When an x86 sandbox has a vIOMMU (needed for VFIO), it needs the
'kernel_irqchip=split' option or it can't start. fdcd1f3a2 attempts to set
that, but ends up just writing it to a temporary (looks like Go for range
loops pass by value).
Fixes: #2694
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Add a configuration option and a Pod Annotation
If activated:
- Add kernel parameters to load iommu
- Add irqchip=split in the kvm options
- Add a vIOMMU to the VM
Fixes#2694
Signed-off-by: Adrian Moreno <amorenoz@redhat.com>
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Add a new function appendIOMMU() to the qemuArch interface
and provide an implementation on amd64 architecture.
Signed-off-by: Adrian Moreno <amorenoz@redhat.com>
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
The ppc64 specific qemu setup code adds a "pmu=off" parameter to the cpu
model if the nestedRun option is set. But, not only does availability of
the pmu have nothing to do with nesting on POWER, there is no "pmu=" cpu
opton for ppc64 at all.
So, simply remove it.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Hard-coded Qemu machine options create challenges when running Kata
with latest Qemu (v5.0) or with latest processor version.
This patch makes it configurable by leveraging the existing machine_accelerators
option in configuration.toml.
This patch fixes#2657 for ppc64le
Signed-off-by: bpradipt@in.ibm.com
The default ppc64le Qemu binary path was specific for Ubuntu.
This patch fixes the default binary path for both Fedora and Ubuntu
Fixes: #2738
Signed-off-by: bpradipt@in.ibm.com
qemu_ppc64le.go applies the "tsc=reliable", "no_timer_check" and
"noreplace-smp" kernel parameters, despite those being x86 specific. So,
just remove them.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Let's add information on how to debug shimv2 when using cri-o, similarly
to what already is present with containerd.
Fixes: #672
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Dup a new file descriptor for temporary logger writer,
since this logger would be dropped and it's writer would
be closed out of if definition scope, which would cause
the logger process thread terminated if it used the original
pipe write fd.
Fixes: #318
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
With this change, a container is not longer given access to
the underlying root partition.
This is done by explicitly adding the root partition
to the device cgroup of the container.
Fixes: #317
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
The Qemu version check in unit test case is no longer needed for
Power since we don't support Kata with Qemu version < 4.x.
Fixes: #315
Signed-off-by: bpradipt@in.ibm.com
Improve the output of the data collection script to use lots more folds.
This makes it easier to review the information when viewing the pasted
output in a GitHub issue.
Fixes: #313.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add `start_section()` and `end_section()` functions to the data
collection script to allow new unfoldable sections to be created.
Redefine `show_header()` and `show_footer()` to use the new functions.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Now that the Kata containerd shim v2 can display a version string,
add those details to the data collection script.
Fixes: #309.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
All components should support a `--version` option to allow clear
identification of the version of the component being used.
Note that the build changes are required to allow the shim binary to
access the golang code generated by the build (such as the `version`
variable).
Fixes: #307.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add a new system component, used only when tracing is enabled. The
component listens to the agent over VSOCK, forwarding trace spans
created by the agent in the virtual machine onwards to an OpenTelemetry
collector (such as Jaeger) running on the host.
Fixes: #224.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Fix a long-standing bug where the KSM throttler logs would not be
collected by removing the last (unused) parameter to the
`find_system_journal_problems()` function.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
The function that checks for legacy packages in the collect script was
missing pipes denoting regex alternation.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Added new functions to convert to/from a log level name (like `debug`)
to/from the equivalent `slog::Level::Debug`.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
The agent logger is useful and generic enough that it can be used by
other components, so move the agent logging package to below a top level
`pkg` to encourage re-use.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add the following patches for QEMU 5:
* memory-backend-file/nvdimm: support read-only files as memory-backends
* 9p: removing coroutines of 9p to increase the I/O performance
fixes#1064
Signed-off-by: Julio Montes <julio.montes@intel.com>
