Set as default AGENT_INIT=no when not explicitly set, to make it
consistent with the other scripts in osbuilder
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
- image-builder: share the mkfs configuration file
- rootfs-builder: add rootfs.sh DOCKER_RUNTIME env var
- rootfs-builder: SELinux relabel container volumes
- image-builder: add fs type
- image-builder: re-implement image builder script
- builder: Pass the DEBUG flag when using docker
- Add chrony to image
- Print attempt number after max check
88b8523 image-builder: share the mkfs configuration file
77fb808 image-builder: check format_loop return code
8debe95 image-builder: add fs type
c72c954 rootfs-builder: add rootfs.sh DOCKER_RUNTIME env var
c1d9510 rootfs-builder: SELinux relabel container volumes
d8cdd88 image-builder: re-implement image builder script
f32ae14 tests: remove DAX env variable
f355c02 tests: enable DEBUG
6c7f307 image-builder: add xfsprogs to Dockerfile
ad6e1a9 scripts: implement error function
0d2ba47 builder: Pass the DEBUG flag when using docker
e16ff37 chrony: Comment out any NTP sources for chrony
3df19ff chrony: Add virtual PTP as source for chrony
ad5d879 rootfs: Print attempt number after max check
8fe6405 rootfs: Include chrony in the Dockerfile images
0b33519 rootfs: add PACKAGE var to debian config
510ddd2 rootfs: Add chrony service to rootfs
Signed-off-by: katacontainers bot <katacontainersbot@katacontainers.io>
Share with the container the mkfs configuration file to use only the
filesystem features supported in the host.
fixes#270
Signed-off-by: Julio Montes <julio.montes@intel.com>
On some systems the "runc" runtime isn't available or has a different
name. Allow the user to override the Docker runtime.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Fixes: #268
rootfs.sh fails on machines with SELinux in enforcing mode if the
volumes aren't labelled.
This patch labels volumes so the container is able to access them.
In order to do this rootfs directory creation must be moved before the
Docker container is started. Previously docker-run(1) would create the
rootfs directory in the USE_DOCKER case.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Fixes: #266
Re-implement image builder script to generate an image with a double MBR +
a DAX metadata. The DAX metadata is read by the NVDIMM driver to know the
beginning of the data in the pmem device.
This new image format is required to enable DAX in the kernels and hypervisors
that support NVDIMM, without breaking the compatibility with the kernels and
hypervisors that don't support it.
Following diagram shows how the resulting image will look like
```
.-----------.----------.---------------.-----------.
| 0 - 512 B | 4 - 8 Kb | 2M - 2M+512B | 3M |
|-----------+----------+---------------+-----------+
| MBR #1 | DAX | MBR #2 | Rootfs |
'-----------'----------'---------------'-----------+
| | ^ | ^
| '-data-' '--------'
| |
'--------rootfs-partition---------'
```
MBR: Master boot record.
DAX: Metadata required by the NVDIMM driver to enable DAX in the guest [1][2]
(struct nd_pfn_sb).
Rootfs: partition that contains the root filesystem (/usr, /bin, etc).
Kernels and hypervisors that support DAX/NVDIMM read the MBR #2,
otherwise MBR #1 is read.
[1] - https://github.com/kata-containers/osbuilder/blob/master/image-builder/\
nsdax.gpl.c
[2] - https://github.com/torvalds/linux/blob/master/drivers/nvdimm/pfn.hfixes#263
Signed-off-by: Julio Montes <julio.montes@intel.com>
KVM virtual PTP in linux kernel allows guest to sync its
clock to the host clock with high precision. kvm-ptp has been
enabled in our kernel. Add this as a source for `chrony` so that
it can be used to sync the guest system clock.
`chrony` needs to be started in the guest for time sync.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
With the old code it was possible to see odd messages like:
"INFO: Create root disk image. Attempt 6 out of 5."
Move the attempt number print to after we check against the max
Fixes#251
Signed-off-by: Matt Fischer <matt@mattfischer.com>
debian config seems to be missing PACKAGE variable altogether.
Add it along with appending chrony to the list.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
chrony will be used to schronize guest clock with host
using kvm_ptp kernel driver.
This does add another active component to the rootfs
but keeping time scychorized is crucial.
Fixes#255
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
We need to modify this test in order to handle firecracker.
Fixes#248
Depends-on:github.com/kata-containers/osbuilder#247
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
- image-builder: fill out device namespace information into kata image
- tests: install kata components from master
- tests: skip euleros
- arch: Remove calls to arch command
- pullapprove: remove it
- memory_hotplug: MEM_BOUNDARY_MB should be arch-dependent
726f798 image-builder: fill out device namespace information into kata image
cbe5642 image-builder: add gcc as dependecy to generate the image
7620066 image-builder: sync rootfs data after copying it into the image
dc5bc07 image-builder: fix mem boundary recalculation
71ccc0a mage-builder: remove -s option and IMG_SIZE envar
8065bb6 rootfs-builder: delete dnf and rmp data
35588dd tests: install kata containers components from master
519bbe8 tests: remove docker before installing the newer version
b4de168 tests: skip euleros
f38c67d arch: Remove calls to arch command
8963b8e pullapprove: remove it
e4d5c1b memory_hotplug: MEM_BOUNDARY_MB should be arch-dependent
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Not all hypervisor support NVDIMM hence DAX support MUST BE enabled explicitly
setting the DAX environment variable to 'yes'
fixes#246
Signed-off-by: Julio Montes <julio.montes@intel.com>
The new NVDIMM driver implementation (kernel >= 4.16) needs to know the device
namespace information to map pages, this metadata is read from the nvdimm
namespace at 4k offset.
fixes#235
Signed-off-by: Julio Montes <julio.montes@intel.com>
gcc is required to build the binary in charge to fill out the device
namespace information (matadata) into the kata containers image.
Signed-off-by: Julio Montes <julio.montes@intel.com>
guest kernel needs 64 bytes of DRAM per 4K page of emulated PMEM, hence the
image size should be as small as possible to reduce the container's memory
footprint. The image size is recalculated automatically if it's too small
to contain the rootfs.
Signed-off-by: Julio Montes <julio.montes@intel.com>
