ppc64le & s390x have no (well supported) musl target for Rust,
therefore, the agent must use glibc and cannot use Alpine. Specify
Ubuntu as the distribution to be used for initrd.
Fixes: #3212
Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
The latest release of openapi-generator v5.3.0 contains the fix for
`dropping err` bug [1]. This patch also re-generated the client code of
Cloud Hypervisor to have the bug fixed.
[1] https://github.com/OpenAPITools/openapi-generator/pull/10275Fixes: #3201
Signed-off-by: Bo Chen <chen.bo@intel.com>
With the new rust image pull service skopeo we can parameterise whether to build
and install skopeo and turn it off by default if we don't need
signature verification support
Fixes: #3170
Signed-off-by: stevenhorsman <steven@uk.ibm.com>
With the new rust image pull service skopeo we can parameterise whether to build
and install skopeo and turn it off by default if we don't need
signature verification support
Fixes: #3170
Signed-off-by: stevenhorsman <steven@uk.ibm.com>
The initrd build process now supports facultatively installing Skopeo
while still installing Umoci. Mirror this change in the respective
kata-deploy process.
Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
vhost-net is disabled in the rootless kata runtime feature, which has been abandoned since kata 2.0.
I reused the rootless flag for nonroot hypervisor and would like to enable vhost-net.
Fixes#3182
Signed-off-by: Feng Wang <feng.wang@databricks.com>
Highlights from the Cloud Hypervisor release v20.0: 1) Multiple PCI
segments support (now support up to 496 PCI devices); 2) CPU pinning; 3)
Improved VFIO support; 4) Safer code; 5) Extended documentation; 6) Bug
fixes.
Details can be found: https://github.com/cloud-hypervisor/cloud-hypervisor/releases/tag/v20.0Fixes: #3178
Signed-off-by: Bo Chen <chen.bo@intel.com>
This PR removes the information about docker swarm and docker compose
as currently for kata 2.0 we have not support for docker swarm and docker
compose and the links and references that the document is referring are
currently not part of kata 1.0
Fixes#3174
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
Integrate EAA KBC into ubuntu rootfs image.
Fix build failure if build with AA_KBC=eaa_kbc option.
Fixes: #3167
Signed-off-by: zhouliang121 <liang.a.zhou@linux.alibaba.com>
The CI runner fails to clone the git crates as it probably is confused
about its CARGO_HOME value. That prevents vendoring to succeed as the
runner has nothing to copy over to the vendoring code.
We fix that by temporarily setting CARGO_HOME to tmpfs, only for the
vendoring step. It's hackish.
Signed-off-by: Samuel Ortiz <s.ortiz@apple.com>
We use tonic to build GRPC client to talk with attestation agent,
and tonic require newer version of rust.
Signed-off-by: Samuel Ortiz <s.ortiz@apple.com>
':' will have special meaning for umoci during upack, then we
do not use it as part of the image store path
Signed-off-by: Arron Wang <arron.wang@intel.com>
In function `update_target`, if the updated source is a directory,
we should create the corresponding directory.
Fixes: #3140
Signed-off-by: bin <bin@hyper.sh>
This PR updates the comments in the configuration.toml to point to
the current kata containers repository instead of the kata 1.x.
Fixes#3163
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
For the initrd build, add makeopts for $SKOPEO_UMOCI and $AA_KBC. Use
the $INCLUDE_ROOTFS variable to specify a directory of files that should
be recursively merged into the guest.
Fixes: #3126
Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
