Remove the `network connect` limitation from `Limitations.md` as the limitation has been removed.
Fixes#287.
Signed-off-by: Ayoub Bousselmi <abousselmi@users.noreply.github.com>
Remove the `ps` limitation from `Limitations.md` as the limitation has been removed.
Fixes#342.
Signed-off-by: Ayoub Bousselmi <abousselmi@users.noreply.github.com>
Function SetKernelParams is just to update the runtimeConfig according to itself.
It just around the configuration.
So this patch moves it to updateRuntimeConfig.
Fixes: #1106
Signed-off-by: Hui Zhu <teawater@hyper.sh>
Add firecracker version to versions.yaml. This allows kata
packaging to build and package firecracker.
Fixes: #1103
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
The contents of /proc/cpuinfo were
trimmed and hence the "model" field could
not be parsed despite being a field in
/proc/cpuinfo. Fix this issue.
Fixes: #1089
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
This reverts commit 802bfa26c9.
Seems that we have some performance issues when
using this new kernel. Reverting to have a clean CI and
have a proper investigation about the degradation.
Fixes: #1100.
Signed-off-by: Salvador Fuentes salvador.fuentes@intel.com
If the runtime repository is already cloned get version from it,
else keep getting from github.
Fixes: #299
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
When overlay is used as storage driver, kata runtime creates a new bind mount
point to the merged directory, that way this directory can be shared with the
VM through 9p. By default the mount propagation is shared, that means mount
events are propagated, but umount events not, to deal with this problem and to
avoid left mount points in the host once container finishes, the mount
propagation of bind mounts should be set to private.
Depends-on: github.com/kata-containers/tests#971
fixes#794
Signed-off-by: Julio Montes <julio.montes@intel.com>
And add some additional log output for displaying the directories and
files created when kicking the virtcontainers tests.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
We always call waitSandbox after we start the VM (startSandbox), so
let's simplify the hypervisor interface and integrate waiting for the VM
into startSandbox.
This makes startSandbox a blocking call, but that is practically the
case today.
Fixes: #1009
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
We always combine the hypervisor init and createSandbox, because what
we're trying to do is simply that: Set the hypervisor and have it create
a sandbox.
Instead of keeping a method with vague semantics, remove init and
integrate the actual hypervisor setup phase into the createSandbox one.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
We can now remove all the sandbox shared types and convert the rest of
the code to using the new internal types package.
This commit includes virtcontainers, cli and containerd-shim changes in
one atomic change in order to not break bisect'ibility.
Fixes: #1095
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
The types package holds all shared virtcontainers types.
With the separation of the virtcontainers code into separate packages,
we need a types one to not create circular dependencies.
This package holds sandbox related types and structures for now. It will
grow as virtcontainers code is moved into their own internal packages.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Since we're going to have both external and internal types packages, we
alias the external one as vcTypes. And the internal one will be usable
through the types namespace.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Pass Seccomp profile to the agent only if
the configuration.toml allows it to be passed
and the agent/image is seccomp capable.
Fixes: #688
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
cri containerd calls kill on stopped sandbox and if we
fail the call, it can cause `cri stopp` command to fail
too.
Fixes: #1084
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Now that stopVM() also calls agent.stopSandbox(), we can have the
sandbox Stop() call using stopVM() directly and avoid code duplication.
Fixes: #1011
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
We always ask the agent to start the sandbox when we start the VM, so we
should simply call agent.startSandbox from startVM instead of open
coding those.
This slightly simplifies the complex createSandboxFromConfig routine.
Fixes: #1011
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
startSandbox() wraps a single operation (sandbox.Start()), so we can
remove it and make the code easier to read/follow.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Update the developer guide to include documentation
for the inclusion of seccomp packages in initrd/rootfs
images.
Fixes: #339
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
If the env KATA_CONF_FILE was set, shimv2 will use it as the
kata configure file, otherwise, it will try to find it from
/etc and /usr/share directory.
Fixes: #1091
Signed-off-by: fupan <lifupan@gmail.com>
Add a reference to the release rotation wiki, and clarify that
the current stable release schedule is every-other-week.
Fixes: #337
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
