sockets * cores * threads should be equal to maxcpus otherwise a
warning is thrown: 'warning: Invalid CPU topology deprecated:
sockets * cores * threads != maxcpus'
This warning in the future will be an error and won't be possible to run
kata containers.
fixes#1605
Signed-off-by: Julio Montes <julio.montes@intel.com>
kata-runtime list command should list all valid container, not fail
when some containers information uncorrent, like rootfs not found.
Fixes: #1592
Signed-off-by: Ace-Tang <aceapril@126.com>
in wait function, should send msg to exit channel after task status has
updated, since shim.Wait() is running in another goroutine, when it
receive msg from exit channel, it will stop waiting and return, then
someone who hold this Wait() get return, it can delete task, if exit msg
is send first, the container status may still be running.
Fixes: #1600
Signed-off-by: Ace-Tang <aceapril@126.com>
The proxy is in charge to print the agent logs, but when `use_vsocks` is true
the runtime doesn't start the proxy, because it's not needed, hence the agent
logs are ignored. To mitigate this limitation and to make the debugging
processes easier, the fist shim started (the one who monitors the sandbox)
will read the console.sock and print the agent logs.
Depends-on: github.com/kata-containers/shim#172
fixes#1596
Signed-off-by: Julio Montes <julio.montes@intel.com>
Add configuration options to support the various Kata agent tracing
modes and types. See the comments in the built configuration files for
details:
- `cli/config/configuration-fc.toml`
- `cli/config/configuration-qemu.toml`
Fixes#1369.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Updated the agent vendoring for `StartTracing` and `StopTracing`. This
only changed a single file - the auto-generated gRPC protocol
buffer file.
This change resolves four vendoring issues:
- The github.com/kubernetes-incubator/cri-o project was renamed to
github.com/cri-o/cri-o. Although github redirects, `dep` complains that
it cannot find the old `github.com/kubernetes-incubator/cri-o` files
under `vendor/` so remove the old config, relying on the existing (and
in other respects identical) `dep` config.
- There was a stale dependency on `github.com/clearcontainers/proxy`
which should have been removed when the Clear Containers code was
excised.
- The latest version of the agent code vendored into the runtime prior
to this commit was a merge commit (commit
`48dd1c031530fce9bf16b0f6a7305979cedd8fc9`). This somehow confused `dep`
which did *not* correctly pull in the latest version of the
auto-generated gRPC code
(`vendor/github.com/kata-containers/agent/protocols/grpc/agent.pb.go`).
This is clear because commit `48dd1c031530fce9bf16b0f6a7305979cedd8fc9`
is newer than the agent commit that introduced the `StartTracing` and
`StopTracing` APIs (`00cf907afcb7c8e56f077cf45ae3615f612fdc9d`).
Resolving the other two issues above seems to have resolved this issue
as the correct version of this file has now been included in the
vendoring, however note there is no change to the `dep` files as this
version of `agent.pb.go` should already have been included (!)
- Updating `agent.pb.go` also removed the `AddInterface` and
`RemoveInterface` API calls which should again also have been removed
already.
Updated tests to remove these redundant calls.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Previously, the agent behaviour was controlled entirely using the
`kernel_params=` config option. This mechanism suffers from a subtle
problem - the runtime is not aware of how the agent will behave.
From now on, all significant agent options will be controlled from the
agent section in the configuration file. This allows the runtime to be
more aware of -- and in control of -- such agent settings. It would also
allow the underlying kernel CLI options to be modified in the future if
required.
This PR adds the only useful agent option as an explicit option by
adding an `enable_debug=true` option to the Kata agent section in
`configuration.toml`. This allows controlling agent debug to be handled
in the same manner as the other debug options.
This change is somewhat foundational: it permits the agent to be handled
consistently with other config file sections which is useful, but
arguably not essential (the old way worked). However, the new way of
handling agent options will be essential when introducing agent tracing
control as the runtime must be aware of the agent trace mode to allow
the runtime to modify its behaviour accordingly.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Replace the two versions of `makeRuntimeConfigFileData()` with a single
`MakeRuntimeConfigFileData()` in a new `katatestutils` package and a new
`katautils.GetDefaultHypervisorConfig()` to query the default hypervisor
details.
This isn't ideal but a new package had to be created to avoid circular
dependencies. It was also required since test code cannot be exported
from a package.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Removed the unused `KataShimConfig` type and updated an error message
that incorrectly mentioned it.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Make `newAgentConfig()` return an explicit error rather than handling
the error scenario by simply returning the `error` object in the
`interface{}` return type. The old behaviour was confusing and
inconsistent with the other functions creating a new config type (shim,
proxy, etc).
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
This reverts commit 196661bc0d.
Reverting because cri-o with devicemapper started
to fail after this commit was merged.
Fixes: #1574.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
In order to support NOARP in ipvlan interface, the runtime
will pass the rawflags to agent, which also apply to other
network interfaces, not just ipvlan.
Fixes: #1391
Signed-off-by: Zha Bin <zhabin@linux.alibaba.com>
We can use the same data structure to describe both of them.
So that we can handle them similarly.
Fixes: #1566
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Set new persist storage driver "virtcontainers/persist/" as "experimental"
feature.
One day when this can fully work and we're ready to move to 2.0, we'll move
it from "experimental" feature to formal feature.
At that time, the "virtcontainers/filesystem_resource_storage.go" can be removed
completely.
Signed-off-by: Wei Zhang <zhangwei555@huawei.com>
Address some comments:
* fix persist driver func names for better understanding
* modify some logic, add some returned error etc
Signed-off-by: Wei Zhang <zhangwei555@huawei.com>
Fixes#803
The disk persist data should be "versioned" and baselined, any modification in
persist data should be considered potential break of backward compatibility.
Signed-off-by: Wei Zhang <zhangwei555@huawei.com>
In privileged mode, all host devices are supposed to be passed
to the container in config.json. Skip floppy drives.
Fixes#1551
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
It seems that codeblocks inside block quotes are not well understood by
markdown parsers, so simplify by removing the codeblock in the note -
the note is clear enough without labouring the point.
Partially fixes: #1564.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
- s390x: fix gofmt complain
- factory: Make VMCache and VM templating can work together
- agent: pass correct mount type to agent for ephemeral volumes
- network: Make tcfilter model as default
- netmon: Fix bug in how routes are converted
- shimv2 should return grpc error codes
- Deprecate hyperstart, CC shim, and CC proxy
- virtcontainers: inherit parent's CPU constraint
- fix ut failure due to incorrect cleanup and make it runnable with non-root
- storage: create k8s emptyDir inside VM
- virtcontainers: prepend a kata specific string to host cgroups path
- Factory: enable template feature for arm64
- cli: fix kata-check test
- shimv2: fix the issue of stop container failed
- split sandbox/container state
- Make factory can control VMCache server
- vc: remove spawner
- s390x: fix golangci-lint complains
- qemu: Remove the storage directories if qemu get from the factory
- katautils: fix the issue of missing proxy debug config
- vendor: update govmm
- virtcontainers: Use only supported namespaces
- cri-o: Update repository URLs
- travis: use xenial
- runtime: support memory hotplug via probe interface on aarch64
- s390x: not set socketID and threadID
- config: fix panic in type assertion
- Fix yq issues
a013f9b s390x: fix gofmt complain
3852682 network: Change the package level network default
33bae70 network: Make tcfilter model as default
343a0d3 factory: Make VMCache and VM templating can work together
b08ab6a vc: modify ioctl function to handle shim test
c425079 vc: Deprecate CC proxy and shim
c658770 vc: remove virtc api cli
d4ef9c0 vc: deprecate hyperstart agent
8abd2ec netmon: Fix bug in how routes are converted
59e3956 virtcontainers: inherit parent's CPU constraint
f512542 sandbox: return ErrNoSuchContainer when failing to find a container
8215a3c shimv2: convert vc errors to grpc errors
cf90751 vc: export vc error types
9040f6a ut: fix UT failure due to incorrect cleanup
a0f49a9 ut: fix UT failure due to non-root
1a1f93b virtcontainers: add a kata specific prefix to host cgroups path
f7223c6 shimv2: fix the issue of stop container failed
76c4639 storage: create k8s emptyDir inside VM
98687a3 Template: enable template for arm64
16fe855 qemu: Remove the storage directories if qemu get from the factory
ace8115 factory: Make factory status can show status of VMCache server
f639787 factory: Make factory destroy can stop VMCache server
9ac6831 cli: fix kata-check test
a63013d vc: remove spawner
c414599 types: remove pid from sandbox state
03ee25d agent: treat container as shared pidns whenever it has pidns path
616f26c types: split sandbox and container state
8041fc9 katautils: fix the issue of missing proxy debug config
bb347ac vendor: update govmm
0b430dc virtcontainers: Use only supported namespaces
e31b040 cri-o: Update repository URL
ea1df84 travis: use xenial
b50292a arm64: dep ensure to keep track of the revisons in kata agent
3bfcdf7 agent: add interface memHotplugByProbe
47670fc memoryDevice: reconstruct memoryDevice
30a6a7d agent: acquire memory hotplug probe info via GetGuestDetails
4993dff ci: Add a failed execution check for curl
7fa0390 ci: set $yq_version to 2.3.0
19458ec s390x: fix golangci-lint
49be8ee s390x: not set socketID and threadID
1b6affe config: fix panic in type assertion
2d422a8 agent: pass correct mount type to agent for ephemeral volumes
228d151 mount: Add check for k8s host empty directory
70c1931 mounts: Add check for system volumes
Signed-off-by: katacontainers bot <katacontainersbot@katacontainers.io>
