- versions: Update Kubernetes, containerd and cri-o
- virtcontainers: fix sandbox store struct VFIODevice bug
- virtcontainers: Add function supportGuestMemoryHotplug
- make: add ability to skip go version check
- cli: Fix console for big endian architecture
- virtcontainers: fix not close socket with ethtool
- build: introduction of archConvertStatFs function
- network: support hotplug a nic several times
- sandbox: Extend sandbox API
- golang.mk: Check and install yq before use it
- cli: refactor the config into a separated package
- newContainer: Not attach device if it is a CDROM
- build: check golang version meets min req.
- network: Use constant string for "none" network model
- runtime,netmon: build as Position-Independent-Executable
- virtcontainers: Rely on new interface LinkType field
- enable default network endpoints hotplug for vm factory
- cli: fix the issue of using wrong path to get version
- cli: add guest hook path option (v2)
- factory: use customised deep compare
- qemu: query migrate status
- Add support for ipvlan network driver
- Add cgroup support
- vfio: Change the way the driver is fetched
- vendor: Rely on new agent package types
- network: Use tc filtering rules in bridge mode
- cli: add configuration option to use or not use host netns
- versions: Update golang to 1.10.4
- network: Marshal BridgedMacvlanEndpoint and MacvtapEndpoint
- device: fix the issue of passing wrong device address using virtio-blk
- create/run: Make bundle path default to cwd
- virtcontainers: Add missing API trace calls
- sandbox/virtcontainers: memory resource hotplug when create container.
- virtcontainers: Add missing API release calls
- qemu: Disable the default romfile used by virtio-pci
- Refactor network.go
- network: Sort endpoints by name
- virtcontainers: qemu: Add proper support for virt machine type
- network: Add support for macvlan and macvtap driver
- memory: update: Update state using the memory removed
- block: Advertise block support for q35
- vendor: fix govmm package
766f9ed versions: Update Kubernetes, containerd and cri-o
cba7a88 virtcontainers: fix sandbox store struct VFIODevice bug
0796f2e virtcontainers: Add function supportGuestMemoryHotplug
d73f27c test: set arch for test TestHotplugRemoveMemory
bf56858 cli: Fix console for big endian architecture
4b9a471 virtcontainers: fix not close socket with ethtool
58c1db5 make: notify user if yq is going to be installed
ab43e2a make: add ability to skip go version check
b185f31 build: introduction of archConvertStatFs function
982381b api: Cleanup StartContainer()
5777381 sandbox: Create and export Pause/ResumeContainer() to the API level
b298ec4 sandbox: Create and export ProcessListContainer() to the API level
3add296 sandbox: Create and export KillContainer() to the API level
7653726 sandbox: Create and export StopContainer() to the API level
109e12a sandbox: Export Stop() to the API level
6c3e266 sandbox: Export Start() to the API level
f5048b7 golang.mk: Check and install yq before use it
2f98b3e network: support hotplug a nic several times
842a00a cli: refactor the config into a separated package
193b324 newContainer: Not attach device if it is a CDROM
8ddc0ce network: Use constant string for "none" network model
5199777 virtcontainers: Rely on new interface LinkType field
45b2191 netmon: Rely on new interface field LinkType
7bf84d0 types: Replace agent/pkg/types with virtcontainers/pkg/types
39b95cc virtcontainers: Create a new package "types"
658bdb1 runtime,netmon: build as Position-Independent-Executable
e9aa870 network: enable network hotplug for vm factory
95f4fdb build: check golang version meets min req.
eaa5c7a CI: travis: call yq installer
cbf7fb2 CI: travis: add yq installer script
11c6753 cli: fix the issue of using wrong path to get version
21a671e network: set endpoint pci address when hotplug
33abb3e cli: add guest hook path option in the configuration file
34fe3b9 cgroups: add host cgroup support
523d49c vendor: add github.com/containerd/cgroups lib
38d56c9 netmon: Rely on agent/pkg/types instead of duplicating types
309dcf9 vendor: Update the agent vendoring based on pkg/types
0acbbf0 network: Add support for ipvlan
c38792e config: Add documentation for tcfilter in configuration.toml
17be8e3 network: Introduce constants for the network model strings
5da973d test: Add test to verify tc redirect
e20dbd0 network: Use tc redirect filter to redirect traffic to the VM
526d55b versions: Update golang to 1.10.4
62992f5 versions: Update cri containerd version for golang 1.10.2 fix
31cf6fb vfio: Change the way the driver is fetched
7a5a57d cli: test: add unit test for kata-env and kata-check
14e5437 cli: add configuration option to use or not use host netns
6935279 network: add new NetInterworkingModel "none" and endpoint type TapEndpoint
f8f2962 virtcontainers: refactor hotplug qmp functions
21d38e9 network: Marshal BridgedMacvlanEndpoint and MacvtapEndpoint
32ef29b factory: use customised deep compare
36306e2 sandbox/virtcontainers: modify tests relate to memory hotplug.
3f39d6e virtcontainers: Add missing API release calls
b72a3cd device: fix the issue of passing wrong device address using virtio-blk
ee9275f virtcontainers: Add missing API trace calls
8831245 create/run: Make bundle path default to cwd
0ae5b14 qemu: Disable the default romfile used by virtio-pci
6f0873a vendor: Update govmm vendoring
14f480a sandbox/virtcontainers: combine addResources and updateResources
8e2ee68 sandbox/virtcontainers: memory resource hotplug when create container.
b04691e network: Collapse log calls for endpoint Attach and Detach
ab15498 network: Explicitly check for veth type
3c590b0 network: Rename VirtualEndpoint to VethEndpoint
df8f21d network: Refactor network tests.
adcd910 network: Refactor network.go
8f1b28d network: Sort endpoints by name
eb77a41 qemu: make saveSandbox wait for migration completion
dffb4f9 virtcontainers: qemu: Add proper support for virt machine type
3c7cf58 tests: Add additional network tests to verifu link creation functions
378191a tests: Add tests for macvlan and macvtap endpoints
def070d golint: Refactor to reduce cyclomatic complexity
417c1f0 macvtap: Add support for macvtap
0de7572 vendor: Update govmm vendoring
581ff17 macvlan: Assign random MAC address
8847af8 network: Add support for macvlan driver
1f5792e test: fix unit test nil pointer.
4697cf3 memory: update: Update state using the memory removed.
0cab192 block: Advertise block support for q35
f4cf213 vendor: fix govmm package
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Update supported versions of Kubernetes with its
corresponding CRI implementations:
- Kubernetes from 1.10.5 to 1.12.2
- cri-o from 1.10 to 1.12.0, commit:
fa540c8e806d28c2cbcd157bdf8acf2b20990ab6 as it is needed
for fixing the devicemapper issues when removing a pod.
More info on this issue, see:
https://github.com/kubernetes-sigs/cri-o/issues/1883
- containerd from 1.1.3 to 1.2.0
Fixes: #927.
Depends-on: github.com/kata-containers/tests#926
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Since struct VFIODevice needed to be stored into disk by storeSandboxDevices() function,
however struct VFIODevice has a field named "vfioDevs", which is named begin with lower-case,
so it can't be written into file by json.Marshal.And this bug will will cause hotplug vfio
device can not been removed correctly while container exits.
Fixes: #924
Signed-off-by: flyflypeng <jiangpengfei9@huawei.com>
This PR defines a new function supportGuestMemoryHotplug that
clearly defines if the architecture supports memory hotplug. The function
can be reimplemented in virtcontainers/qemu_$arch.go file for each
architecture.
Fixes: #910
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
The function ioctl can lead to a big endian bug.
Issue already solved in containerd/console:
dbd69c59b8Fixes: #921
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Add the ability to skip checking the go version, by passing to make the
variable SKIP_GO_VERSION_CHECK=1
Fixes: #916
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
Type of StatFs is not always declared as int64 for all the architecture(e.g s390x).
The function archConvertStatFs could be reimplemented for other architecture
to correctly convert the StatFs.Type.
Fixes: #908
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
In order to support use cases such as containerd-shim-v2 where
we would have a long running process holding the sandbox pointer,
there would be no reason to call into the stateless functions
PauseContainer() and ResumeContainer(), which would recreate a
new sandbox pointer and the corresponding ones for containers.
Fixes#903
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
In order to support use cases such as containerd-shim-v2 where
we would have a long running process holding the sandbox pointer,
there would be no reason to call into the stateless function
ProcessListContainer(), which would recreate a new sandbox pointer
and the corresponding ones for containers.
Fixes#903
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
In order to support use cases such as containerd-shim-v2 where we
would have a long running process holding the sandbox pointer, there
would be no reason to call into the stateless function KillContainer(),
which would recreate a new sandbox pointer and the corresponding ones
for containers.
Fixes#903
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
In order to support use cases such as containerd-shim-v2 where we
would have a long running process holding the sandbox pointer, there
would be no reason to call into the stateless function StopContainer(),
which would recreate a new sandbox pointer and the corresponding ones
for containers.
Fixes#903
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
In order to support use cases such as containerd-shim-v2 where we
would have a long running process holding the sandbox pointer, there
would be no reason to call into the stateless function StopSandbox(),
which would recreate a new sandbox pointer and the corresponding ones
for containers.
Fixes#903
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
In order to support use cases such as containerd-shim-v2 where we
would have a long running process holding the sandbox pointer, there
would be no reason to call into the stateless function StartSandbox(),
which would recreate a new sandbox pointer and the corresponding ones
for containers.
Fixes#903
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
golang.mk call yq to get golang_version_min but some environments do
not install it.
This patch check and install yq before use it to handle the issue.
Fixes#899
Signed-off-by: Hui Zhu <teawater@hyper.sh>
Bind back the nic's MAC in HotDetach. So we don't need to modify
nic's MAC in description to hotplug it again.
Fixes: #894
Signed-off-by: Ruidong Cao <caoruidong@huawei.com>
Refactor the config related codes into a separated
package which can be shared with other cli programs
such as kata's shimv2.
Fixes: #787Fixes: #714
Signed-off-by: fupan <lifupan@gmail.com>
Got "docker: Error response from daemon: OCI runtime create failed:
QMP command failed: unknown." when "docker run --privileged" with kata.
In qemu part, it got:
"Could not open '/dev/sr0': Read-only file system"
or
"No medium found"
The cause is qemu need open block device to get its status.
But /dev/sr0 is a CDROM that cannot be opened.
This patch let newContainer doesn't attach device if it is a CDROM
to handle the issue.
Fixes#829
Signed-off-by: Hui Zhu <teawater@hyper.sh>
Now that Interface structure includes the useful information about
the type of interface, Kata does not need to do any assumption about
the type of interface that needs to be added.
Fixes#866
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
In order to provide the right information about the interface that
needs to be added, kata-netmon provisions the new field LinkType of
the Interface structure.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit replaces every place where the "types" package from the
Kata agent was used, with the new "types" package from virtcontainers.
In order to do so, it introduces a few translation functions between
the agent and virtcontainers types, since this is needed by the kata
agent implementation.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Instead of relying on the kata agent to define generic structures,
the logic is to define those as virtcontainers "types" package.
This way, all consumers of those structures, such as kata-runtime,
kata-netmon, and kata-containerd-shim, don't have to import some
dependency from the kata-agent.
Fixes#876
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Build {runtime,netmon} as Position-Independent-Executable (PIE) for improved
security and compliancy with distros packaging guidelines.
Fixes: #875
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
After we scan the netns, we should hotplug the network interface to
the guest after it is kicked off running.
Fixes: #871
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Check that the system golang version is new enough to build with
according to the data from the `versions.yaml` file.
Update the verions in the versions.yaml accordingly, and add a note
describing what the 'newest-version' item represents.
Note, we only do a minimum requirement check, and are not checking
against the 'newest-version' info from the yaml.
Fixes: #148
Inspired-by: Wei Zhang <zhangwei555@huawei.com>
Idea-by: James O. D. Hunt <james.o.hunt@intel.com>
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Install `yq` before running the tests.
The Makefile now uses `yq` to check the golang version against
the versions file.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
We need to have `yq` installed before we can 'make', as we
now use it for a version check in the build. But, we may not
have golang installed. Add a script that installs `yq` via
curl'ing from the github releases.
This was cloned from the function in the tests repo .ci scripts
that perform the same action.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Both of the netmon and proxy should use the right path
figured out from the configure instead of the default settings
to get their versions.
Fixes: #868
Signed-off-by: Fupan Li <lifupan@gmail.com>
