When shimv2 was killed by accident, containerd would try to
launch a new shimv2 binarry to cleanup the container. In order
to avoid race condition, the cleanup should be done serialized
in a sandbox. Thus adding a new api to do this by locking the
sandbox.
Fixes:#1832
Signed-off-by: lifupan <lifupan@gmail.com>
`virtcontainers.ensureDestinationExists` will create the bind
destination directory/file, which should be removed properly when
unmounting.
Fixes: #1974
Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>
If an exec is failed(such as executable file not found in $PATH), the
`execs.id` will be empty. This leads to all the container processes
being killed when calling `Kill` on such exec id.
Fixes: #2001
Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>
Update kata-check to print by default only relevant information about
the ability to run / create Kata Containers, and omit the list of checks
performed. Checks can still be printed using the --verbose flag.
Fixes: #1944
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
When create container failed, it should delete the container
config from sandbox, otherwise, the following new creating container
would get a wrong resources caculating which would contain the previous
failed container resources such as memory and cpu.
Fixes: #1997
Signed-off-by: lifupan <lifupan@gmail.com>
The following storeSandbox() will store the sandbox config
data, thus there is no need to store it specifically before
run storeSandbox().
Signed-off-by: lifupan <lifupan@gmail.com>
strErr is qemu log message, should add err in error message, or if fail
before launch qemu, can not get corrent message.
Fixes: #1991
Signed-off-by: Ace-Tang <aceapril@126.com>
Since firecracker hasn't support console watching by now, so skip
watching console if the consoleURL is empty.
Fixes: #1970
Signed-off-by: lifupan <lifupan@gmail.com>
so that for qemu, we can save and export virtiofsd pid,
and put it to the same cgroup as the qemu process.
Fixes: #1972
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Update qemu version to bring the latest fixes and improvements:
* migration: allow private destination ram with x-ignore-shared
* hw/i386: Fix linker error when ISAPC is disabled
* hw/i386: turn off vmport if CONFIG_VMPORT is disabled
Depends-on: github.com/kata-containers/packaging#680
fixes#1978
Signed-off-by: Julio Montes <julio.montes@intel.com>
detail commit change
$ git log --no-merges --abbrev-commit --pretty=oneline "5017d4e9a9cf2d4381db99eacd9baf84b95bfb14..c4b9ac5c7601384c965b9646fc515884e091ebb9" | sed 's/^/ /g'
f627015 avoid adding io_serviced and io_service_bytes duplicately
13a3ac4 fixed an issue with invalid soft memory limits
215221e Add makefile for go and protos
0ecd2b6 cgroups: fix MoveTo function fail problem
38dc3ac Correct forked Travis builds
a9a304a Add Go 1.12 to Travis
51dcf5f Fix cgroup hugetlb size prefix for kB
1741ae0 add network stats
453efe3 Return ErrCgroupDeleted when no subsystems
4a9f0f7 Add SkipOpts for handling how subsystems are registered
4dacf2b Check for non-active/supported cgroups
2fd912c Add tests for pids
afd5981 Gofmt cgroup_test
f48bd85 Fixs return error message
64bade4 Take value instead of pointer value
b49c471 Correct ineffassign warning
6b552a8 Fix net_prio typo
a31a0ff Add functionality for retrieving all tasks of a cgroup
7d825b2 Add test for cgroups load when missing hierarchy in one subsystem
f6cbfb4 Change Load function in order to be more lenient on subsystems' checking
ab9ec0e Add go-systemd dep for CI testing
9a09e58 Fix gofmt of systemd.go
e13f6cc Add GoReportCard badge to README
d124595 Add Go 1.11 to Travis
d961ab9 Correct typo
e4cf832 Add project references and use common project travis
9de57ff Add godoc badge to README.md
Signed-off-by: Ace-Tang <aceapril@126.com>
Memory preallocation is just a property that hugepage, file backed
memory and memory-backend-ram can each choose to configure.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
When guest panics or stops with unexpected internal
error, qemu process might still be running but we can
find out such situation with qmp. Then monitor can still
report such failures to watchers.
Fixes: #1963
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
164bd8c test/fmt: drop extra newlines
73555a4 qmp: add query-status API
234e0ed qemu: fix memory prealloc handling
30bfcaa qemu: add debug logfile
dep now checks for dependency recersively.
runtime-spec and gogo protobuf are also updated as being required by kata agent.
Solving failure: No versions of github.com/kata-containers/agent met constraints:
94e2a254a94a77c02280f4f84d7f82269be163ce: Could not introduce github.com/kata-containers/agent@94e2a254a94a77c02280f4f84d7f82269be163ce, as it has a dependency on github.com/opencontainers/runtime-spec with constraint a1b50f621a48ad13f8f696a162f684a241307db0, which has no overlap with existing constraint 5806c35637336642129d03657419829569abc5aa from (root)
Solving failure: No versions of github.com/kata-containers/agent met constraints:
94e2a254a94a77c02280f4f84d7f82269be163ce: Could not introduce github.com/kata-containers/agent@94e2a254a94a77c02280f4f84d7f82269be163ce, as it has a dependency on github.com/gogo/protobuf with constraint 4cbf7e384e768b4e01799441fdf2a706a5635ae7, which has no overlap with existing constraint 342cbe0a04158f6dcb03ca0079991a51a4248c02 from (root)
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
We don't really need to unplug it from guest because we have
already stopped it. Just detach it and clean it up.
Fixes: #1968
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
This reverts commit 794e08e243.
It breaks vfio device passthru as we need to bind the device
back to host when removing the endpoint. And that is not possible
when qemu is still running (thus holding reference to the device).
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
If guest is malfunctioning, we need a way to bail out. Add
a default timeout for most of the grpc requests so that the
runtime does not wait indefinitely.
Fixes: #1952
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
We might need to call hypervisor hotunplug to really remove
a network device. We cannot do it after stopping the VM.
Fixes: #1956
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
