Because the network monitor will be listening to every event received
through the netlink socket, it will be notified everytime a new link
will be added/updated/modified in the network namespace it's running
into. The goal being to detect new interface added by Docker such as
a veth pair.
The problem is that kata-runtime will add other internal interfaces
when the network monitor will ask for the addition of the new veth
pair. And we need a way to ignore those new interfaces being created
as they relate to the veth pair that is being added. That's why, in
order to prevent from running into an infinite loop, virtcontainers
needs to tag the internal interfaces with the "kata" suffix so that
the network monitor will be able to ignore them.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
8abc400 agent: add test to WaitProcess()
f746ed8 agent: allow multiple waitProcess()
157f1c1 travis: Add variable needed to run static checks
ed54087 travis: bump golang version
ba0c7fc client: wait for session to be fully closed
0865c98 agent: wait session to be fully shutdown
55f1480 vendor: update yamux dependency
5e36bfc network: Wait for network device in UpdateInterface
218ce89 device: Rename getBlockDeviceNodeName to getPCIDeviceName
c9a4e2e uevent: Store the interface field as device name for network interfaces
74a5364 build: fix make proto error
b1c2ad8 agent: add support for online memory and cpu separately.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit adds some unit testing in order to validate some of the
new code that have been introduced with the new network monitor.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit modifies the Makefile at the root of this repository
so that the binary kata-netmon can be built from there.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Instead of dumping logs through the standard output with fmt.Printf()
function, this commit improves the logging by relying on logrus.
Also, it relies on the syslog hook so that all the logs get redirected
to the journal.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
In order to reduce the overhead due to the import of the whole
agent protocol, only the needed structures are duplicated. This
is a temporary solution, and those structures should be defined
into their own package to prevent from such overhead.
Note: the overhead of the binray size went down from 15MiB to
3MiB when this commit removed the dependency on the agent protocol.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit introduces a new watcher dedicated to the monitoring
of a specific network namespace in order to detect any change that
could happen to the network.
As a result of such a detection, the watcher should call into the
appropriate runtime path with the correct arguments to modify the
pod network accordingly.
Fixes#170
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
The PR moves ahead the start of proxy process for vm factory so that
it waits for both vm and proxy to be up at the same time. This saves
about 300ms for new container creation in my local test machine.
Fixes: #683
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Callers can use setProxy to ask agent to use an existing proxy.
agent is modified to rely on its state.URL to tell if an
its proxy is a valid one. And startProxy will skip a valid
proxy since it is already started.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
A proxy is mostly associated with an agent. Decouple it from sandbox
so that we can start it before linking vm with an actual sandbox.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Add `disable_vhost_net` option to enable or disable the use of
vhost_net. Vhost_net can improve network performance.
Signed-off-by: Ruidong Cao <caoruidong@huawei.com>
If the length of vhostfds is zero, it means host doesn't support vhost. So
do not pass vhost="on" in QMP.
Full list:
1a1fee7 qemu/qmp: nic can works without vhost
Fixes#169
Signed-off-by: Ruidong Cao <caoruidong@huawei.com>
If neither initrd nor rootfs path is mentioned in
the configuration.toml file, then error out stating
the same
Fixes: #587
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
The runtime and hypervisor `Debug` options were always showing as
`false` (although all debug options in `configuration.toml` were
correctly honoured).
Note: Also moved location of `FactoryConfig` in `RuntimeConfig` as the
`malign` linter was complaining:
```
virtcontainers/pkg/oci/utils.go:102:20⚠️ struct of size 408 could be 400 (maligned)
```
Fixes#724.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Instead of using a default queue size of 8 for macvtap fds,
use the number of CPUs on the guest as the queue size.
This is the recommended approach. This also shown better
performance results.
Fixes#680
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Reformat the usage output displayed with `help` command or `-h` option.
Trap exit codes only after options parsing, as that is used to
generate a test report.
Fixes: #169
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
- Makefile: update targets to better track build artifacts
- OSbuilder : Add support for Ubuntu rootfs
- rootfs: Include libseccomp support in rootfs
- rootfs-fedora: bump Fedora release to 28
- rootfs: Fail on non existing agent version.
344a37c Makefile: update targets to better track build artifacts
f19da63 rootfs: Include libseccomp support in rootfs
3075de4 OSbuilder : Add support for Ubuntu rootfs
89bca97 rootfs: dockerfile: Fix fedora 28 build.
5a1d946 rootfs: Fail on non existing agent version.
1ac9c07 rootfs-fedora: bump Fedora release to 28
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Sadly CI failed to catch the broken line due to the fact that it is introduced by a different
PR that passed w/o the naming PR.
./config.go:604:27: config.DefaultMemSz undefined (type virtcontainers.HypervisorConfig has no field or method DefaultMemSz)
Makefile:331: recipe for target '/golang/src/github.com/kata-containers/runtime/kata-runtime' failed
make: *** [/golang/src/github.com/kata-containers/runtime/kata-runtime] Error 2
Fixes: #709
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Update qemu-lite this disable static PRT on pc platform,
needed to use devices like virtio-rng.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Kata Containers does not have provide a good entropy level,
make use of a paravirtual rng device to solve this problem.
Fixes: #445
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
We find for the tarball name with the package name.
If this is a `-rc` tha package versoin will have `~rc`,
lets replace `~` for `-` before get the tarball name.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Remove the redundant `--distro` argument; when needed, the distro can be
specified using a positional argument.
Fixes: #158
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
At the end of the tests, show a summary of the size of all the rootfs's,
images and initrd's.
Fixes#162.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
