There is an issue that ctrl-c stop vmcache server will stop all
containers that its VM is created by it.
The cause is kata-proxy and vmcache server use same tty, for example:
ps -e | grep kata
3617 pts/5 00:00:00 kata-runtime
3636 pts/5 00:00:00 kata-proxy
Ctrl-c will send signal to both kata-proxy and vmcache server.
Then the containers that its VM is created by this vmcache server will
quit with it.
Set Setsid to true when exec kata-proxy to handle this issue.
Fixes: #1726
Signed-off-by: Hui Zhu <teawater@hyper.sh>
the versions.yaml file in runtime carries the information on all the
components we use and ship with kata. It would be nice to have the CI
test the newer versions when the file is changed and CI is triggered.
The current code always fetches from the master tree from github and
that does not help to validate version changes before it lands in the
tree.
Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
The rootfs image was fixed, now the DAX metadata and 2 MBRs headers are part
of the same image. Mounting the rootfs partiton with an offset of 2M is no
more needed, since the first MBR is read by partx or losetup by default.
fixes#1443
Signed-off-by: Julio Montes julio.montes@intel.com
Kubelet would cleanup the pod cgroup resources and kill the processes
in the pod cgroups when it detected all of the containers in a pod exited,
thus shimv2 should close the hypervisor process once the podsandbox container
exited, otherwise, the hypervisor process would be killed by kubelet and
made shimv2 failed to shutdown the sandbox.
Fixes:#1672
Signed-off-by: lifupan <lifupan@gmail.com>
```
//the network namespace created by cni plugin
netns, err = namespaces.NamespaceRequired(ctx)
if err != nil {
return nil, errors.Wrap(err, "create namespace")
}
```
the netns is a containerd namespace concept, it not netns, event a cni
set netns for this, this is a tricky way, so remove the logic.
Fixes: #1692
Signed-off-by: Ace-Tang <aceapril@126.com>
According to CRI specs, kubelet will call StopPodSandbox()
at least once before calling RemovePodSandbox, and this call
is idempotent, and must not return an error if all relevant
resources have already been reclaimed. And in that call it will
send a SIGKILL signal first to try to stop the container, thus
once the container has terminated, here should ignore this signal
and return directly.
Fixes:#1672
Signed-off-by: lifupan <lifupan@gmail.com>
Use `kata-containers.runtime` that is the runtime binary, to
collect the data if the kata-runtime binary is not installed
fixes#1720
Signed-off-by: Julio Montes <julio.montes@intel.com>
Chrony service is not started because it requires a private temporal directory,
these directories can't be created in read-only filesystems. Create a symlink
to /tmp in /var allowing systemd to create private temporal directories.
fixes#280
Signed-off-by: Julio Montes <julio.montes@intel.com>
We need to build kata-runtime to have the correct files
in place to be able to run the static checks script.
Fixes#1716.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Remove the version of alpine used when pulling golang docker images.
This ensures the latest version of alpine is used and resolves the
maintenance issue when old versions of alpine are dropped.
Fixes: #293.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Set qemu major/minor version when
running unit test TestQemuPPC64leMemoryTopology
on ppc64le & execute the unit test accordingly.
Fixes: #1308
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
We should not let shim or proxy read guest console socket if
agent debug console is set. Otherwise when we connect to it with
socat, it reads nothing since all output is read by the shim.
Fixes: #1700
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Use only one version to install cri-contaienrd
- version could be a containerd version or a commit of the cri
repository.
Depends-on: github.com/kata-containers/tests#1400
Fixes: #1464
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
hub tool from github lets you show a particular tag that might exist in
the repostiory. Switching our tag checking logic to use that instead of
listing all tags and grepping for the one we want. For some reason the
existing grep logic always fails to return the right code and always
lands on the portion of the code to generate a new tag.
Fixes: #519
Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
nemu needs to be configured with:
`machine_type = "virt"` by default.
In addition, this commit removes
`machine_accelerators="virt"` which was added instead
of `machine_type` in a previous commit.
Fixes: #1707.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Created a skeletal set of README for the packaging areas that didn't
have them:
- Jenkins
- OBS
- QEMU
- static build tooling
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
GFM doesn't require corresponding heading hashes at the end of line -
start of lines hashes are adequate.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add missing heading names and a table of contents.
Also, folded the long lines to make them easier to edit and diff.
Fixes#501.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Fix the test case TestGetShmSizeBindMounted by
setting the right ShmSize for ppc64le.
Fixes: #1702
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
