Once `containerID` and `sandboxID` fields are available, re-register
the logger with the external packages to ensure they too display these
important fields.
Fixes#467.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Created a new `setExternalLogger()` which sets (or resets) the logger
used by the external packages which allow a logger to be specified.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add a kernel command-line option that the agent can read to determine
the sandbox ID of the VM. It can use this to create a `sandbox=` log
field for improved log analysis.
Fixes#465.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Using docker we always add (ADD) the go tarball. But we can avoid do it
all the time if we install Go using RUN dockerfile instruction.
Use RUN to avoid repeat steps already done in dockerfile.
Fixes: #125
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Fix CI build failures on Ubuntu 16.04 due to `make` not being installed
before the static check script runs by:
- Installing make explicitly on Ubuntu.
- Moving the static-check script after the package install setup phase.
Fixes#134.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
- versions: Update cri-o to fix race condition test.
- network: Add test for VhostUserEndpoint Attach()
- logging: Add containerID and sandboxID to all log calls
- versions: Update kernel to version 4.14.51
- network: Use pointer for VhostUserNetDevice for Attach
- [RFC] makefile: honor DESTDIR flag.
- cli: kata-check if SMT is off on POWER8 systems
- virtcontainer : sconstification of constifiable vars
- ci: Fix static checks call.
- kata_agent: fix connection race
- test: supplement test cases for kata-check and kata-env in Arm64
- qemu: clean up qmp channel
- sandbox: expose share sandbox pidns setting
- versions: update supported docker version
- cli: add no-pivot flag to be compatible with docker in ramdisk
- virtcontainers : fix shared dir resource remaining
- docs: update debug runtime link
- Versions: Add CNI plugins version
- network: Always bind back physical interfaces
- subsystem: cli
- docs: fix invalid urls
- shm: Create shared /dev/shm
- docs: Fix invalid URLs
- CI: Enable Travis-CI for linux-ppc64le
- Fix golint ppc64le issues and eventually Travis-CI
- cpuinfo/arm64: Refine CPUInfo in Arm64
- docs: Update README with Power Support
- ppc64le: Restrict maxmem to avoid HTAB allocation failure
- make sure kataAgent/createContainer can decode old specs.Spec
- arch/arm64: Fix ARM64 build
- virtcontainers: Remove unnecessary kernel parameters for ppc64le
- Enable Kata container on ppc64le arch
- unittest: tiny fix for incorrect parameters
- Update the README.md so showing that containerd is supported
- Fix pause-remove container
- virtcontainers/api: use RW lock to update containers
- Share pid namespace
- config: Show which config file loaded
150bcaf network: Add test for VhostUserEndpoint Attach()
aeea3f6 versions: Update cri-o to fix racy test.
a3ce121 logging: Add containerID and sandboxID to all log calls
510b333 network: Use pointer for VhostUserNetDevice for Attach
44c8901 versions: Update kernel to version 4.14.51
f890ffd cli: kata-check if SMT is off on POWER8 systems
9d709cd ci: Fix static checks call.
ee33245 kata_agent: fix connection race
f2096f1 test: supplement test cases for kata-check and kata-env in Arm64
39bc5ab makefile: honor DESTDIR flag.
2b94252 sandbox: expose share sandbox pidns setting
8f329db qemu: clean up qmp channel
2d65499 virtcontainer: sconstification of constifiable vars
6b496e4 cli: add no-pivot flag to be compatible with docker in ramdisk
59adb6e versions: update supported docker version
8a6d383 virtcontainers : fix shared dir resource remaining
deaf1e3 docs: update debug runtime link
50579d0 Versions: Add CNI plugins version
a31dd49 cni: Use the vendored version of CNI plugins to install binaries
0806dcc network: Drop mounted parameter in call to deleteNetNS
f2d9632 network: Always bind back physical interfaces
45d0816 docs: fix invalid urls
7069045 subsystem: cli
c2397a0 CI: Enable Travis-CI for x86 linux and linux-ppc64le
d6b956a cli: Add kata-check_ppc64le_test file
4824669 cli: Fix TestCheckCLIFunctionFail failure on ppc64le
bb0488e virtcontainers: Fix comment causing golint issue
4d470e5 shm: Create shared /dev/shm
92470fb docs: Fix invalid URLs
44b9950 docs: Update README with Power Support
7757dce cpuinfo/arm64: Refine CPUInfo in Arm64
3b20aeb ppc64le: Restrict maxmem to avoid HTAB allocation failure
2796b19 virtcontainers: Remove unnecessary kernel parameters for ppc64le
6e161a2 arch/arm64: Fix ARM64 build
9a0434d virtcontainers: make kataAgent/createContainer can decode old specs.Spec
c10db01 unittest: tiny fix for incorrect parameters
ca9f571 subsystem: docs
df05b2c cli: fix pause-remove container
b99cadb virtcontainers: add pause and resume container to the API
e14eab0 runtime: Add testcases for ppc64le and arm64
12e4dbe cli: Leverage the new support for ppc64le
baa553d virtcontainers: Get qemu suppport for ppc64le
4276c0c virtcontainers/cli: refactor code
7d435b8 virtcontainers/api: use RW lock to update containers
704d713 test: Fix tests to include pause/resume api changes
d885782 namespace: Check if pid namespaces need to be shared
6d391c4 vendor: Vendor in agent protocol changes.
054a8ce config: Show which config file loaded
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Some test were CI test were failing due to a race condition.
Update cri-o repository to have a stable CI.
Update K8s to latest stable version
Depends-on: github.com/kata-containers/tests#462
Fixes: #435
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
If initrd_builder.sh fails partway through it may not be possible to run
it again without creating a new rootfs.
This happens because initrd_builder.sh checks for the presence of
/sbin/init and refuses to run if it is missing. Later on, the script
moves /sbin/init to /init, where the kernel expects to find it in an
initramfs. After this step initrd_builder.sh will refuse to run again
since /sbin/init is now missing.
Create a symlink from /init to /sbin/init instead of moving the file.
This allows initrd_builder.sh to be run repeatedly on the same rootfs.
Fixes: #130
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Make sure the osbuilder VERSION file is updated before tag
Also, sort repos alphabetically.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
The image_builder.sh script must be run as root. The following check is
performed before the script checks for root:
[ "${AGENT_INIT}" == "yes" ] || [ -x "${ROOTFS}/usr/bin/${AGENT_BIN}" ] || \
die "/usr/bin/${AGENT_BIN} is not installed in ${ROOTFS}
use AGENT_BIN env variable to change the expected agent binary name"
The -x test is "True if the file is executable by you". It may evaluate
to true as root and false as non-root, depending on the file
permissions.
The permissions for kata-agent given in the Developer Guide are 0550
(https://github.com/kata-containers/documentation/blob/master/Developer-Guide.md#add-a-custom-agent-to-the-image---optional).
Therefore image_builder.sh fails with "/usr/bin/${AGENT_BIN} is not
installed" when run as non-root. This is confusing since the agent
binary is really installed!
Move the root check to the beginning of the script. This solves the
confusing error and prevents similar problems where the script doesn't
take into account that the user may be non-root.
Fixes: #127
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Adding cid+sid fields to the log entries generated by most of the CLI
commands will make debugging across the system easier.
Fixes#452.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Use pointer here since api.VhostUserDevice interface is implemented
by VhostUserNetDevice pointer.
Fixes#446
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Update to kernel to get latest fixes.
Depends-on: github.com/kata-containers/agent#279
Fixes: #420
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
proxy server must be specified in configuration file
of the package manager, /etc/yum.conf for yum or
/etc/dnf/dnf.conf for dnf
fixes#123
Signed-off-by: Julio Montes <julio.montes@intel.com>
When do sandbox release, the kataBuiltInProxy will
be closed, and it will stop the watch of vm's console;
Thus it needs to restart the proxy to monitor the vm
console once to restore the sandbox.
Fixes: #441
Signed-off-by: fupan <lifupan@gmail.com>
SMT must be turned off on Power8 for KVM to work. Put
this as a check for kata-runtime kata-check.
Fixes: #397
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
The EulerOS repository servers can be a little slower to respond than
others. This can lead to timeout issues so move the EulerOS tests to
the end to give the other tests a chance to run.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
The tests perform a lot of configuration and call other commands. Since
the tests are running under BATS, any "stdout pollution" results in the
test failing. This is too rigid for current purposes so convert the
BATS test into a `set -e` test. This will still fail if any command
fails, but does not impose the output pollution restriction. It also
makes debugging easier.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
The `kata-manger.sh` utility is changing its behaviour so that
`install-packages` *only* installs packages (no container manager).
Update the command to both install Docker and the packages.
Fixes#113.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
This commit introduces the instructions to be able to run trendy
service mesh Istio and Conduit with Kata Containers. It provides
a bit of feedback on how they actually work to give the reader a
quick overview. After this introduction, it provides restrictions
and instructions to enable them with Kata Containers.
Fixes#171
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
The script now has new options.
Add options to make CI work.
Fixes: #438
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
