Update the version used for testing the cni plugins to the latest
0.8.2 release. This way we make sure CI tests with latest CNI plugins.
Depends-on: github.com/kata-containers/tests#1984
Fixes#2111
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
- Fix cache factory UT
- Virtio-fs v0.3 support
- virtcontainers: set agent's logs vsock port
- config: Fix `virtio-fs` typo in Makefile
- Hypervisor: UUID fix for acrn hypevisor
- virtcontainers: change firecracker socket permissions
- Add annotations to provide custom configs
- Fix CRIO + Firecracker
- rootless: add rootless to kata
- QEMU: do not require nvdimm machine option with initrd
- s390x: Fix runtime build for s390x
- versions: Update kernel to 4.19.75
- config: honor DEFSHAREDFS_QEMU_VIRTIOFS and CONFIG_QEMU_VIRTIOFS_IN
- Support Firecracker 0.18
- virtcontainers: fix the issue of missing qemu error logs
- config: Fix the qemu-virtiofs.toml
- s390x: Share image between qemu instances
- The unit of newMemory is MB
- config: use 9p as default shared filesystem for nemu
- Remove annotation config json key
dd21046 vc/store: fix TestStoreVCNewVCSandboxStore/TestStoreVCNewVCContainerStore
6ab89e4 vc/store: fix cache factory ut
4863aa9 vc/store: reuse store
ad15631 virtiofsd: Do not use posix lock.
2b40b6b vendor: update kata agent
aa43e2a virtcontainers: set agent's logs vsock port
23a5dc7 virtiofsd: use virtiofsd --syslog
d5a3d0a virtiofs: use virtiofsd --fd=FDNUM
6ce6a26 kata_agent: use virtio-fs 0.3+ mount options
80855a8 ci: travis: allow ppc64le failures
c3abd51 config: Fix `virtio-fs` typo in Makefile
8f6b0a6 virtcontainers: change firecracker socket permissions
8f70643 tests: Remove hardcoded annotation value.
e7b9c36 tests: Add tests for annotations.
09129c1 config: Define minimum memory requirement
8405b56 annotations: add Annotations for the agent.
5b78a8a annotations: Add annotations for runtime config
afb91c2 annotations: Add annotations to support additional configurations
845bf73 annotations: Support annotations to customise kata config
30d0b7a annotations: Add missing firmware and hashes to asset annotations
46b6815 annotations: Change existing annotations to fit a new format
312f3e7 virtcontainers/fc: implement remove device
7e9cc56 virtcontainers/fc: improve create disk pool process
07932d5 virtcontainers/fc: add logs and improve others to make debugging easier
ed7240b virtcontainers: move device operations to a more generic place
e93bf96 network: Add tuntap device
c8dd92d dep: update vendor packages for netlink commit
41407cf vc: make cgroup usage configurable if rootless
5f0799f vc: add rootless dir to path variables
cdd6f7e katautils: update paths to be configurable for rootless execution
2d8b278 rootless: add rootless logic
8b843c5 QEMU: do not require nvdimm machine option with initrd
c152ebf s390x: Fix runtime build for s390x
bc3c07b versions: Update kernel to 4.19.75
aa6a16c Hypervisor: UUID fix for acrn hypevisor
b1909e8 config: fix virtiofsd name
84ead98 config: add configuration-qemu-virtio-fs.toml to gitignore
443e657 config: honor DEFSHAREDFS_QEMU_VIRTIOFS and CONFIG_QEMU_VIRTIOFS_IN
3d0949d virtcontainers: check minimum supported version of firecracker
1f93cff virtcontainers: fix the issue of missing qemu error logs
8680db6 versions: update firecracker to the version 0.18.0
123ba13 vendor: update kata agent
5ac6e9a virtcontainers: make socket generation hypervisor specific
f2f0923 virtcontainers: rename kataVSOCK type and move it into the types package
f42dd7d virtcontainers/fc: Add support for hybrid vsocks
2c4cf39 virtcontainers/fc: bump firecracker experimental version
bb87b44 virtcontainers/fc: Add logger to the http transport
880bb2b virtcontainers: introducing HybridVSock type
2a8af23 virtcontainers: Make fc.go fit the new API
67ce728 virtcontainers: Update firecracker swagger API
cdb1b5c cli: Fix the qemu-virtiofs.toml
4134571 config: do not use nemu variable for qemu-virtiofs configuration
97fe749 config: use 9p as default shared filesystem for nemu
c81db9c sandbox: The unit of newMemory is MB
7fa0a72 s390x: Share image between qemu instances
7965baa vendor: update govmm
2ed94cb Config: Remove ConfigJSONKey from annotations
Signed-off-by: katacontainersbot <katacontainersbot@gmail.com>
- osbuilder: Add USE_PODMAN as an alternate for USE_DOCKER
- README: Update how to use DEBUG variable
- Fix yq
- initrd_builder: Create empty resolv.conf in rootfs
- rootfs: update fedora to 29 for arm64.
1599601 osbuilder: Update README about `USE_PODMAN` variable
d1751a3 osbuilder: Add USE_PODMAN as an alternate for USE_DOCKER
d2d029c README: Update how to use DEBUG variable
9e10b34 rootfs_builder: Create /etc/resolv.conf in rootfs
5982e48 lib.sh: Fix curl error when using curl+yq
05428a6 rootfs: Install yq if not found instead of error
1eec032 rootfs: update fedora to 29 for arm64.
Signed-off-by: katacontainersbot <katacontainersbot@gmail.com>
Instead of have special cases, just
bump all, bumps are check and more if are automated.
CI probbly not, but we can skip if necesary.
Fixes: #744
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
This is a experimental feature for arm64 as linux kernel has
not enable kvm ptp for arm64.
ptp_kvm need co-work from host and guest, so you need add this
patch both to your guest and host. Host kernel version is better
lower than 5.0 and higher than 4.19.
another version of this patch base on kernel v5.3 is under review in kernel upstream, refer to [1]
to see the full info.
[1] https://lkml.org/lkml/2019/8/29/80Fixes: #692
Signed-off-by: Jianyong Wu jianyong.wu@arm.com
We have some issues trying to run `apt upgrade` on
a container that uses virtiofsd with `-o posix_lock`.
Add virtiofsd `-o no_posix_lock` argument to not use the
posix lock.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
bring support for logging through a hybrid vsock
shortlog:
95be1c3 agent: add support for logging to a vsock port
a03e23b protocols/client: improve hybrid vsock parser
6a96997 protocols/client: make schemes and hybrid vsock dialer public
e01f23c network: Add a testcase for setupDNS
d733185 network: Setup DNS for sandbox
Signed-off-by: Julio Montes <julio.montes@intel.com>
In firecracker, there is no socket connected to /dev/console, so let's
use a vsock port to get agent's logs
Depends-on: github.com/kata-containers/shim#210
fixes#2103
Signed-off-by: Julio Montes <julio.montes@intel.com>
Log to syslog instead of stderr. This way all Kata and virtiofsd logs
are captured in syslog (or the systemd journal). This makes debugging
much easier.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The new --fd=FDNUM file descriptor passing option eliminates the need to
wait for virtiofsd to create the vhost-user UNIX domain socket. This is
a nice simplification because we can remove the timeouts and stderr
parsing. There is no longer a race between launching virtiofsd and
launching QEMU, so we don't need to wait anymore.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
virtio-fs changed the mount command-line. Previously "mount none -o
tag=kataShared ..." was used. Now "mount kataShared ..." is used
instead.
Since the "kataShared" tag is used for both 9P and virtio-fs, rename the
variable so that it is not 9P-specific.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Fixes: #1993
For security reasons, let's make sure 'others' don't have access to the
firecracker hybrid vsock
fixes#2101
Signed-off-by: Julio Montes <julio.montes@intel.com>
Apply qemu/patches/virtiofsd/0001-add-time-to-seccomp.patch
to be able to build virtiofsd statically.
Fixes: #742.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Introduce a constant for minimum memory requirement
in virtcontainers package, that can be used in config.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Add support for annotations that allow us to custimise a subset
of the configurations provided in kata conf toml file.
This initial commit adds support for customising vcpus, default max
vcpus, memory and the kernel command line passed as Hypervisor
config.
Replaces #1695Fixes#1655
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
These annotations were missing from the list of what are
considered as assets. Add these to existing list.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Change the naming schema for existing annotations from
"com.github.containers.virtcontainers" to "io.kata-containers"
The hypervisor related annotations are changed to reflect this.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Unmount and unassign block device when it's required, that way the disk
can be unmounted and destroyed in the host.
fixes#1966
Signed-off-by: Julio Montes <julio.montes@intel.com>
Create a raw file and bind mount it to use it as disk is not needed,
instead a the raw file can be created at the jail path and use it directly
as disk, if a new container is added the real disk/device can be bind mounted
in the raw file.
Signed-off-by: Julio Montes <julio.montes@intel.com>
move device operations to a more generic place where they can be used
in any hypervisor implementation.
Signed-off-by: Julio Montes <julio.montes@intel.com>
`USE_PODMAN` variable needs to be set for the osbuilder
scripts to use podman as a containerization engine to
build initrd/rootfs images. If both are set, `USE_DOCKER`
would take precedence over `USE_PODMAN`
Fixes: #370
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
In case a user wants to use podman instead of
docker to build initrd/rootfs images, facilitate
it by setting the variable `USE_PODMAN=true`.
Fixes: #370
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
