverage for asset
615ffb93 agent: Generate version file with more adequate information in it.
f13ca94e agent: Fix setting of version
c823b4cd agent: Make build remove generated files on clean
357d7885 ci: replace spaces by tabs as indent
22876b2d agent: allow multiple wait on the same process
295f5100 runtime: Don't use hard-coded crio config
6487044f shimv2: trust cached status when deleting containers
325a4f86 shimv2: do not kill a stopped exec process
d7c77b69 runtime: write oom file to notify CRI-O tha OOM occurred
15065e44 agent: add cgroup v2 support
2ce97ec6 virtiofsd: fix typo in test code
b081f26a action: Add issue to project and move to "In progress" on linked PR
6520320f agent: setup DNS for guest
90e0dc88 ci: run agent test under root user
c133a456 rustjail: fix the issue of invalid cgroup_parent path
20a084ae docs: update sandbox apis doc for kata 2.0-dev
d86e7467 agent: add retry between doing CPU hotplug and make it online.
ebd3f316 osbuilder: fix rootfs build on ppc64le
2dfb8bc5 rootfs-builder: fix unbootable dracut-based initramfs on Fedora
2019f00e docs: update yaml file link for prometheus deployment
0be02a8f runtime: qemu: reduce boot time and memory footprint
8b07bc2c agent: fix unit tests - remove rustjail::errors
6c96d666 agent: update Cargo toml and lock
46d7b9b8 agent/rustjail: remove rustjail::errors
fbb79739 agent: Use anyhow for error handling
33759af5 agent: Add anyhow dependency
c192446a agent/rustjail: Use anyhow for error handling
2e3e2ce1 agent/rustjail/capabilities: Use anyhow for error handling
6a4c9b14 agent/rustjail/cgroups: Use anyhow for error handling
359286a8 agent/rustjail: Add anyhow dependency
dd60e56f trivial: Fix spelling of "privilege"
cb999375 runtime: Fix typo in hotplugVFIODevice()
0d198f93 virtcontainers: Add unit test for utils/compare.go
1de9bc0f snap: reimplement snapcraft.yaml to support kata 2.0
85642c32 snap: move snapcraft.yaml to the right place
92dfa463 drivers: Correct isPCIeDevice logic
b4748280 kernel: Remove arm patches for ptp
82efd2f2 kernel: Enabling PTP clock support in kernel
8666e01e qemu/default-configs: update default-config for QEMU 5
2d12da8e qemu: update default-configs
cf3ac9f7 docs: Add documentation for VFIO-AP passthrough
11e8a494 docs: update the docs for minikube installing kata
517dda02 kernel: update to the latest LTS kernel 5.4.60
ae98ea45 obs-packaging: fix wait for obs
f5b71d34 qemu: update build dependencies to support QEMU 5
fcd29a28 osbuilder/image-builder: disable reflink
dae6c7d9 osbuilder: update usage of RUST_AGENT variable
1236e224 runtime: Add support for VFIO-AP pass-through
65970d38 osbuilder: install-yq should not print on success
c624fa74 osbuilder: install musl for aarch64
b24f2cb9 gitignore: ignore vscode directory
cf1b72d6 osbuilder: install rust before sourcing cargo env
7b5ab586 packaging: fix kata-deploy yaml path
76c18aa3 osbuilder: fix alpine agent build
5216815d packaging: make build-kernel.sh work for 2.0
aa3fb4db packaging: make kata-deploy work for 2.0
86a6e0b3 packaging: fix build image scripts
ceebd06b release: add 2.0 release actions
dadab1fe osbuilder: build rust agent by default
1bd58259 packaging: tag releases on kata-containers repo
f56f68bf obs-packaging: adjust for building on kata-containers repo
60245a83 agent: update Cargo files authors
544219d9 mount: fix the issue of epthemeral storage handler
fd8f3ee9 mount: add much more error info using chain_err
10b1deb2 tools: Add Unix socket support to agentl-ctl
f5598a1b Subject: [PATCH] qemu: add annotations for iommu_platform
f879acd6 scripts: Foward port osbuilder scripts to update yq
7be95b15 tools: Simplify error handling in agent-ctl
5b0e6f37 kata-deploy: add ACRN runtime to Docker configuration
adf9ecc5 initrd: Increase Alpine Version to 3.12
32b86a8d agent: Add target optimize for Makefile
26506d83 virtiofs: Update virtiofs docs
bee17d1c kata-deploy: Add containerd configuration to support kata annotations.
219f93ff kata-deploy: Add default privileged_without_host_devices
4b62fc16 clh: Disable the 'seccomp' option temporarily
f7ff6d32 image-builder: disable reflink
0a9b8e0a rustjail: default permission of device node should be 666
81644003 server: Allow address to be specified
bb30759e agent: add guest hooks UT
095ebb8c agent: fix OCI hook handling
03a4d107 agent: support guest hooks
e7bfeb41 agent: construct container bundle in tmpfs location
2ee40027 packaging: Add VFIO-AP fragment for s390x
4c30b255 runtime: Re-vendor GoVMM for VFIO-AP support
282bff9f sandbox: Disconnect from agent after VM shutdown
9f1a3d15 kernel: add s390x fragment
f1350616 kernel: config CONFIG_GENERIC_MSI_IRQ_DOMAIN
b67325c3 kernel: add missing configs
454dd854 kernel: config CONFIG_ PARAVIRT
62b45064 kernel: config CONFIG_NO_HZ_FULL
6dca74ba kernel: moved acpi hotplug config
7c85decc kernel: config CONFIG_PCI_MSI_IRQ_DOMAIN
efe51b29 kernel: fragment for pmem
08d046d9 kernel: config CONFIG_HAVE_NET_DSA
7b49fa12 kernel: fragments not supported on s390x
ccfb73cb agent/agent-ctl: update Cargo.lock
fd13c93c virtcontainers: Add msg to existing utils unit tests
c3fc09b9 virtcontainers: Add to utils unit tests
96582556 docs: remove outdated dependencies from agent docs
d12f920b console: Fix crash if debug console disabled
572de288 sandbox: Remove unnecessary thread
d5fbba3b main: Remove commented out and redundant code
1b2fe4a5 agent: Refactor main function
bac79eee main: Display config in announce
e2952b53 main: Simplify version handling
cfa35a90 action: Fix subsystem check
39b53f44 clh: enable build using Podman
04b156f6 qemu-virtiofs: Update to qemu 5.0 + virtiofs + dax
3ec05a9f clh: Add support to unplug block devices
45e32e1b clh: Set 'Id' explicitly while hotplugging block device
895959d0 clh: Provide cpu topology to API
31594387 clh: opeanapi: update api for cloud hypervisor
89836cd3 versions: cloud-hypervisor 0.9.0
8d5a60ac versions: Update qemu-virtiofs to 5.0
76a64667 clh: Remove the use of deprecated '--memory file=' parameter
bfd78104 packaging: add usage instructions for -a (arch_target) option
ecaa1f9e clh: Enable versions and kernel tag to enable CLH CI for kata 2.0
64b06944 ppc64le: Support for rust agent based rootfs
2511cabb virtcontainers: fix outdated example code in api document
5c7f0016 rustjail: add the "HOME" env for process
58dfd503 rustjail: fix the issue of missing set propagation for bind mount
e79c5727 agent: setup the "lo" interface run agent as init
d0a45637 agent: add unit tests for rustjail/process.rs
2889af77 actions: Run subject-line-length check even if the previous checks failed
9f0fef5a actions: Add commit-body-missing check
d81af48a actions: Do not limit the length of single word in commit body
8c46a41b actions: Fix subsystem checking in github-action
2466ac73 actions: Fix 'Fixes checking' problem by update dependent action
e7d3ba12 virtcontainers: cleanup codes, delete not used APIs
998a6343 docs: Remove installation of proxy
c305911d actions: Use github action to do Fixes/Length/Subsystem check
bd78ccaf shimv2: fix the issue of close IO stream
06834931 agent: Fix fd leaks in execute_hook
b03cd1bf docs: Update contributions section in limitations document kata 2.0
c15ef219 qemu: Set govmmQemu NoReboot config Knob
57269262 qemu: Add test for qemuConfig Knobs
5010e3a3 vendor: update govmm
61d133f9 runtime: change un-structured log to structured log
f24ad25d virtcontainers: Add unit test for types/container.go
1637e9d3 qemu: remove multidev in qemu/fsdev parameter on arm64
b61c9ca2 Makefile: add CLHCMD in arm64-options.mk
e1a79e69 virtcontainers: Add function to capabilities test
d1d5c69b virtcontainers: Expand unit test coverage for asset
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
The new alpha release brings in following changes:
1f8e4f67 docs: Update travis and go report card url
db93a163 runtime: remove mock shim
e5910c9b sandbox: Stop and clean up containers that fail to create
1283febd ci: checkout TRAVIS_BRANCH
d7f75dce docs: remove shim/proxy topics and fix docs links
0b3cbee8 virtcontainers: Add additional unit tests for sandbox
c0720179 package: enable cloud-hypervisor for arm64
07a307b4 virtcontainers: Remove duplicate unit tests
d914f018 virtcontainers: Move unit tests for types/sandbox.go
33b1865e actions: Pin to a particular sha for actions
8564c99e actions: Add github actions to perform DCO check
c5081624 actions: Add action to perform WIP check for pull requests
7bbb9e81 rootfs-builder: Don't modify /sbin/init on the build host
3d467505 device: Ease device access for rootfs device to allow node creation
f554cdec virtcontainers: Add to bridges unit test
1d7d944f fc: refactor --daemonize option
7f3e8959 console-watcher: use console watcher to monitor guest console outputs
1099a288 kata 2.0: delete use_vsock option and proxy abstraction
73bf9329 cgroup: fix the issue of crashed when meet unsupported cgroup
ab7afae6 docs: Clarifying minimum version of containerd for annotations
5b15e9ef runtime: consolidate types definition
c6e4d092 agent: sandbox shared pid namespace support
afcf269c rustjail: fix the issue of missing join pid namespace
f3da6900 docs: add link to CRI Configuration for pods
4291eb17 runtime: add monitor_address to .gitignore
1c56abb7 runtime: virtcontainers: vhost-user-blk/scsi are block device nodes
bbf85170 runtime: add pprof interface for shim
0790ca49 runtime: add pod overhead metrics
ae83c96d Modifie to proper CPU architecture name for ppc64le.
f404f4d9 Modified Makefile to pick up correct architecture name for ppc64le.
cdbba6ac agent: Make LIBC configurable
2afbfcab virtcontainers: print a warning when the device to append is not supported
919fc4cd virtcontainer/cgroup: create cgroup manager after creating the network
a134c2e0 virtcontainers/network: Change signature of Enpoint Attach method
9a9721c2 drivers: change BindDevicetoVFIO signature
66219d16 device: support vfio cold plug
3eb694c5 device: add ColdPlug flag
3cf8b470 runtime: delete Stateful from SandboxConfig
069505e2 runtime: delete unused sub-commands.
a0a96db2 runtime: handle unimplemented RPC call by NotFound status code
bd8f03a5 runtime: remove agent abstraction
41c04648 runtime: fix wrong issue links
83b23665 config: there is no need to check vhost-vosck for FC
d96b3063 docs: add metrics design documents for Kata 2.0
b28b850a versions: Revert "versions: update QEMU to 5.0.0"
5ff53037 tools: fix branch and runime repo
24ea3f01 virtcontainers: GetOOMEvent should have no timeout
1b75daa0 runtime: add new command to collect metrics from Kata containers
5200ac06 runtime: remove old store
186fed2a runtime: add implementation of GetMetrics
0c4c69de agent: add GetMetrics implementation
9fd3e48c agent: add new pb message GetMetrics
9c501f3d agent: device: Allow "VmPath" to be used when adding block devices
15af20b6 versions: update QEMU to 5.0.0
a06d01e1 versions: specify rust version
7ae4376b clh: vsock: Use the updated VsockConfig
d8a333b9 versions: Move to cloud-hypervisor v0.8.0
9177d3a3 virtiofsd: Use cache=auto
d66f2192 cli: Fix kata-env output on Power
94fdec4e clh: Allow add virtiofs args and cache options from config
653df674 kata_agent: Add unit tests
6da49a04 clh: Clear the "PCIAddr" field while blk device hotplug
2d6c0731 kata_agent: Pass "VirtPath" with "PCIAddr" of blk devices to agent
56ae2099 kata_agent: Allow to use "VirtPath" as volume source for blk devices
bdd386ba qemu: Fix rtc parameter is not set to qemu
51a6d60a qemu: Remove PMU feature for Power (ppc64le) platform
3ece4130 runtime: clean up shim abstraction
3a17e7aa qemu: Remove pmu limitation in nested virtualization of amd/ppc64le
06571f03 build: Add "pmu=off" to default cpu_features option
115dfa19 annotations: add cpu_features
fa9d619e qemu: add cpu_features option
520295b9 network: Detect and add static ARP entries
117ce4ac clh: remove slow boot debug flags from kernel cmdline
70137962 clh: Remove vsock log port in kernel cmdline
fd5d1394 clh: Improve hypervisor logging
21f83348 clh: Set 'virtio-blk' as the default block device driver
8b5eed70 clh: Enable disk block device hotplug support
883af9c7 agent: set hostname when running as init
899b75f2 agent: fix the issue of missing found right shell
2a8650ba agent-ctl: add Cargo.lock
a8430b37 gitignore: ignore more files
be9ca0d5 qemu: Don't leak file descriptors in case of error
60606647 virtiofsd: Improve logging
7e250f29 shim: exit out of oom polling if unimplemented
9f8d1baa virtcontainers: tests fix, nit fix
d3b3e8be virtcontainers: x86: Support microvm machine type
19833936 virtcontainers: add support for getOOMEvent agent endpoint to sandbox
7c205be2 virtcontainers: add support for getOOMEvent agent endpoint to sandbox
380f07ec proto: update agent protocol
dbc1c30d versions: Remove golangci-lint and gometalinter entries
6e7dd435 qemu: arm64: Set defaultGICVersion to 3 to limit the max vCPU number
93d1f7b4 versions: Misc changes to descriptions
17b3021b qemu: arm64: Don't detect gic version by /proc/interrupts
4cda90ab dax: enable dax on arm64
7a440254 Makefile: add trace-forwarder/agent-ctl missing targets
61e011e8 vc: Version support check is ineffective in createSandbox
ebfbca03 osbuilder: use newest golang
0fd1eb59 Makefile: add default rule
3f8d4b68 trace-forwarder: add Cargo.lock
b68d4e45 shimv2: Removing function as no longer used
f570a2cd shimv2 : Remove workaround for sharedPidNs
b2cc403e build: Improve top-level Makefile
f2a19966 agent: Rename check rule to test
ea1d799f qemu: Only one element of qemuPaths map is relevant
5dffffd4 qemu: Remove useless table from qemuArchBase
97a02131 qemu: Detect and fail a bad machine type earlier
d6e7a58a qemu: Clarify test with bad machine type
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
- Fix potentianl crash
- sandbox: fix the issue of missing setting hostname
- unify the rustjail's log to contain container id and exec id
- Refactor the way of creating container process
ba3c732 grpc: fix the issue of potential crashes
32431d7 rpc: fix the issue of kill container process
986e666 sandbox: fix the issue of missing setting hostname
7d9bdf7 grpc: Fix the issue passing wrong exec_id to exec process
9220fb8 rustjail: unify the rustjail's log to contain container id and exec id
c1b6838 rustjail: refactoring the way of creating container process
e56b10f rustjail: remove the unused imported crates
ded27f4 oci: add Default and Clone to oci spec objects
7df8ede rustjail: replace protocol spec with oci spec
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
- actions: Add verbose information
- systemd-service: build rust-agent systemd services
- grpc: fix the issue of crash agent when didn't find the process
cd233c0 actions: Add verbose information
f0eaeac path-absolutize: version update
3136712 systemd-service: build rust-agent systemd services
289d617 grpc: fix the issue of crash agent when didn't find the process
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
- should ignore invalid a key-value pair as an env
- Revert: "Makefile: Fix rust agent build using "--release"."
- Makefile: Fix rust agent build using "--release".
- vsock: support log_vport and debug_console_vport
- Agent: Separate logging into a single crate
- agent: fix the issue of crash agent without spec
- fix the issue of missing restore process's cwd
- Running rust-agent on AArch64
- ci: Remove run_rust_test functions as not being used
- add oci compatibility test case
- agent: Add unit tests for sandbox.rs
- version: Add VERSION file
- ci: Add minimal makefile to use central go test script
- netlink: pull out netlink as library crate.
- Fixup workflow 103
40b5a56 agent: ignore invalid a key-value pair as an env
269daa9 Revert: "Makefile: Fix rust agent build using "--release"."
a3e46a3 Makefile: Fix rust agent build using "--release".
3c1252e vsock: support log_vport and debug_console_vport
c373f84 agent: separate logging into a single crate
2be8661 agent: fix the issue of missing restore process's cwd
6c7453d agent: fix the issue of crash agent without spec
4edf537 ci: Remove run_rust_test functions as not being used
d222533 agent: add oci compatibility test case
7dfc4e0 linker: `no such file` linking error on AArch64
44b2caa AArch64: missing symbols on target `aarch64-unknown-linux-musl`
9621a7f ABI: only support arm 64-bit platform
8d60612 version: Add VERSION file
a5192a1 netlink: pull out netlink as library crate.
3881c06 ci: Add minimal makefile to use central go test script
1c57665 workflows: make sure we build the experimental kernel, CLH
cbd5fa0 workflows: fix step output usage
92301a6 agent: Add unit tests for sandbox.rs
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Needed by some CI scripts, like release or to verify stable
branches state.
Fixes: #114
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Fabiano Fidêncio
Peng Tao
Eric Ernst
Salvador Fuentes
Archana Shinde
Jose Carlos Venegas Munoz