Update virtcontainer to use latest swagger definition.
Most changes are around mandatory parameters which need to be
passed in via pointers so that the absence of the same can be
detected (vs using default values).
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
Auger Eric's latest patches about "ARM virt: Initial RAM expansion
and extended memory map"(https://patchwork.kernel.org/cover/10835377/)
paves the way to device memory, which is the foundation for NVDIMM and
memory hotplug.
This new feature on qemu kinds of depends on host kernel's new feature
on dynamic IPA range(https://lwn.net/Articles/750176/).
The availability of this feature is advertised by a new kvm cap
KVM_CAP_ARM_VM_IPA_SIZE. When supported, this capability returns the
maximum IPA shift supported by the host. The supported IPA size on
a host could be different from the system's PARange indicated
by the CPUs (e.g, kernel limit on the PA size).
Fixes: #1796
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Add a log message for every trace span created, required by the tracing
tests to validate tracing is working.
Fixes: #1814.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
The upstream yaml definition has a formatting issue. Fix the
indentation to ensure that swagger can generate the code.
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
We only use the swagger generated code from the firecracker-go-sdk.
Now that vsock support is directly available in the upstream
firecracker swagger definition unvendor and generate the
firecracker API directly from the upstream yaml definition.
Previosly vsock was not available in the upstream definition.
It is now provided as an experimental feature.
https://github.com/firecracker-microvm/firecracker/blob/master/api_server/swagger/firecracker-experimental.yaml
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
Upgrade Firecracker to 0.17.0. This is required to pick up
bug fixes needed in jailer, to allow kata to run firecracker
constrained by a jailer in Kata.
Fixes: #1746
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
shimv2 binary was not being built in case of any source changes.
Add dependency of source files to the shimv2 make target to fix this.
Fixes#1805
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
- docs: Fix typos and formatting
- vc: Fix TestQemuPPC64leMemoryTopology after qemu version bump
- vc: error handling for bindUnmount functionalities
- katautils: fix shim v2 fail to work with libnetwork
- kernelRootParams: define agnostic commonkernelRootParams
- Use O_NONBLOCK for tty stdin.
1b2b6b8 docs: Fix typos and formatting
0fb4396 vc: Fix TestQemuPPC64leMemoryTopology after qemu version bump
9c48536 katautils: fix shim v2 fail to work with libnetwork
e08f13e vc: error handling for bindUnmount functionalities
61fff89 vc: Add vendor package go-multierror
efc754f containerd-shim-kata-v2: Use O_NONBLOCK for tty stdin.
7e6fcdd kernelRootParams: define agnostic commonkernelRootParams
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
TestQemuPPC64leMemoryTopology fails on ppc64le
as the corect qemu version is not detected.
Fixes: #1790
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
detail how kata work with libnetwork
1. kata create a new netns
2. with EnterNS, kata change netns to the created one.
3. in pre-start hook, kata will re-exec libnetwork process
libnetwork-setkey, and send self pid to it. libnetwork use
/proc/pid/ns/net to find the netns kata use, and set veth into the netns.
v1/v2 shim use the same way to create network, v1 can successful
because EnterNS changed both current thread and main thread's netns.
But use v2 shim, only changed current thread netns, main thread still
use host netns, so it fails. Looks like v1 just lucky to be successful.
In kata, `state.Pid` should be tid.
Fixes: #1788
Signed-off-by: Ace-Tang <aceapril@126.com>
Add error handling surrounding the syscall of unmounting the
container rootfs. Include a unit test to check that missing
files are not considered errors when attempting to unmount.
Fixes: #164
Signed-off-by: gabrielle beyer <gabrielle.n.beyer@intel.com>
The go-multierror package provides clean handling of multiple
errors without returning after the first error is found. This
can be used in a loop that wants to complete before returning
all, if any, errors found.
Fixes: #164
Signed-off-by: gabrielle beyer <gabrielle.n.beyer@intel.com>
- Revert shimv2, vendor commits
- Disable default hugepages enabling for virtio-fs
- versions: update qemu version to 4.0.0
- factory: make vm templating work with vsock
7acdaa2 shimv2: Revert shimv2, vendor commits
a75db86 NEMU: Disable default hugepages enabling for virtio-fs
6c03e2a factory: make vm templating work with vosck
94c2c12 versions: update qemu version to 4.0.0
Signed-off-by: katacontainersbot <katacontainersbot@gmail.com>
This reverts:
- 590ed09 vendor: update gogo/protobuf, containerd and agent vendors
- eabfd99 shimv2: Improve shim shutdown logic
These introduce a regression for starting pods with k8s 1.14 + contaienr
1.2.6
Fixes: #1781
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
hugepages were enbled by default on NEMU to allow use of virtio-fs. kata
now has a change where virtio-fs will default to use /dev/shm as the
shared memory file backing location. With that, we should be able to
disable default hugepages for NEMU
Fixes: #1775
Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
As virtio v1.1 spec states:
The guest_cid configuration field MUST be fetched to determine the current CID when a VIRTIO_VSOCK_EVENT_TRANSPORT_RESET event is received.
Existing connections MUST be shut down when a VIRTIO_VSOCK_EVENT_TRANSPORT_RESET event is received.
Listen connections MUST remain operational with the current CID when a VIRTIO_VSOCK_EVENT_TRANSPORT_RESET event is received.
We should be able to use vm templating together with vsock easily, as
qemu already sends VIRTIO_VSOCK_EVENT_TRANSPORT_RESET event to guest.
Fixes: #1773
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
We need to add a few extra defaultQemuMachineOptions
for ppc64le for kata to work with qemu 4.0 version.
Fixes: #1771
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
- fc-toml: remove proxy section in config
- virtcontainers: support vm factory in QEMU 4
- docs: Fix spelling and formatting
- runtime: Enable file based backend
- runtime : delete redundant code in CreateContainer
- data/kata-collect-data: support kata containers snap
- shimv2: Improve shim shutdown logic
- Fix the issue that ctrl-c stop vmcache server will stop all containers that its VM is created by it
- virtcontainers: kill hypervisor if startSandbox fails
- data: Revert pull request #1405
- nemu: update nemu version
- versions: Update cri-containerd yaml
- shimv2: remove use containerd ns as netns
- fix the issue of hypervisor process is killed by kubelet
- ci: Build kata-runtime before running static checks
- virtcontainers: Set test qemu version for unit test
- shim v2: Close vhostfd after vm get vhostfd
- Add missing docs
- agent: fix agent debug console
- virtcontainers: Set correct Shmsize for ppc64le
- nemu-config: Add machine_type to config file
- katautils: don't mask systemd units
- Add virtiofsd log and fix qemu hang due to virtiofsd vq setup failure
- versions: Update golang to 1.11.10
- kata_proxy: Open a special goroutine do cmd.Wait
- versions: Update CRI-O version to 1.14.1
- network: delete IP addrs on bridge model to prevent ARP conflict
bbe5584 fc-toml: remove proxy section in config
b780c16 virtcontainers: support vm factory in QEMU 4
bdae295 runtime : delete redundant code in CreateContainer
1af68aa docs: Fix spelling and formatting
eabfd99 shimv2: Improve shim shutdown logic
a41894d runtime: Enable file based backend
722ac5a nemu-config: fix nemu for ci
590ed09 vendor: update gogo/protobuf, containerd and agent vendors
7bf6c67 cache: Call vm.Disconnect() when close vm
19115ef kata_proxy: Set Setsid to true when exec kata-proxy
82e51d4 data: Revert pull request #1405f301c95 shimv2: shutdown the sandbox when sandbox container exited
d6b3bff shimv2: remove use containerd ns as netns
0d535f5 shimv2: kill a container return directly once the container termianted
19288aa data/kata-collect-data: support kata containers snap
0d98e24 ci: Build kata-runtime before running static checks
5e1f5ca shimv2: fix the issue of passing the wrong container id
f7cc028 vc:Execute TestQemuPPC64leMemoryTopology depending on qemu version
7381cd5 agent: fix agent debug console
b203fdb versions: Update cri-containerd yaml
6be5e5f nemu-config: Add machine_type to config file
1789b65 virtcontainers: Set correct Shmsize for ppc64le
d66d855 katautils: don't mask systemd units
89e0dfa qemu: stop qemu process when virtiofsd quits
d0aae80 qemu: print virtiofsd logs when debug is on
c22b15d versions: Update golang to 1.11.10
f89834a virtcontainers: avoid unnecessary error checking in startVM
a27a3e7 virtcontainers: kill hypervisor if startSandbox fails
5d527d7 versions: Update CRI-O version to 1.14.1
071030b shimv2: Close vhostfd after vm get vhostfd
da2749c docs: Add missing docs
1563263 docs: Simplify link
bdb1047 network: delete IP addrs on bridge model to prevent ARP conflict
00d03c1 kata_proxy: Open a special goroutine do cmd.Wait
Signed-off-by: katacontainersbot <katacontainersbot@gmail.com>
proxy will never be use with the Firecracker VMM. Keeping this header
will result in runtime failures, since the configuration will be parsed
on the path searched for.
Since vsock will always be used, remove the proxy section.
Fixes: #1761
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Update the README explaining that Kata Containers are Linux-based and
run on Linux hosts.
Fixes: #1759.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Fixes: #1659
our testing found that the client does not open
stdin with O_WRONLY, so the shim v2 was blocked forever
in open stdin with O_RDONLY. It's better to make it
opened with O_NONBLOCK, and do not block starting process
of container. and the containerd runc shim has done this
by bc1ff514 as well.
Signed-off-by: Yang, Wei <w90p710@gmail.com>
Signed-off-by: Yang, Wei <wei.yang1@linux.alibaba.com>
Let's define agnostic commonkernelRootParams for all hypervisors,
including qemu, firecracker, etc. for now, it has two scenarios,
one for NVDIMM, one for virtio-blk.
Fixes: #1642
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
