Introduce a new mode that uses tc filters to redirect traffic from
the network interface created by the network plugin to a
tap interface that we connect to the VM.
This mode will help support ipvlan as well.
Fixes#144
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Converted the plain code blocks in
`install/installing-with-kata-doc-to-script.md` to bash code blocks so
that they are executable by... `kata-doc-to-script.sh`.
Also, removed the backslashes to let github render scroll bars for
consistency with other docs.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Move to golang version 1.10.4 -- the oldest stable golang release at the
time of writing -- since golang 1.10+ is needed to make namespace
handling safe.
Re-ordered a couple of structs (moved `sync.WaitGroup` fields) to keep
the `maligned` linter happy. Previously:
``
virtcontainers/pkg/mock/cc_proxy_mock.go:24:18⚠️ struct of size 160 could be 152 (maligned)
virtcontainers/monitor.go:15:14⚠️ struct of size 80 could be 72 (maligned)
```
See:
- https://github.com/golang/go/issues/20676
- 2595fe7fb6
Also bumped `languages.golang.meta.newest-version` to golang version
1.11, which is the newest stable release at the time of writing.
Fixes#148.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Updated `externals.cri-containerd.version` in `versions.yaml` to the
newest version that includes the fix for building on golang 1.10.2:
- 8b0d53c09c
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Instead of using ethtool for getting the driver for network
devices, use sysfs instead. This is because in case of virtio
devices, ethtool returns virtio-net instead of virtio-pci for
virtio network devices. We need to bind/unbind from virtio-pci
driver in case of virtio-net devices.
Fixes#612
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Refactor these functions so differernt types of endpoints can use a unified
function to hotplug nics.
Fixes#731
Signed-off-by: Ruidong Cao <caoruidong@huawei.com>
Use a one-line code block for the installation command, and document the
dry run option.
Fixes: #275
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
Improvements to the table in the installation README:
- Fix the invalid link for the "Build from sources" option.
- Add column for "Packaged install" to make it clearer which
options result in a distro-packed install.
- Tweaked the "Suggested for" column to make the use-case options
clearer.
- Added detail for each use-case in a "Description" column.
Fixes#276.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
reflect.DeepEqual would return false when comparing nil map/slice with
empty map/slice. We would want to return success in such case, since it
is possible for upper layers to send these kind of configs.
Fixes: #844
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Move the test configuration in the distro-specific config.sh
file, for better control of what to include/exclude from
testing based on the test environment.
test_config.sh is still used to exclude specific distros from
being tested, when running tests in bulk.
Fixes: #182
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
Add new options to rootfs.sh: -l prints the list of all distros,
-t retrieves a subset of the distro configuration from config.sh
for testing purpose.
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
As discussed in issue #171 IPv6-in-IPv4 tunnel is useless in guest. So we
decide to disable the CONFIG_IPV6_SIT by default for Arm64.
Fixed#230
Signed-off-by: Wei Chen <wei.chen@arm.com>
The bundle path was documented as defaulting to the current directory
but was not being set to that value if not explicitly specified.
Also moved factory creation code to a new `handleFactory()` function to
avoid cyclomatic complexity issues.
Fixes#821.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
As we try to make sure we don't pull unneeded dependency when using
QEMU or NEMU as the hypervisor, and because SeaBIOS and OVMF firmware
already handle what's done by the default efi-virtio.rom binary, this
commit gets rid of this dependency by providing a default empty one.
Fixes#812
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
We have optionally handled it in kernel parameter in
genericArchKernelParamHandler but kata-check still forcely require it to
be present. Let's only require it when running on baremetal.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
We do not really require nested VT to run kata containers. Let's not
depend on it being there.
Fixes: #820
Signed-off-by: Peng Tao <bergwolf@gmail.com>
As x86_64 has updated the guest kernel to enable EFI support for NEMU,
because OVMF that is used by NEMU is an EFI firmware. Although the
NEMU is not ready for Arm64, we'd better to enable EFI support in
kernel to keep sync with x86_64.
Fixes#228
Signed-off-by: Wei Chen <wei.chen@arm.com>
