we need to refine unit tests due to previous two commits and
add new test for new func checkVersionConsistencyInComponents.
Fixes: #2375
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Use `kata-runtime kata-check --strict/-s` to perform version
consistency check.
Only if major version number, minor version number and Patch
number are all the same, we determine those two kata components
are version-consistent.
Fixes: #2375
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
We import new struct VersionInfo for better organizing version info of
kata components, in order to follow Semantic Versioning Specification.
Fixes: #2375
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
There was a race condition between bind() and listen() that was hit very
rarely when using Kata Containers and Cloud-Hypervisor. It's been
identified the problem is really coming from the virtio-vsock driver,
which is fixed by those new kernel patches uploaded for each version of
the kernels used by Kata Containers.
Fixes#932
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This provides a flag "STRIP=yes" to strip the golang binary
After this patch, the binary size is reduced a lot:
19356680 containerd-shim-kata-v2*
25980728 containerd-shim-kata-v2.nostip*
4021784 kata-netmon*
5093992 kata-netmon.nostrip*
26339392 kata-runtime*
33097344 kata-runtime.nostrip*
Fixes: #2455
Signed-off-by: Jia He <justin.he@arm.com>
Linux has embraced another LTS kernel version v5.4.x.
Update the kernel config for Power as well.
Fixes: #936
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
yq is not exploding anchors anymore and requiere an extra flag.
Add flag to fix CI.
Fixes: #934
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Now crio.conf has some kata entries in by default, but commented
out and without the runtime_path elements to them, our deploy
script gets a little confused and fails to add the kata-qemu
elements to the config.
This is because the grep spots the commented out lines, and tries
to, unsuccessfully, update the matching runtime_path elements, that
don't actually exist.
Improve this by matching only uncommented config lines, so now the
script sees that the runtime is not really configured already, and
instead of trying to edit/update it, will place a entry at the
end of the file.
Fixes: #928
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
By default virtcontainer auto-detects if the current process is running
rootless or not, but this behavior can change from commandline with the
--rootless option
fixes#2417
Signed-off-by: Julio Montes <julio.montes@intel.com>
GetDriver returns new PersistDriver according to current needs, a mock fs
driver is returned when mockTesting is enabled, a rootless fs is returned when
rootless is detected, otherwise a fs driver is used.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Mock FS driver can be used in unit testing to allow
Mock fs driver inherits from FS and may overwrite its methods. All files
and directories created by this driver are under a path accessible for all
users, this path is created under the system temporal directory.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Rootless fs driver inherits from FS and may overwrite its methods. All files
and directories created by this driver are under a path accessible for the
current user, typically this path is defined by the environment variable
`XDG_RUNTIME_DIR`, if this variable is not defined, the default path
`/run/user/$UID` is used instead, where $UID is the current user ID.
fixes#2416
Signed-off-by: Julio Montes <julio.montes@intel.com>
Update persist FS API and interface to support rootless and mock filesystem
implementations. `RunStoragePath` and `RunVMStoragePath` are part of FS
object and may change their path depending on the driver (rootless/mock/fs)
Signed-off-by: Julio Montes <julio.montes@intel.com>
`agent.getVMPath()` is an almost useless method that can be easily replaced
with `filepath.Join()`
Signed-off-by: Julio Montes <julio.montes@intel.com>
rootless is used in katautils, cli and virtcontainers. It makes more sense
if it's part of virtcontainer, this way virtcontainers won't depend on other
runtime subpackages
Signed-off-by: Julio Montes <julio.montes@intel.com>
Skip the setup and installation of virtcontainers as it is using docker,
when we try to setup podman CI.
Depends-on: github.com/kata-containers/tests#2299
Fixes#2451
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
Qemu merely limits the memory-backend-file size to be aligned to page_size
instead of section size(arm64 1GB). Please see file_ram_alloc() in qemu
exec.c. If we use 1024MB, the generated image size will be 3-4 times bigger
than the original one.
After relaxing it, the image size will be changed from 1G to 300M+ on arm64
with Fedora 29 rootfs's default configuration.
I do see there are some different limitation for ram_block on other arches
(e.g. s390x). So gracefully keep other arches unchanged here.
Fixes#404
Signed-off-by: Jia He <justin.he@arm.com>
Ubuntu distribution is the most suitable one for AArch64 to build
image rootfs.
I think the size of rootfs is the key point we should consider most
and first.
And ubuntu has the smallest rootfs, only approximately 100MB.
Fixes: #2449
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
It's better to catch the error of couldn't find the process
in tty_win_resize service, other wise, an invalid process id
could crash the agent.
Fixes: #137
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
Dont think these are options are required at all.
Remove them from fragments and whitelist.
Fixes#924
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
The whitelist contains options that we dont really care.
Always apply it, irrespective of if we are using an
experimental kernel.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
This reverts commit a3e46a369f.
There is still problem with static link, built binary will
segmentfault on clearlinux. So revert this patch for now.
Depends-on: github.com/kata-containers/tests#2293
Fixes: #69
Signed-off-by: Yang Bo <bo@hyper.sh>
