Commit Graph

5350 Commits

Author SHA1 Message Date
Gabriela Cervantes
4357e851bf doc: Fix invalid URLs
Now that we have been moved the CI to ubuntu 18.04, we need to update the
README.

Fixes #1300

Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
2019-02-28 01:41:18 -06:00
Julio Montes
1e1a735796 constraints: add cpu cgroups documentation
Explain cpu cgroups are implemented in kata containers

fixes #386

Signed-off-by: Julio Montes <julio.montes@intel.com>
2019-02-27 11:57:17 -06:00
Graham Whaley
975157d75b versions.yaml: add uscan annotations
Adds uscan key/values for all items with a Version field that are pulled
from a repo with version info (such as github) so we can perform
automated upstream version update checks.

Fixes: #1250

Signed-off-by: Graham Whaley <graham.whaley@intel.com>
2019-02-26 16:41:09 +00:00
Jose Carlos Venegas Munoz
873ac754d4
Merge pull request #348 from jcvenegas/run-all-ci
ci: Run all CI test.
2019-02-25 22:21:16 -06:00
Jose Carlos Venegas Munoz
dca8748fa0
Merge pull request #363 from egernst/issue-362
update kata-deploy readme's ToC
2019-02-25 19:19:56 -06:00
Eric Ernst
2f70232cae kata-deploy: update README's ToC
The kata-deploy README's table of contents was out of date

Fixes: #362

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
2019-02-25 15:26:07 -08:00
Julio Montes
60e058942d
Merge pull request #342 from tuan-hoang1/s390x-snap
snap: add support for s390x
2019-02-25 15:06:02 -06:00
Julio Montes
4448646cee
Merge pull request #359 from nitkon/master
kernel: Add 4.19.10 config for powerpc
2019-02-25 12:33:00 -06:00
Tuan Hoang
035ba0808b snap: add support for s390x
This allows running packaging CI scripts on s390x to create snap image.

Fixes #341

Signed-off-by: Tuan Hoang <tmhoang@linux.vnet.ibm.com>
2019-02-25 18:40:43 +01:00
Jose Carlos Venegas Munoz
618aeba540 ci: Run all CI test.
run all CI test to increase testing coverage on kernel config changes.

Fixes: #346

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
2019-02-25 08:56:51 -06:00
Nitesh Konkar
1c5ba65912 kernel: Add 4.19.10 config for powerpc
We want to make sure Kata runs on latest stable kernels so that it
benefits from the latest features.

Fixes: #358

Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
2019-02-25 19:46:00 +05:30
Graham Whaley
e8a8e0db79
Merge pull request #1111 from sboeuf/bump_kernel
versions: Bump to kernel 4.19.24
2019-02-22 17:32:35 +00:00
Ruidong Cao
36141d27fc Network: add ipvlan unmarshal
We have 7 types of endpoints, but forget ipvlan in unmarshal funciton.
So add it and refactor for cyclomatic complexity reason.

Fixes #1254

Signed-off-by: Ruidong Cao <caoruidong@huawei.com>
2019-02-23 01:25:26 +08:00
Jose Carlos Venegas Munoz
a8e458aae2
Merge pull request #356 from devimc/topic/fixSnap
snap: use sudo to configure and start docker
2019-02-22 11:02:01 -06:00
Julio Montes
31ec69ecd2 snap: add user into docker group
add user into docker group wo allow it run containers

Signed-off-by: Julio Montes <julio.montes@intel.com>
2019-02-22 10:23:32 -06:00
Julio Montes
f31829d016 snap: unsmask docker
in some systems docker service is masked, to build the
rootfs image we need to unmask it

Signed-off-by: Julio Montes <julio.montes@intel.com>
2019-02-22 10:22:08 -06:00
Julio Montes
41f4ebc1cb snap: use sudo to configure and start docker
configure and start docker using sudo

fixes #355

Signed-off-by: Julio Montes <julio.montes@intel.com>
2019-02-22 09:46:00 -06:00
Julio Montes
d8d78bb383
Merge pull request #351 from devimc/topic/removeSnapBuild
snap: remove snap-build scripts
2019-02-22 07:16:06 -06:00
Julio Montes
16bd983387
Merge pull request #1264 from Ace-Tang/master
cgroups: fix failed to remove sandbox cgroup
2019-02-21 13:46:06 -06:00
James O. D. Hunt
b96ca2237f
Merge pull request #1260 from stefanha/fix-vhost-user-blk-detach
devices: fix attach count for vhost-user-blk
2019-02-21 16:57:11 +00:00
Julio Montes
8a055c44f8 snap: remove snap-build scripts
snap-build scripts were used to cross-build snap images in local environments.
Currently we are using launchpad to build and release the snaps, hence those
old scripts are no more needed.

fixes #350

Signed-off-by: Julio Montes <julio.montes@intel.com>
2019-02-21 10:51:50 -06:00
Graham Whaley
62d347a426
Merge pull request #338 from Pennyzct/v4.19
config: add kernel config v4.19.23 for arm64
2019-02-21 16:12:31 +00:00
Julio Montes
3fa6a83d4d
Merge pull request #384 from liubin/master
docs: fix broken links in architecture.md
2019-02-21 08:22:27 -06:00
Ace-Tang
454775fb97 cgroups: fix failed to remove sandbox cgroup
sandbox cgroup use V1NoConstraints, this only create memory subsystem,
but when delete, load parent cgroup always use `cgroups.V1`, so other
subsystem path can not be find, sandbox cgroup can not be deleted.

Fixes: #1263

Signed-off-by: Ace-Tang <aceapril@126.com>
2019-02-21 17:34:34 +08:00
bin liu
0a643e9a56 docs: fix broken links in architecture.md
Two links to `how-to` file is broken.

Fixes: #383

Signed-off-by: bin liu <liubin0329@gmail.com>
2019-02-21 15:15:01 +08:00
Peng Tao
1d79338a1a
Merge pull request #1247 from nitkon/leakyPods
qemu: Cleanup Vm paths irrespective of Sandbox stop pass/fail
2019-02-21 11:56:57 +08:00
Penny Zheng
af2a3ff76e config: add kernel config v4.19.23 for arm64
we add the rough kernel config v4.19.23 for arm64, here we let
'make oldconfig'(setting default) to do the transformation from
v4.14.X to v4.19.X.

Fixes: #337

Signed-off-by: Penny Zheng <penny.zheng@arm.com>
2019-02-21 09:59:15 +08:00
Sebastien Boeuf
768658f61b versions: Update kernel version to 4.19.24
We need to bump the kernel version from 4.14.67 to 4.19.24 in order
to follow the recent kernel config bump.

Fixes #618
Fixes #1029

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2019-02-20 14:44:41 -08:00
GabyCT
60f7c4f401
Merge pull request #1189 from devimc/topic/fixCpuCgroup
virtcontainers: reimplement sandbox cgroup
2019-02-20 10:18:56 -06:00
Stefan Hajnoczi
46e2f885af devices: fix attach count for vhost-user-blk
Commit affd6e3216 ("devices: add reference
count for devices.") introduced an attach count for devices.  The
vhost-user-blk device increments the counter instead of decrementing it
when detaching.

Fixes: #1259
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2019-02-20 14:58:45 +00:00
Nitesh Konkar
6daefdb177 qemu: Cleanup Vm paths irrespective of Sandbox stop pass/fail
Sometimes qemu/qmp commands error out and VM files
get left behind on the host filesystem. Clen them up
irrespective of `stopSandbox` succeeds or fails.

Fixes: #1246

Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
2019-02-20 16:02:48 +05:30
Julio Montes
58d278560e virtcontainers: don't try to talk with the proxy when it's not running
To avoid long timeouts, the runtime shouldn't try to talk with the proxy
when it's not running.

Signed-off-by: Julio Montes <julio.montes@intel.com>
2019-02-19 13:13:45 -06:00
Julio Montes
62c393c119 virtcontainers: change container's state to stop asap
container is killed by force, container's state MUST change its state to stop
immediately to avoid leaving it in a bad state.

fixes #1088

Signed-off-by: Julio Montes <julio.montes@intel.com>
2019-02-19 13:13:44 -06:00
Julio Montes
5201860bb0 virtcontainers: reimplement sandbox cgroup
All containers run in different cgroups even the sandbox, with this new
implementation the sandbox cpu cgroup wil be equal to the sum of all its
containers and the hypervisor process will be placed there impacting to the
containers running in the sandbox (VM). The default number of vcpus is
used when the sandbox has no constraints. For example, if default_vcpus
is 2, then quota will be 200000 and period 100000.

**c-ray test**
http://www.futuretech.blinkenlights.nl/c-ray.html

```
+=============================================+
|         | 6 threads 6cpus | 1 thread 1 cpu  |
+=============================================+
| current |   40 seconds    |   122 seconds   |
+==============================================
|   new   |   37 seconds    |   124 seconds   |
+==============================================
```

current = current cgroups implementation
new = new cgroups implementation

**workload**

```yaml
apiVersion: v1
kind: Pod
metadata:
  name: c-ray
  annotations:
    io.kubernetes.cri.untrusted-workload: "true"
spec:
  restartPolicy: Never
  containers:
  - name: c-ray-1
    image: docker.io/devimc/c-ray:latest
    imagePullPolicy: IfNotPresent
    args: ["-t", "6", "-s", "1600x1200", "-r", "8", "-i",
          "/c-ray-1.1/sphfract", "-o", "/tmp/output.ppm"]
    resources:
      limits:
        cpu: 6
  - name: c-ray-2
    image: docker.io/devimc/c-ray:latest
    imagePullPolicy: IfNotPresent
    args: ["-t", "1", "-s", "1600x1200", "-r", "8", "-i",
          "/c-ray-1.1/sphfract", "-o", "/tmp/output.ppm"]
    resources:
      limits:
        cpu: 1
```

fixes #1153

Signed-off-by: Julio Montes <julio.montes@intel.com>
2019-02-19 13:13:44 -06:00
Julio Montes
9758cdba7c virtcontainers: move cpu cgroup implementation
cpu cgroups are container's specific hence all containers even the sandbox
should be able o create, delete and update their cgroups. The cgroup crated
matches with the cgroup path passed by the containers manager.

fixes #1117
fixes #1118
fixes #1021

Signed-off-by: Julio Montes <julio.montes@intel.com>
2019-02-19 13:13:44 -06:00
Sebastien Boeuf
9294979854
Merge pull request #334 from ganeshmaharaj/crio-conf-fix
kata-deploy: Check crio conf before update
2019-02-19 10:04:45 -08:00
Peng Tao
22cee2d0cd
Merge pull request #1220 from jcvenegas/delete-force-not-fail-non-container
delete: force: Do not fail on non exiting container
2019-02-19 12:23:51 +08:00
Jose Carlos Venegas Munoz
c78d6b057e delete: force: Do not fail on non exiting container
When a container does not exist, runc does not fail.  Lets mimic this
behavior, sometimes kuberentes will try to force delete containers that
could not be created and gets confused if delete --force fails.

Fixes: #1219

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
2019-02-18 11:39:25 -06:00
Ganesh Maharaj Mahalingam
059b48bfa2 kata-deploy: Check crio conf before update
kata-deploy inserts 'manage_network_ns_lifecycle' into crio.conf without any
prior checks and if there is a previous entry in the file, this becomes a
duplicate causing crio service restart issues. This patch addresses that
particular scenario.

Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
2019-02-18 09:33:16 -08:00
Li Wei
731ff7b13f
Merge pull request #1242 from teawater/golock
vendor: add missing comma to Gopkg.lock
2019-02-18 20:57:47 +08:00
James O. D. Hunt
ceae7b48e0 docs: Pin docker to version 18.06
Docker 18.09 removed devicemapper support but did not provide an
alternative. This can cause problems for users so update the install
docs to install Docker at version 18.06 (the last version that supports
devicemapper).

This is a temporary solution until either docker provide an alternative
or we find a way to work around the Docker feature being removed.

Note the extra logic required for Fedora since 18.06 is not available
for that release.

Fixes #373.

Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
2019-02-18 08:55:41 +00:00
James O. D. Hunt
4c71475122
Merge pull request #372 from marcov/zun-kata-install
zun: update kata install instructions
2019-02-18 08:48:19 +00:00
James O. D. Hunt
f38c67da0c arch: Remove calls to arch command
The `arch(1)` command is not available on some systems so use the
`uname(1)` command for the equivalent functionality.

Fixes #150.

Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
2019-02-18 08:36:22 +00:00
Hui Zhu
a136999258 vendor: Add missing comma to Gopkg.lock and dep ensure
$ dep ensure
error while parsing /home/teawater/gopath/src/github.com/kata-containers/runtime/Gopkg.lock: Unable to parse the lock as TOML: (697, 6): missing comma

Add missing comma to Gopkg.lock and dep ensure to handle the issue.

Fixes: #1241

Signed-off-by: Hui Zhu <teawater@hyper.sh>
2019-02-16 22:55:39 +08:00
Graham Whaley
816ea42840
Merge pull request #1202 from Pennyzct/unit-test
Unit test: fix bugs on a few unit tests on aarch64
2019-02-15 10:26:03 +00:00
Graham Whaley
7f2b2da7f7
Merge pull request #1239 from chavafg/topic/update-k8s
versions: update k8s, cri-o and containerd
2019-02-15 09:56:03 +00:00
Salvador Fuentes
409a8a5fbb versions: update k8s, cri-o and containerd
Update:
- k8s to version 1.13.3
- cri-o to version 1.13.0
- containerd to version 1.2.4, which
  according to its release notes, uses
  cri plugin version da0c016c830b2ea97fd1d737c49a568a816bf964

Fixes: #1238.

Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
2019-02-14 16:09:12 -06:00
Julio Montes
2b382fdfec
Merge pull request #209 from jcvenegas/release-process-md
docs: Document release process - tools.
2019-02-14 09:28:41 -06:00
Julio Montes
268ddc595f
Merge pull request #1237 from chavafg/topic/update-qemu-lite-hash
versions: Update qemu-lite hash
2019-02-14 08:17:06 -06:00
Penny Zheng
23c554ee96 unit-test: refine func TestGetCPUDetails
refine struct testData in func TestGetCPUDetails to remove redundant
/unused struct field expectedVendor and expectedModel

Fixes: #1200

Signed-off-by: Penny Zheng <penny.zheng@arm.com>
2019-02-14 15:14:27 +08:00