When a parallel build is invoked using "make -j4" there is a race
between EXTRA_DEPS ('clean') and generating files:
CPU1 CPU2
---- ----
create cli/generated-config.go
rm cli/generated-config.go
go build -> error: generated-config.go doesn't exist!
Previous commits ensured that targets relying on version information
like VERSION and COMMIT declare appropriate dependencies. Therefore
make is now able to detect changes and rebuild targets as needed. It is
no longer necessary to abuse the clean target to force a rebuild.
Fixes: #1540
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Makefile uses $(shell) to build a git commit string. Unfortunately this
means make targets cannot be rebuilt when COMMIT changes value. We need
to reflect this string value into files on which make can process
dependencies.
I stole a solution from QEMU's Makefile:
1. Print the string into .git-commit.tmp
2. If .git-commit.tmp differs from .git-commit, copy it to .git-commit
3. Depend on .git-commit from all targets that need $COMMIT
This way targets are only rebuilt if the commit string value actually
changes.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Makefile had a template for cli/config-generated.go embedded inside it.
There is already a templating mechanism for .in files. Using a .in file
is cleaner since it avoids make's awkward interaction with shell
escaping and line splitting.
This patch moves the template into cli/config-generated.go.in and reuses
the existing .in file templating mechanism. Only the PKGRUNDIR variable
needs to be added.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Depending on Makefile is not enough to detect all changes. We must
rebuild when included makefiles change, too.
The MAKEFILE_LIST special variable contains the filenames of all
included makefiles and Makefile itself.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The netmon target must be rebuilt when the VERSION file changes since it
uses the value of VERSION on the build command-line.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
GENERATED_FILES already includes COLLECT_SCRIPT, so there's no need to
specify it again:
GENERATED_FILES += $(COLLECT_SCRIPT)
...
clean:
$(QUIET_CLEAN)rm -f ... $(GENERATED_FILES) $(COLLECT_SCRIPT)
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
tcfilter requires no changes to the interface provided by the network
plugin and supports a larger set of plugins.
Fixes#1501
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
The kata shim tests make use of an ioctl function, so instead
of having a custom one within that file, use the ioctl
function in utils/utils_linux
Fixes#1419
Signed-off-by: Gabi Beyer <Gabrielle.n.beyer@intel.com>
Clear Containers proxy and shim are no longer supported. This
was mentioned in issue #1113. Their functionalities are thus
removed from the runtime.
Fixes#1419
Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
The hyperstart agent has not been supported in kata since 2.1,
so remove it as a component to kata. Mentioned in issue #1113.
Fixes: #1419
Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
The agent expects a IP CIDR for the route destination
rather than an IP address. netmon was incorrectly
converting route dest to an IP address and hence
exiting with an error.
We did not have an integration test for netmon with tcfilter mode.
macvtap mode did not uncover this, as with macvtap routes are
not really passed to the agent.
We delete the IP on the veth device, and netmon looks at the
routes after the IP is deleted with macvtap.
Fixes#1523
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Don't set a default CPU constraint if period and quota are not specified, that
way the container will inherit the CPU constraint from its parent. Container
creation won't fail if the parent CPU constraint is smaller than the default
number of vCPUs.
fixes#1521
Signed-off-by: Julio Montes <julio.montes@intel.com>
containerd checks for the grpc error code to determine
correct recover action upon grpc errors. We need to provide
them properly.
Unfortunately ttrpc doesn't support grpc interceptor so we have
to modify every service function for it.
Fixes: #1527
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
cleanup() actually removes all things under testdir and
causes UT failures.
=== RUN TestCreateMockSandbox
ERRO[0000] Create new sandbox failed error="QEMU path (/tmp/vc-tmp-007004370/hypervisor) does not exist" sandbox=7f49d00d-1995-4156-8c79-5f5ab24ce138 sandboxid=7f49d00d-1995-4156-8c79-5f5ab24ce138 source=virtcontainers subsystem=sandbox
exit status 1
Fixes: #1525
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
prepend a kata specific string to oci cgroup path to
form a different cgroup path, thus cAdvisor couldn't
find kata containers cgroup path on host to prevent it
from grabbing the stats data.
Fixes:#1488
Signed-off-by: lifupan <lifupan@gmail.com>
This commit bumps the golang version to remove the go modules hash
mismatch between 1.11 and 1.12.
Fixes: #1520
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
There is no need to send another SIGKILL signal following
SIGTERM signal, otherwise, sending the SIGKILL signal would
get failed since the container process would has been terminated
by the previous SIGTERM signal.
Fixes:#1493
Signed-off-by: lifupan <lifupan@gmail.com>
This introduces a new storage type: local. Local storage type will
tell the kata-agent to create an empty directory in the sandbox
directory within the VM.
K8s host emptyDirs will then use the local storage type and mount it
inside each container. By doing this, we utilise the storage medium
that the sandbox uses. In most cases this will be 9p.
If the VM is using device mapper for container storage, the containers
will benefit from the better performance of device mapper for
host emptyDir.
Fixes#1472
Signed-off-by: Alex Price <aprice@atlassian.com>
Now, template feature can't work on arm64. When using bypass-shared-memory
cap to saving sandbox as a template, new sandbox cloning from the template
will fail. From initial investigation, it maybe a qemu issue. Further
research should be done.
To enable template on arm64, this patch adds a switch to offer the capability
to open or close the bypass-shared-memory cap.
While closing bypass-shared-memory cap, saving vm will occupy more space
and consume more time. So increase 300M for mount size and bump the time
waiting for migration to 10 seconds.
Fixes: #1336
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
Store related in directory /var/lib/vc/sbs and /run/vc/sbs if
vm template is enabled.
The cause is NewVM and NewVMFromGrpc will create vcStore with
VM's ID and set it as store of hypervisor if the factory is enabled.
This commit record the VM's ID to HypervisorConfig.VMid and remove
directories in qemu.cleanupVM to handle the issue.
Fixes: #1452
Signed-off-by: Hui Zhu <teawater@hyper.sh>
This commit adds a new gRPC function Status to CacheService. VMCache
server will reply the status of VMCache server.
Factory destroy will call gRPC Status to get the status of VMCache
server and output it when VMCache is enabled.
Fixes: #1395
Signed-off-by: Hui Zhu <teawater@hyper.sh>
VMCache server just can be stopped by ctrl-c without current commit.
This commit adds a new gRPC function Quit to CacheService. VMCache
server will stop by itself after 1 second when Quit is called.
Factory destroy will call gRPC Quit when VMCache is enabled.
Fixes: #1395
Signed-off-by: Hui Zhu <teawater@hyper.sh>
We don't really require nested nor unrestricted_guest to run. And there
is no point validating host cpu properties in UT.
Fixes: #1508
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
