Set new persist storage driver "virtcontainers/persist/" as "experimental"
feature.
One day when this can fully work and we're ready to move to 2.0, we'll move
it from "experimental" feature to formal feature.
At that time, the "virtcontainers/filesystem_resource_storage.go" can be removed
completely.
Signed-off-by: Wei Zhang <zhangwei555@huawei.com>
Address some comments:
* fix persist driver func names for better understanding
* modify some logic, add some returned error etc
Signed-off-by: Wei Zhang <zhangwei555@huawei.com>
Fixes#803
The disk persist data should be "versioned" and baselined, any modification in
persist data should be considered potential break of backward compatibility.
Signed-off-by: Wei Zhang <zhangwei555@huawei.com>
In privileged mode, all host devices are supposed to be passed
to the container in config.json. Skip floppy drives.
Fixes#1551
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
It seems that codeblocks inside block quotes are not well understood by
markdown parsers, so simplify by removing the codeblock in the note -
the note is clear enough without labouring the point.
Partially fixes: #1564.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
- s390x: fix gofmt complain
- factory: Make VMCache and VM templating can work together
- agent: pass correct mount type to agent for ephemeral volumes
- network: Make tcfilter model as default
- netmon: Fix bug in how routes are converted
- shimv2 should return grpc error codes
- Deprecate hyperstart, CC shim, and CC proxy
- virtcontainers: inherit parent's CPU constraint
- fix ut failure due to incorrect cleanup and make it runnable with non-root
- storage: create k8s emptyDir inside VM
- virtcontainers: prepend a kata specific string to host cgroups path
- Factory: enable template feature for arm64
- cli: fix kata-check test
- shimv2: fix the issue of stop container failed
- split sandbox/container state
- Make factory can control VMCache server
- vc: remove spawner
- s390x: fix golangci-lint complains
- qemu: Remove the storage directories if qemu get from the factory
- katautils: fix the issue of missing proxy debug config
- vendor: update govmm
- virtcontainers: Use only supported namespaces
- cri-o: Update repository URLs
- travis: use xenial
- runtime: support memory hotplug via probe interface on aarch64
- s390x: not set socketID and threadID
- config: fix panic in type assertion
- Fix yq issues
a013f9b s390x: fix gofmt complain
3852682 network: Change the package level network default
33bae70 network: Make tcfilter model as default
343a0d3 factory: Make VMCache and VM templating can work together
b08ab6a vc: modify ioctl function to handle shim test
c425079 vc: Deprecate CC proxy and shim
c658770 vc: remove virtc api cli
d4ef9c0 vc: deprecate hyperstart agent
8abd2ec netmon: Fix bug in how routes are converted
59e3956 virtcontainers: inherit parent's CPU constraint
f512542 sandbox: return ErrNoSuchContainer when failing to find a container
8215a3c shimv2: convert vc errors to grpc errors
cf90751 vc: export vc error types
9040f6a ut: fix UT failure due to incorrect cleanup
a0f49a9 ut: fix UT failure due to non-root
1a1f93b virtcontainers: add a kata specific prefix to host cgroups path
f7223c6 shimv2: fix the issue of stop container failed
76c4639 storage: create k8s emptyDir inside VM
98687a3 Template: enable template for arm64
16fe855 qemu: Remove the storage directories if qemu get from the factory
ace8115 factory: Make factory status can show status of VMCache server
f639787 factory: Make factory destroy can stop VMCache server
9ac6831 cli: fix kata-check test
a63013d vc: remove spawner
c414599 types: remove pid from sandbox state
03ee25d agent: treat container as shared pidns whenever it has pidns path
616f26c types: split sandbox and container state
8041fc9 katautils: fix the issue of missing proxy debug config
bb347ac vendor: update govmm
0b430dc virtcontainers: Use only supported namespaces
e31b040 cri-o: Update repository URL
ea1df84 travis: use xenial
b50292a arm64: dep ensure to keep track of the revisons in kata agent
3bfcdf7 agent: add interface memHotplugByProbe
47670fc memoryDevice: reconstruct memoryDevice
30a6a7d agent: acquire memory hotplug probe info via GetGuestDetails
4993dff ci: Add a failed execution check for curl
7fa0390 ci: set $yq_version to 2.3.0
19458ec s390x: fix golangci-lint
49be8ee s390x: not set socketID and threadID
1b6affe config: fix panic in type assertion
2d422a8 agent: pass correct mount type to agent for ephemeral volumes
228d151 mount: Add check for k8s host empty directory
70c1931 mounts: Add check for system volumes
Signed-off-by: katacontainers bot <katacontainersbot@katacontainers.io>
When a parallel build is invoked using "make -j4" there is a race
between EXTRA_DEPS ('clean') and generating files:
CPU1 CPU2
---- ----
create cli/generated-config.go
rm cli/generated-config.go
go build -> error: generated-config.go doesn't exist!
Previous commits ensured that targets relying on version information
like VERSION and COMMIT declare appropriate dependencies. Therefore
make is now able to detect changes and rebuild targets as needed. It is
no longer necessary to abuse the clean target to force a rebuild.
Fixes: #1540
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Makefile uses $(shell) to build a git commit string. Unfortunately this
means make targets cannot be rebuilt when COMMIT changes value. We need
to reflect this string value into files on which make can process
dependencies.
I stole a solution from QEMU's Makefile:
1. Print the string into .git-commit.tmp
2. If .git-commit.tmp differs from .git-commit, copy it to .git-commit
3. Depend on .git-commit from all targets that need $COMMIT
This way targets are only rebuilt if the commit string value actually
changes.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Makefile had a template for cli/config-generated.go embedded inside it.
There is already a templating mechanism for .in files. Using a .in file
is cleaner since it avoids make's awkward interaction with shell
escaping and line splitting.
This patch moves the template into cli/config-generated.go.in and reuses
the existing .in file templating mechanism. Only the PKGRUNDIR variable
needs to be added.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Depending on Makefile is not enough to detect all changes. We must
rebuild when included makefiles change, too.
The MAKEFILE_LIST special variable contains the filenames of all
included makefiles and Makefile itself.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The netmon target must be rebuilt when the VERSION file changes since it
uses the value of VERSION on the build command-line.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
GENERATED_FILES already includes COLLECT_SCRIPT, so there's no need to
specify it again:
GENERATED_FILES += $(COLLECT_SCRIPT)
...
clean:
$(QUIET_CLEAN)rm -f ... $(GENERATED_FILES) $(COLLECT_SCRIPT)
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
tcfilter requires no changes to the interface provided by the network
plugin and supports a larger set of plugins.
Fixes#1501
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
The kata shim tests make use of an ioctl function, so instead
of having a custom one within that file, use the ioctl
function in utils/utils_linux
Fixes#1419
Signed-off-by: Gabi Beyer <Gabrielle.n.beyer@intel.com>
Clear Containers proxy and shim are no longer supported. This
was mentioned in issue #1113. Their functionalities are thus
removed from the runtime.
Fixes#1419
Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
The hyperstart agent has not been supported in kata since 2.1,
so remove it as a component to kata. Mentioned in issue #1113.
Fixes: #1419
Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
The agent expects a IP CIDR for the route destination
rather than an IP address. netmon was incorrectly
converting route dest to an IP address and hence
exiting with an error.
We did not have an integration test for netmon with tcfilter mode.
macvtap mode did not uncover this, as with macvtap routes are
not really passed to the agent.
We delete the IP on the veth device, and netmon looks at the
routes after the IP is deleted with macvtap.
Fixes#1523
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Don't set a default CPU constraint if period and quota are not specified, that
way the container will inherit the CPU constraint from its parent. Container
creation won't fail if the parent CPU constraint is smaller than the default
number of vCPUs.
fixes#1521
Signed-off-by: Julio Montes <julio.montes@intel.com>
containerd checks for the grpc error code to determine
correct recover action upon grpc errors. We need to provide
them properly.
Unfortunately ttrpc doesn't support grpc interceptor so we have
to modify every service function for it.
Fixes: #1527
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
