Add the container id and exec id to start container's log
which would make it clearly to check the log.
Fixes: #173
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
Make explicit that sharedfs is supported.
Other features are not supported today.
Fixes: #2567
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
All the other caps are inverted (not supported by default).
Make fs sharing not supported by default and let hypervisors
expose if it supports it.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
To have a consistent behavior of CPU hotplug with qemu in clh, we should
only report warning instead of errors when the requested vCPUs exceeds
the maximum number of vCPUs allowed.
Fixes: #2551
Signed-off-by: Bo Chen <chen.bo@intel.com>
- Add support to change default hypervisor via env variable.
- Show in the summary the default hypervisor to be used.
```
export DEFAULT_HYPEVISOR=cloud-hypervisor
make
sudo -E make install
```
Fixes: #2565
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Request memory to resize memory to hypervisor.
Depends-on: github.com/kata-containers/tests#2413
Fixes: #2526
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
We currently use containerd v1.3.0, but this version has an
issue when running the containerd/cri tests with go 1.13.
This commit: 3a4acfbc99aa976849f51a8edd4af20ead51d8d7 from
branch release/1.3 contains the fix to be able to run the
tests with go 1.13.
Depends-on: github.com/kata-containers/tests#2415
Fixes: #2562.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Currently for our CI, we have SLES 15 SP1, this PR updates the current obs
version to match with our current testing.
Fixes#983
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
We need to update the SLES installation guide, as we have obs packages
for SLES 12 SP4 and not for SLES 12 SP3.
Fixes#620
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
Add MemUnit to help to manage memory, this will handle memory
units internally and provide proper methods to convert to different
units.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
API VMInfo call is done more than one time. This leads to have
similar code in multiple times, create context, defer, do call.
Move the logic to one function.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Use latest master to enable memory hotplug.
Changes:
c1e6d00 ci: Add memory resizing use case to vhost-user tests
890582b ci: Factorize kernel command line
4de2584 ci: Fix mmio tests with direct kernel boot
f268246 ci: Factorize integration tests booting from vhost-user-blk
5a5b3cf ci: Factorize vhost-user-blk integration tests
dd8debf ci: Run vhost-user-blk tests for mmio builds
0c9c72c ci: Unify vhost-user-blk integration tests
c95851f ci: Run vhost-user-net tests for mmio transport
68293fc ci: Factorize vhost-user-net one step further
d75e745 vm-virtio: vhost-user: Send memory update to the backend
7ff82af vm-virtio: vhost-user: Factorize SET_MEM_TABLE setup
e54f8ec vmm: Update memory through DeviceManager
bc874a9 vm-virtio: Add update_memory() to VirtioDevice trait
93becca build(deps): bump backtrace from 0.3.45 to 0.3.46
feb8d7a vmm: Separate seccomp filters between VMM and API threads
5120c27 main: Add seccomp support
f1a23d7 vmm: api: Add seccomp to the HTTP API thread
db62cb3 vmm: Add seccomp filter to the VMM thread
cb98d90 vmm: Create new seccomp_filter module
708f02d vmm: Pull seccomp crate from Firecracker
18fbd30 vhost-user-fs: return correct result of fs_slave_io()
bbc385c devices: ioapic: Remove unused MsiMessage structure
2fc86ff dev_cli: Always pull the latest container image
4b462a5 Dockerfile: Add cpio and bsdtar to the container image
8acc15a build: Bump vm-memory and linux-loader dependencies
38ed560 build(deps): bump thiserror from 1.0.12 to 1.0.13
9f67de4 build(deps): bump proc-macro-hack from 0.5.12 to 0.5.14
ebab809 build(deps): bump thiserror from 1.0.11 to 1.0.12
c67e407 build(deps): bump syn from 1.0.16 to 1.0.17
bdcfe1e tests: Add "discard_writes" pmem test
7098602 tests: Make the test_virtio_pmem test use a temporary file
f7197e8 vmm: Add a "discard_writes=" to --pmem
d11a67b vmm: Use more generic MmapRegion constructor
7257e89 vmm: Add "readonly" parameter MemoryManager::create_userspace_mapping
03cb26c release: v0.6.0
3e9a39c github: Upload the ch-remote asset
c503118 vmm: fix a corrupted stack caused by get_win_size
0788600 build: Remove "pvh_boot" feature flag
477bc17 bin: Share VFIO device syntax between cloud-hypervisor and ch-remote
96be2db build(deps): bump serde_derive from 1.0.104 to 1.0.105
5a335fc build(deps): bump serde from 1.0.104 to 1.0.105
a31ffef openapi: Add hotplug_size for memory hotplug
87990f9 vmm: Add virtio-pci device to B/D/F hash table
fb185fa vmm: Always return PCI B/D/F from add_virtio_pci_device
462082c build(deps): bump arc-swap from 0.4.4 to 0.4.5
c821e96 vhost_user_fs: Implement support for FUSE_LSEEK
5aa9abc docs: Add document for vhost-user-net test with OVS/DPDK
6329219 vm-virtio: queue: Use a SeqCst fence on get_used_event
63eeed2 vm: Comment on the VM config update from memory hotplug
0895bcb build(deps): bump proc-macro-hack from 0.5.11 to 0.5.12
0541f5a build(deps): bump proc-macro-nested from 0.1.3 to 0.1.4
51f51ea build(deps): bump libc from 0.2.67 to 0.2.68
9cf67d1 arch: x86: Always set the bootloader type
ad35470 arch: x86: Extract common bootparams settings
28a5f9d vmm: acpi: Remove unused IORT related structures
5c1207c vhost-user-fs: handle FS_IO request
f61f78e build(deps): bump anyhow from 1.0.26 to 1.0.27
efb2447 pvh: Add integration test to validate PVH boot
da084fa pvh: Add unit tests for initial sregs and control registers
64941bf pvh: Add unit tests for start_info and memory map structures
9e247c4 pvh: Introduce "pvh_boot" feature
a22bc35 pvh: Write start_info structure to guest memory
840a9a9 pvh: Initialize vCPU regs/sregs for PVH boot
24f0e42 pvh: Introduce EntryPoint struct
98b9568 pvh: Add definitions for PVH boot protocol support
6e6ef83 build: Fix log dependency
291f1ce build(deps): bump linux-loader from `0c754f3` to `0ce5bfa`
07cc73b vhost_user_fs: add a flag to disable extended attributes
710520e vhost_user_fs: Process requests in parallel with a thread pool
90309b5 vm-virtio: queue: Add methods to switch a descriptor context
2294c2d Add .rustfmt.toml to the project
48c4885 vhost_user_fs: replace HandleData's File Mutex with RwLock
134e64c arch, qcow: Fix 1.42.0 clippy warnings
6ea85ca resources: Dockerfile: Update Rust toolchain
4579afa vmm: For --disk error if socket and path is specified
7e599b4 vmm: Make disk path optional
477d924 github: Build from a rust toolchain matrix
4f2469e main: Remove "--vhost-user-net"
8d785bb pci: Fix the PciBus using HashMap instead of Vec
04f2ccd build(deps): bump ryu from 1.0.2 to 1.0.3
02265bb build(deps): bump regex-syntax from 0.6.16 to 0.6.17
40b38a4 openapi: Make desired_ram int64 format
ca3b39c bin: Fix wrapping in help strings
ee1ba56 build: Use "wrap_help" feature for clap
3957d1e vhost_user_backend: call get_used_event from needs_notification
536323d vm-virtio: queue: hint that get_used_event should be inlined
401e1d2 vm-virtio: queue: fix a barrier comment at update_avail_event
e0bdfe8 vm-virtio: queue: add a missing memory barrier in get_used_event
df2570a resources: Simplify kernel config filename
9ab648b resources: Enable VIRTIO_MEM support
0339853 ci: Bump to kernel 5.6-rc4
abccf76 tests: Use ch-remote to add/remove devices in test_vfio
5c3ce9d tests: Extend ch-remote helper to support optional single argument
9a7d9c9 ch-remote: Support removing VFIO devices
0d53ba4 ch-remote: Support adding VFIO devices
babefbd main: Remove spurious second help line for "--device"
63c5d09 github: Trigger the build job on PRs
8cbb6d0 github: Replace Travis CI with github actions
efba48d vmm: Don't put a VFIO device behind the vIOMMU by default
34412c9 vmm: Add id option to VFIO hotplug
18dc916 vmm: Switch to the micro-http package
9023444 vmm: Add id field to --device through CLI
f4a956a vmm: Remove 32 bits MMIO range from correct address space
432eb5b vmm: Free PCI BARs when unplugging PCI device
f0dff8b vfio: pci: Remove KVM user memory region when cleaning up
34d1f43 vfio: pci: Implement free_bars() from the PciDevice trait
b8e1cf2 vm-allocator: Add new function to free 32 bits MMIO address space
f3dc245 pci: Extend PciDevice trait with new free_bars() method
911a2d6 tests: Use ch-remote to resize the VM
21160f7 ch-remote: Add "resize" command
bb2d04b ch-remote: Add support for sending a request body
bde4f73 ch-remote: Refactor HTTP response handling
6ed23bb build(deps): bump micro_http from `9bbde4f` to `6b3e5f0`
5edd812 build(deps): bump backtrace-sys from 0.1.33 to 0.1.34
f727714 ci: Add integration test for VFIO hot-unplug
b50cbe5 pci: Give PCI device ID back when removing a device
df71aae pci: Make the device ID allocation smarter
e514b12 vmm: Update VmConfig when removing VFIO device
81173bf vmm: Add id field to DeviceConfig structure
6cbdb9a vmm: api: Introduce new "remove-device" HTTP endpoint
991f3bb vmm: Remove VFIO device from everywhere it is referenced
6adebbc vmm: Detect when guest notifies about ejecting PCI device
0e21c32 devices: Add new method to remove all occurrences of a BusDevice
f8e2008 pci: Add a function to remove a PciDevice from the bus
08604ac vmm: Store PCI devices as Any devices from DeviceManager
0f99d3f vmm: Store VFIO device's name and its PCI b/d/f
13a61c4 build(deps): bump rand_chacha from 0.2.1 to 0.2.2
fcd605a build(deps): bump micro_http from `6d416af` to `9bbde4f`
30b6954 vm-virtio: Consume pause events to prevent infinite epoll_wait calls
16fd506 tests: Use new ch-remote for pause/resume integration test
ba8cd4d bin: Introduce "ch-remote" for controlling VMM
06cd31c build(deps): bump micro_http from `02def92` to `6d416af`
7e941c9 build(deps): bump linux-loader from `8cb7c66` to `0c754f3`
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
CRI-O config option manage_network_ns_lifecycle is replaced with
manage_ns_lifecycle in 1.17, which determines whether we pin and remove
namespaces and manage their lifecycle. Update docs to reflect both.
Fixes#617
Signed-off-by: Chelsea Mafrica <chelsea.e.mafrica@intel.com>
vfio devices hotplugged in the VM are expected to be handled by the kernel
driver in the guest, hence the char vfio devices shouldn't appear in the
container under /dev/vfio/.
fixes#2539
Signed-off-by: Julio Montes <julio.montes@intel.com>
Immutable systems, as such Red Hat Core OS and Fedora Core OS, will not
allow mount_dir to be created in a location that's not read-write.
Let's ensure we use $TMPDIR (with /tmp as fallback) as base for mount_dir,
as it's a safe writable choice for any distro supported by kata.
Fixes: #437
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Instead of iterate in a loop dividing bytes by 1024, use right shift
to convert Bytes to GBytes and check if that number is greater than 4G
Signed-off-by: Julio Montes <julio.montes@intel.com>
Make sure the number of columns in the PCI resource file is greater
or equal to 2, since the first two columns are used to calculate
the PCI bar space.
Add unit test for `isLargeBarSpace()`.
fixes#2542
Signed-off-by: Julio Montes <julio.montes@intel.com>
In the previous implementation, create a container process
by forking the parent process as the container process,
and then at the forked child process do much more setting,
such as rootfs mounting, drop capabilities and so on, at
last exec the container entry cmd to switch into container
process.
But since the parent is a muti thread process, which would
cause a dead lock in the forked child. For example, if one
of the parent process's thread do some malloc operation, which
would take a mutex lock, and at the same time, the parent forked
a child process, since the mutex lock status would be inherited
by the child process but there's no chance to release the lock
in the child since the child process only has a single thread
which would meet a dead lock if it would do some malloc operation.
Thus, the new implementation would do exec directly after forked
and then do the setting in the exec process. Of course, this requred
a data communication between parent and child since the child cannot
depends on the shared memory by fork way.
Fixes: #166Fixes: #133
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
