github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-07-06 20:09:44 +00:00
Code Issues Projects Releases Wiki Activity
5,839 Commits 85 Branches 134 Tags 306 MiB
9963428a4d
Commit Graph

5839 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
bin
9963428a4d docs: update document for using debug console 
Delete using `kata-monitor` to use `kata-runtime exec`

Fixes: #1329

Signed-off-by: bin <bin@hyper.sh>
 2021-02-09 19:37:06 +08:00
bin
44cde6e464 runtime: connect guest debug console bypass kata-monitor 
Parse agent socket address by conversation to improve usability of
using guest debug console.

Fixes: #1329

Signed-off-by: bin <bin@hyper.sh>
 2021-02-09 19:36:48 +08:00
Fabiano Fidêncio
d6682e3168
Merge pull request #1261 from Jakob-Naucke/update-yq 
ci: Upgrade to yq 3.4.1
 2021-02-09 10:21:14 +01:00
Fabiano Fidêncio
548c459066
Merge pull request #1375 from fidencio/wip/fix-build-kernel 
kernel: Don't fail if "experimental" dir doesn't exist
 2021-02-09 10:05:54 +01:00
Bin Liu
4e6a39cd25
Merge pull request #1366 from fidencio/wip/kata-deploy-remove-mention-to-docker 
kata-deploy: Remove kata-deploy-docker.sh
 2021-02-09 16:11:44 +08:00
Fupan Li
5d1432210c
Merge pull request #1352 from liubin/fix/migrate-opentracing-to-opentelemetry 
runtime: migrate from opentracing to opentelemetry
 2021-02-09 10:18:10 +08:00
bin
3406502706 runtime: add jaeger configuration items 
add configuration items in Kata Containers
configuration file to let users specify jaeger
collector address, and user/password.

Signed-off-by: bin <bin@hyper.sh>
 2021-02-09 08:02:05 +08:00
Fabiano Fidêncio
fbab262f2d kernel: Don't fail if "experimental" dir doesn't exist 
This directory has been automatically removed as there's no files inside
it, as part of d3c9862059

Let's improve the logic in the scripts to avoid failing in case the
"experimental" dir is not present.

Fixes: #1328

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2021-02-08 21:52:53 +01:00
Fupan Li
f3e9d4e7e3
Merge pull request #1373 from ManaSugi/use-rlimit-crate 
rustjail: use rlimit crate
 2021-02-08 23:15:37 +08:00
Manabu Sugimoto
e1dce3a369 rustjail: use rlimit crate 
The current implementation of rustjail uses the specific setrlimit.
This patch uses rlimit crate for maintainability.

Fixes: #1372

Signed-off-by: Manabu Sugimoto <Manabu.Sugimoto@sony.com>
 2021-02-08 18:43:56 +09:00
Jakob Naucke
8045104eaf ci: Upgrade to yq 3.4.1 
Since the resolution of https://github.com/mikefarah/yq/issues/502,
the `yq` binary is no longer broken on s390x. This is an upgrade to
the latest v3 version of yq (v4 has new syntax).

Fixes: #1260

Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
 2021-02-08 09:29:57 +01:00
Fupan Li
d54c702539
Merge pull request #1368 from ManaSugi/get_caps_dyn 
rustjail: get all capabilities dynamically
 2021-02-08 16:00:51 +08:00
Manabu Sugimoto
a252d861e3 rustjail: get all capabilities dynamically 
The runtime determines the kernel capability set at runtime.

Fixes: #1370

Signed-off-by: Manabu Sugimoto <Manabu.Sugimoto@sony.com>
 2021-02-07 16:39:14 +09:00
Fabiano Fidêncio
d4391d784d
Merge pull request #1334 from clnperez/ppc64le-protoc 
agent: README update to install protoc for ppc64le
 2021-02-06 01:08:42 +01:00
Fabiano Fidêncio
7b5e56b274
Merge pull request #1360 from fidencio/wip/qemu-virtiofs-security-fixes 
qemu: Add security fixes for CVE-2020-35517
 2021-02-05 21:37:46 +01:00
Chelsea Mafrica
a12772c601
Merge pull request #1358 from Tim-Zhang/remove-allow 
Fix lints and remove allow attributes which silence these warnings
 2021-02-05 12:17:29 -08:00
Fabiano Fidêncio
62cbaf4de4 kata-deploy: Remove kata-deploy-docker.sh 
Kata Containers 2.x is not supported outside of the kubernetes world.
With this in mind, let's remove leftovers from the 1.x deployments &
documentation.

Fixes: #1356

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2021-02-05 15:18:43 +01:00
Fabiano Fidêncio
b548114f59 qemu: Add security fixes for CVE-2020-35517 
This series is based on
https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg01787.html, and
was kindly brought up by David Gilbert.

Fixes: #1361

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2021-02-04 22:26:20 +01:00
Christy Norman
11680efe4e agent: README update to install protoc for ppc64le 
Add a bit to the agent README about installing protoc manually for Power (ppc64le)

Fixes: #1068

Signed-off-by: Christy Norman <christy@linux.vnet.ibm.com>
 2021-02-04 17:03:31 +00:00
Tim Zhang
f16ab49b5b agent: fix non_camel_case_types lint and stop hiding the warning 
Fixes: #1359

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2021-02-04 21:36:21 +08:00
Tim Zhang
8ffe4d6748 agent: fix unused_parens lint and stop hiding the warning 
Fixes: #1359

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2021-02-04 21:24:04 +08:00
Tim Zhang
f70ca69d0d agent: remove #![allow(unused_unsafe)] 
Fixes: #1359

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2021-02-04 21:21:48 +08:00
Tim Zhang
e28bf7a59d agent: fix dead_code lint 
Fixes: #1359

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2021-02-04 21:18:45 +08:00
Tim Zhang
05da23acb7 agent: fix non_snake_case lint and remove ![allow(non_snake_case)] 
Fixes: #1359

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2021-02-04 21:18:37 +08:00
Chelsea Mafrica
38b5a43267
Merge pull request #1318 from jongwu/acpi 
arm64: enable acpi for qemu/virt.
 2021-02-03 16:37:49 -08:00
Chelsea Mafrica
d4bc5952b1
Merge pull request #1340 from jing-wang4/rootfs-ppc64le 
osbuilder: Enforcing LIBC=gnu to rootfs build for ppc64le
 2021-02-03 16:06:05 -08:00
Eric Ernst
a1361608a9
Merge pull request #1353 from Tim-Zhang/fix-async 
Fix async problems
 2021-02-03 14:49:52 -08:00
Chelsea Mafrica
dbfcd4a679
Merge pull request #1345 from liubin/fix/1343-kata-monitor-build-failed 
kata-monitor: set buildmode to exe to avoid build failing
 2021-02-03 14:40:12 -08:00
Tim Zhang
254b98dd2f rustjail: fix unit test test_process 
test_process has a assertion that waitpid(-1) will fail
because there is no child process in most cases.

But if there is any child process forked by other unit test,
the test test_process will fail.

Because waitpid(-1) will wait for any child process including the
process created by other unit tests.

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2021-02-03 22:27:50 +08:00
Tim Zhang
b25575b430 agent: remove crate signal-hook which are no longer used 
Had replaced by tokio::signal.

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2021-02-03 18:30:18 +08:00
Tim Zhang
b1880b3e80 rustjail: remove unnecessary #[async_trait] 
Remove unnecessary #[async_trait]

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2021-02-03 18:30:15 +08:00
Tim Zhang
83e9414f4f rustjail: add unittest test_execute_hook 
use xargs to test execute_hook.

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2021-02-03 18:30:15 +08:00
Tim Zhang
d2041001ed rustjail: close stdin in execute_hook after it was sent 
So that hook program could receive EOF.

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2021-02-03 18:30:15 +08:00
Tim Zhang
bb08131151 rustjail: fix fork/child in execute_hook 
Tokio in fork child does not work well as it easily deadlocks.
https://github.com/tokio-rs/tokio/issues/1541

Fixes: #1348

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2021-02-03 18:30:11 +08:00
bin
17df9b119d runtime: migrate from opentracing to opentelemetry 
This commit includes two changes:
- migrate from opentracing to opentelemetry
- add jaeger configuration items

Fixes: #1351

Signed-off-by: bin <bin@hyper.sh>
 2021-02-03 17:30:49 +08:00
Jing Wang
71aeb920aa osbuilder: updates for feedback 
Updates for review feedback.

Signed-off-by: Jing Wang <jing.wang4@ibm.com>
 2021-02-02 14:41:23 +00:00
Tim Zhang
9a02c81eb9
Merge pull request #1313 from liubin/doc/add-distro-desc 
osbuilder: add description for how to use DISTRO variable
 2021-02-02 15:19:57 +08:00
bin
8e2b19ac77 osbuilder: add description for how to use DISTRO variable 
Fixes: #1312

Signed-off-by: bin <bin@hyper.sh>
 2021-02-02 14:52:09 +08:00
bin
b6c2a60509 kata-monitor: set buildmode to exe to avoid build failing 
CGO_ENABLED=0 and -buildmode=pie are not compatible and may lead build failing in some OS.
Specify buildmode=exe to overwrite the value set in BUILDFLAGS

Fixes: #1343

Signed-off-by: bin <bin@hyper.sh>
 2021-02-02 14:47:21 +08:00
Chelsea Mafrica
6be910bdc1
Merge pull request #1134 from egernst/kata-monitor-cleanup 
kata-monitor: allow for building for alpine
 2021-02-01 16:19:36 -08:00
James O. D. Hunt
de9487744f
Merge pull request #1253 from snir911/fix-poststop 
shimv2: log a warning and continue on post-stop hook failure
 2021-02-01 14:44:39 +00:00
Jing Wang
9f7a7a4f86 osbuilder: Enforcing LIBC=gnu to rootfs build for ppc64le 
To enforce LIBC=gnu to rootfs.sh for ppc64le, instead of error and exit if not set.

Fixes: #1339
Signed-off-by: Jing Wang <jing.wang4@ibm.com>
 2021-01-29 20:22:31 +00:00
Fabiano Fidêncio
7e996daf12
Merge pull request #1338 from jing-wang4/kernel-build-ppc64le 
kernel: Updates to kernel config for ppc64le
 2021-01-29 20:49:34 +01:00
Jing Wang
a88b8969b6 kernel: Updates to kernel config for ppc64le 
Need to enable virtiofs and ipv6 to kernel config for ppc64le.

Fixes: #1333
Signed-off-by: Jing Wang <jing.wang4@ibm.com>
 2021-01-29 18:13:56 +00:00
Jianyong Wu
b7a1f752c0 arm64: enable acpi for qemu/virt. 
acpi is enabled for kata 1.x, port and rebase code for 2.x
including:
runtime: enable pflash;
agent: add acpi support for pci bus path;
packaging: enable CONFIG_RTC_DRV_EFI;

Fixes: #1317
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
 2021-01-29 22:12:43 +08:00
Fupan Li
5e39980858
Merge pull request #1216 from houstar/2.0-dev 
agent: add secure_join to prevent softlink escape
 2021-01-28 10:41:02 +08:00
Tim Zhang
07118afe93
Merge pull request #1320 from lifupan/main 
rustjail: fix the issue of container's cgroup root path
 2021-01-27 19:04:53 +08:00
fupan.lfp
448771f53d rustjail: fix the issue of container's cgroup root path 
We should create the container's cgroup under the system's
cgroup default path such as "/sys/fs/cgroup/<sub system>",
instead of under the kata-agnet's process's cgroup path,
which would under the systemd's cgroup such as
"/sys/fs/cgroup/systemd/system.slice/kata-agent.service"

Fixes: #1319

Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
 2021-01-27 15:38:45 +08:00
Bo Chen
03c5ecefef
Merge pull request #1306 from dgibson/no-cmake 
osbuilder: remove traces of cmake
 2021-01-26 16:26:02 -08:00
Carlos Venegas
3e3bfb9a42
Merge pull request #1321 from likebreath/clh_v0.12.0 
versions: Update cloud-hypervisor to release v0.12.0
 2021-01-26 17:07:02 -06:00