After we rename pod to sandbox, still there are some codes left which
will cause some misunderstanding.Such as,`p` in short of `pod` left in
`sandbox.go`.So we need to channge it into `s` in short of `sandbox`.
Fixes:#230
Related: #200
Signed-off-by: Haomin Tsai <caihaomin@huawei.com>
maligned linter was complaining about the size of the
struct. So move fields around to pack the struct better.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Many cli and arch files were using the 'older style' fairly full
Apache license text. The project standard is the shorter SPDX style.
Convert them over.
Fixes: #225
Signed-off-by: Graham whaley <graham.whaley@intel.com>
Add spec command that generates a basic config.json for kata.
fixes#188
Signed-off-by: Ruidong Cao <caoruidong@huawei.com>
Signed-off-by: Ruidong <caoruidong@huawei.com>
Disable cpuset and cpumem constraints as this is not properly
supported yet.
If we add "cpuset_cpus" and "cpuset_mems" to the container.json,
kata-runtime failed to start, so we need to disable them.
Fixes: #221.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Those different files were all calling into a go routine that was
eventually reporting some result through a go channel. The problem
was the way those routine were implemented, as they were hanging
around forever. Indeed, nothing was actually listening to the channel
in some cases, and those routines never ended.
This was one of the problem detected by the fact that our unit tests
needed more time to pass because when they were all run in parallel,
the resources consumed by those routines were increasing the time
for other tests to complete.
Fixes#208
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Because of the bad design of the cc_proxy_mock go routine, we were
leaving an infinite loop running into this go routine behind. This
was consuming a lot of resources and it was obviously slowing down
the tests being run in parallel. That's one of the reason we were
hitting the 10 seconds timeout when running go tests.
Fixes#208
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
When using noopShim type from the unit tests, we were ending up
getting a PID 1000, and when checking if the shim was around, we
were always expecting the shim to be "not running", based on the
fact that the process was not there anymore. Unfortunately, this
was a very wrong assumption because we cannot control which PIDs
are running or not on the system. The way to simplify this is to
return a PID 0 in case of noopShim, processed as a special case
by the function waitForShim().
Fixes#208
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This change updates to latest version from CRI-O
of the 1.9 branch.
This will allow us to unskip a test from the
CRI-O ctr.bats test file.
Fixes: #182.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
This new version of kata-containers agent includes
the fix for CPU hotplug race condition
Shortlog:
131554d network: specify netlink protocol
49f01ed protocols/grpc: fix CPU hotplug race condition
ee7850d mockreaper: implement mock reaper
9f60034 reaper: implement reaper interface
Signed-off-by: Julio Montes <julio.montes@intel.com>
Communicate to the agent the number of vCPUs that were hot added,
allowing to the agent wait for the creation of all vCPUs.
fixes#90
Signed-off-by: Julio Montes <julio.montes@intel.com>
As agreed in [the kata containers API
design](https://github.com/kata-containers/documentation/blob/master/design/kata-api-design.md),
we need to rename pod notion to sandbox. The patch is a bit big but the
actual change is done through the script:
```
sed -i -e 's/pod/sandbox/g' -e 's/Pod/Sandbox/g' -e 's/POD/SB/g'
```
The only expections are `pod_sandbox` and `pod_container` annotations,
since we already pushed them to cri shims, we have to use them unchanged.
Fixes: #199
Signed-off-by: Peng Tao <bergwolf@gmail.com>
The runtime already hot added the number of vCPUs needed by each container,
in order to have a better control over those resources, CPU constraints
must be applied.
fixes#203
Signed-off-by: Julio Montes <julio.montes@intel.com>
Check if a volume passed to the container with -v is a block device
file, and if so pass the block device by hotplugging it to the VM
instead of passing this as a 9pfs volume. This would give us
better performance.
Add block device associated with a volume to the list of
container devices, so that it is detached with all other devices
when the container is stopped with detachDevices()
Fixes#137
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
All bind mounts are now passed to the guest with 9p.
We need to exclude /dev/shm, as this is passed as a bind mount
in the spec. We handle /dev/shm in the guest by allocating
memory for it on the guest side. Passing /dev/shm as a 9p mount
was causing it to be mounted twice.
Fixes#190
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
It tracks all existing pods in the current runtime. If the runtime
calls multiple APIs, it can reuse existing pod data structure instead
of re-construct it in every API call.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
To include the grpc yamux dialer.
Included kata agent git log:
e37feac protocol: client: enable builtin yamux client support
a862fea agent: Fix container creation rollback
9602e11 vendor: Update libcontainer vendoring
92f87a1 agent: Rollback properly when container creation fails
128f87d mount: Correct error message with mount failure.
7a182a4 device: VmPath can be empty if an Id is provided
0275654 ci: lib: allow override of tests_repo
205a4d7 github: Add issue template
103aacd announce: Add total memory
e277ec6 announce: Add device and storage handlers
5d7463f announce: Add standard fields when running as PID 1
4655950 agent: Add announce function
5e6c385 CI: Require pullapprove ack for protocol changes
5d40027 tests: Skip more tests if non-root
4ba8499 tests: Use root skip function
9a2da30 tests: Move helper function
ae2be84 device: Add validation and debug
9e7b27c mount: Log params and validate
Signed-off-by: Peng Tao <bergwolf@gmail.com>
When specified, it does not spawn a new process to proxy kata grpc
connections. Instead, the yamux multiplexing functionality is builtin
in the kata agent dialer.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
If kata-runtime is already added as a runtime to
kata-containers.conf then you need not add it again.
Fixes: #49
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
in order to make log-parser happy, mockcontainer must return
always a valid process with a fake PID, since log-parser checks
that PID value in the logs and it must be different to zero
Depends-on: github.com/kata-containers/tests#226
Signed-off-by: Julio Montes <julio.montes@intel.com>
Factorize configuration and hardware support for hotplugging block
devices into a single function and use that.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
