Fix version comparison bug whereby the specified operator was being
applied to the wrong version number.
The version handling for distro and kernel versions was incorrect. This
was not clear as the internal logic was rather difficult to understand.
Renaming `constraintInvalid()` to `constraintValid()` and updating
`NotValid()` correspondingly makes the logic clearer and exposed the
bug, allowing it to be fixed.
Added two new tests to ensure correct behaviour:
- `TestConstraintNotValidKernelVersion()`
- `TestConstraintNotValidDistroVersion()`
Fixes#1653.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Previously, the comment on `NeedDistroVersionEquals()` erroneously
referred to `NeedDistroVersionLT()`.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
`TestConstraint.NotValid()` is really designed to be called once per
test. However, there is no reason it should not be possible to call
multiple times. But to allow for that secenario, any settings
from a previous `NotValid()` call need to be cleared.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Setup rootfs to be RO both from the VMM point of view and the
VM point of view.
Fixes: #1632
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
It's useful to know whether virtio-9p or virtio-fs is being used. Add
the status to the kata-env output.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Several cache modes are supported by virtio-fs. They affect the
performance and consistency characteristics of the file system.
For the time being cache="none" is recommended, but the other modes can
be experimented with.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Add VirtioFSCacheSize aka virtio_fs_cache_size option
to set the size (in MiB) of the DAX cache.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Firecracker does not support pci. It also uses kbd to implement reboot/reset.
Fix the kernel boot params to address this.
It also does not have good entropy at startup. Use the hardware random
number generator to support entropy.
Fixes: #1620
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
Kata support specifing the default VM configuration via
configuration.toml. This allows the system or cluster admin
to choose the default (i.e minimum) size of the VM.
Add support in kata to respect the VM configuration for firecracker.
Also refactor some code to make error handling uniform.
Fixes: #1594
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
Add support for v0.15.x. Change the drive naming scheme to match
the requirement of v0.15.x
Fixes: #1598
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
Enhance the `katatestutils` package to provide the ability to skip
tests based on either user or distro the tests are running on.
Fixes#1586.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add a config option to select between virtio-9p and virtiofs. This
option currently has no effect and will be used in a later patch.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Shortlog:
b3e7a9e Merge pull request #91 from stefanha/virtio-fs-cache-size-mb
058cda0 qemu: use MiB instead of Gib for virtio-fs cache size
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The virtcontainers `Makefile` was referencing an old script to handle
static checks. Although these are still run if `make` is invoked at the
top-level, correct the error.
Fixes#1609.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
sockets * cores * threads should be equal to maxcpus otherwise a
warning is thrown: 'warning: Invalid CPU topology deprecated:
sockets * cores * threads != maxcpus'
This warning in the future will be an error and won't be possible to run
kata containers.
fixes#1605
Signed-off-by: Julio Montes <julio.montes@intel.com>
kata-runtime list command should list all valid container, not fail
when some containers information uncorrent, like rootfs not found.
Fixes: #1592
Signed-off-by: Ace-Tang <aceapril@126.com>
in wait function, should send msg to exit channel after task status has
updated, since shim.Wait() is running in another goroutine, when it
receive msg from exit channel, it will stop waiting and return, then
someone who hold this Wait() get return, it can delete task, if exit msg
is send first, the container status may still be running.
Fixes: #1600
Signed-off-by: Ace-Tang <aceapril@126.com>
The proxy is in charge to print the agent logs, but when `use_vsocks` is true
the runtime doesn't start the proxy, because it's not needed, hence the agent
logs are ignored. To mitigate this limitation and to make the debugging
processes easier, the fist shim started (the one who monitors the sandbox)
will read the console.sock and print the agent logs.
Depends-on: github.com/kata-containers/shim#172
fixes#1596
Signed-off-by: Julio Montes <julio.montes@intel.com>
Add configuration options to support the various Kata agent tracing
modes and types. See the comments in the built configuration files for
details:
- `cli/config/configuration-fc.toml`
- `cli/config/configuration-qemu.toml`
Fixes#1369.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Updated the agent vendoring for `StartTracing` and `StopTracing`. This
only changed a single file - the auto-generated gRPC protocol
buffer file.
This change resolves four vendoring issues:
- The github.com/kubernetes-incubator/cri-o project was renamed to
github.com/cri-o/cri-o. Although github redirects, `dep` complains that
it cannot find the old `github.com/kubernetes-incubator/cri-o` files
under `vendor/` so remove the old config, relying on the existing (and
in other respects identical) `dep` config.
- There was a stale dependency on `github.com/clearcontainers/proxy`
which should have been removed when the Clear Containers code was
excised.
- The latest version of the agent code vendored into the runtime prior
to this commit was a merge commit (commit
`48dd1c031530fce9bf16b0f6a7305979cedd8fc9`). This somehow confused `dep`
which did *not* correctly pull in the latest version of the
auto-generated gRPC code
(`vendor/github.com/kata-containers/agent/protocols/grpc/agent.pb.go`).
This is clear because commit `48dd1c031530fce9bf16b0f6a7305979cedd8fc9`
is newer than the agent commit that introduced the `StartTracing` and
`StopTracing` APIs (`00cf907afcb7c8e56f077cf45ae3615f612fdc9d`).
Resolving the other two issues above seems to have resolved this issue
as the correct version of this file has now been included in the
vendoring, however note there is no change to the `dep` files as this
version of `agent.pb.go` should already have been included (!)
- Updating `agent.pb.go` also removed the `AddInterface` and
`RemoveInterface` API calls which should again also have been removed
already.
Updated tests to remove these redundant calls.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Previously, the agent behaviour was controlled entirely using the
`kernel_params=` config option. This mechanism suffers from a subtle
problem - the runtime is not aware of how the agent will behave.
From now on, all significant agent options will be controlled from the
agent section in the configuration file. This allows the runtime to be
more aware of -- and in control of -- such agent settings. It would also
allow the underlying kernel CLI options to be modified in the future if
required.
This PR adds the only useful agent option as an explicit option by
adding an `enable_debug=true` option to the Kata agent section in
`configuration.toml`. This allows controlling agent debug to be handled
in the same manner as the other debug options.
This change is somewhat foundational: it permits the agent to be handled
consistently with other config file sections which is useful, but
arguably not essential (the old way worked). However, the new way of
handling agent options will be essential when introducing agent tracing
control as the runtime must be aware of the agent trace mode to allow
the runtime to modify its behaviour accordingly.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Replace the two versions of `makeRuntimeConfigFileData()` with a single
`MakeRuntimeConfigFileData()` in a new `katatestutils` package and a new
`katautils.GetDefaultHypervisorConfig()` to query the default hypervisor
details.
This isn't ideal but a new package had to be created to avoid circular
dependencies. It was also required since test code cannot be exported
from a package.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Removed the unused `KataShimConfig` type and updated an error message
that incorrectly mentioned it.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Make `newAgentConfig()` return an explicit error rather than handling
the error scenario by simply returning the `error` object in the
`interface{}` return type. The old behaviour was confusing and
inconsistent with the other functions creating a new config type (shim,
proxy, etc).
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
This reverts commit 196661bc0d.
Reverting because cri-o with devicemapper started
to fail after this commit was merged.
Fixes: #1574.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
