Add appendImage function to struct qemuS390x, so that a call of
appendImage results in a call to the appendBlockDevice function of
qemuS390x instead of qemuArchBase.
Fixes: #2043
Signed-off-by: Jan Schintag <jan.schintag@de.ibm.com>
kata deploy script setup a new GOPATH to pull
a fresh environment to install kata. This script
was using the local kernel install script and not the
one in the new environment
Fixes: #706
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
dracut will process conf files with bash, and in fact it's common to
use idioms like += in conf files for string concatenation. The current
grep usage in the Makefile won't catch all possible valid 'drivers'
variable cases.
Instead, use bash to parse and echo the 'drivers' content
Fixes: #356
Signed-off-by: Cole Robinson <crobinso@redhat.com>
The Makefile invokes dracut with a custom confdir. However dracut will
still pull site configuration from /usr/lib/dracut/dracut.conf.d/, which
on Fedora contains a 01-dist.conf that sets among other things
early_microcode="yes".
Because 01-dist.conf is processed after 00-base.conf, kata's
early_microcode="no" is overridden, which isn't intended.
Rename 00-base.conf to 05-base.conf to sidestep this
Fixes: #354
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Document how cgroups are done today and what is expected
for the upcoming SandboxCgroupOnly option.
Prior cgroup documentation are no longer accurate. Removing the cgroup
discussion from the cpu sizing discussion. Updating the
cpu-constraints.md file name to reflect this.
Fixes: #542
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
common/DAX:
- ARCH_ENABLE_MEMORY_HOTPLUG: not needed (auto-selected)
- ARCH_HAS_ZONE_DEVICE: already automatically selected. This is
also removed in future kernels, so let's go ahead and drop.
- RADIX_TREE_MULTIORDER: already autoselected, and dropped in future
kernels
common/net:
- NF_NAT_NEEDED, NF_NAT_PROTO_*: these don't exist in newer kernels, as
they are refactored and unecessary in the upstream kernel. Keep them for
now, but consider dropping if we move to newer LTS. These are part of
whitelist of options we expect to be dropped with newer kernels in our
fragment building.
- NF_NAT_MASQUERADE_IPV4: this is a select, not a tristate. Also, in
the future much of the ipv4/ipv6 nat code is combined, so this config
will not exist in newer kernels. Dropped.
- INET6_XFRM_MODE_* are not needed on newer kernels. While I'm not
confident they are needed today for Kata, we will just note them and add
to whitelist for options we expect to be dropped with newer kernels in
our fragment building.
- MAY_USE_DEVLINK: removed in future kernels, and should not be needed
anyway. Dropped.
x86_64/DAX:
- ARCH_HAS_HMM: should not be needed, and is dropped in future kernels.
Dropped
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
These will be handled directly from virtio-fs gitlab, which is utilized
when experimental support is requested in kernel build.
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Experimental kernel is much newer, and many configuration options have
dropped since 4.19. Let's use a whitelist to itemize what we expect to
be dropped in the final config if experimental kernel us utilized.
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
This isn't available in the baseline kernel, necessarily. Only
add these config options if an experimental kernel is being used.
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Adding option `-e` to support experimental flag. When selected, the
kernel for virtio-fs is utilized instead of standard kernel.org.
This is a bit more hack-ish than I'd prefer, sorry.
Fixes: #700
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
travis ppc64le has been very unstable when running
apt-get commands and are not allowing us to run the
job successfully.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Rename function appendVSockPCI to appendVSock to be general. The
function could use PCI or CCW devices.
Added return error to appendVSock.
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Fixes: #2023
CompatOCISpec is used to gurantee backward compatbility for old runtime
specs, after we convert CompatOCISpec to standard specs.Spec, we should
use specs.Spec instead of CompatOCISpec, and CompatOCISpec should be
useless from then.
Spread usage of CompatOCISpec can make code structure confusing and making
the runtime spec usage non-standard. Besides, this can be the very first
step of removing CompatOCISpec from config's Annotations field.
Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>
With MacVTap internetworking, Kata fails to launch containers
with ACRN hypervisor. This was due to missing MAC address as
part of virtio-net device when launching VM. This patch fixes
this issue by adding the MAC address.
Fixes: #2029
Signed-off-by: Vijay Dhanraj <vijay.dhanraj@intel.com>
If ociMounts has DNS file /etc/resolv.conf present,
then pass the dns as part of CreateSandboxRequest to
the agent.
Depends-on: github.com/kata-containers/agent#625
Fixes: #1603
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
Improved the Docker installation instructions by making it clear *which*
of the multiple ways of configuration Docker for Kata is the default,
and that it is not necessary to do anything further if users select the
automatic installation method.
Fixes: #551.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
- kubernetes: update kubernetes to v1.15.3 for AArch64
- vsock: set VHOST_VSOCK_SET_GUEST_CID for ppc64le
- tests: allow running unit tests using podman
- vc: Delete store when new/create container is failed
- virtcontainers: fix kernel modules annotations
- vendor: update govmm
- kata-check: require kvm modules for amd64
- kata-check: reduce default output verbosity
- v2: Prevent killing all container processes when exec is failed
- api: add a CleanupContainer api for VC
- shim v2: add network stat in metric
- qemu: fix error message miss
- Fix the issue of update resources wrong
- monitor: enlarge watch buffer
- add virtiofsd to sandbox cgroup
- virtcontainers: Fix the issue of watching console for firecracker
- versions: update version of qemu to 4.1.0
- qemu interaction improvements
- add watchconsole for no_proxy type
- qemu: do not try to stop qemu multiple times
- do not hotplug network device when stopping sandbox
- agent: add default timeout for grpc requests
- container: do not pause a StateReady container
- sandbox: remove network before stopping vm
- virtcontainers: fix hotplug block/net devices execeed pciBridgeMaxCap…
- vsock: Propogate error for vsock ioctl
- versions: kernel: update to 4.19.65
- network: Ignore routes with proto as "kernel"
- network: Deprecate bridged networking mode.
- network: fix failed to remove network
- virtcontainers: add support for loading kernel modules
- shim-v2: fix shim leak when hypervisor exit unexpectly
- virtiofs: wait for virtiofsd process to release its resources
- pkg/katautils: Do not set `init` in the kernel command line
- virtiofs: fix virtiofs crash when cache=none
- acrn: Add toml to gitignore
- versions: Upgrade to k8s 1.15
- virtcontainers: support SMP die
- qemu: support vfio pass x-pci-vendor-id and x-pci-device-id pass
- Remove nested vendor dir
- Fix UT failures with non-root
- persist: manage "hypervisor.json" with new store
- improve robustness w.r.t. dead hypervisor
- virtcontainers: convert virtcontainers tests to testify/assert
- ci: Allow travis to use go install script
611a860 kubernetes: update kubernetes for AArch64
ba3d3da vendor: update govmm
c8e5659 virtcontainers: fix kernel modules annotations
a5f1744 vc: Delete store when new/create container is failed
8cf0f06 vsock: set VHOST_VSOCK_SET_GUEST_CID based based on arch
ff8d23d tests: allow running unit tests using podman
c91556a api: add a CleanupContainer api for VC
4cf0703 v2: Prevent killing all container processes when exec is failed
5bfca6e test: add arch required kernel modules
c54f00a kata-check: reduce default output verbosity
24fcd1b test: add a generic function for CLI kata-check command
52e68f5 virtcontainers: cleanup the container config once failed
5b749a5 virtcontainers: remove the redundant sandbox config store
50d4188 qemu: fix error message miss
0926c8d virtcontainers: Fix the issue of watching console for firecracker
0075bf8 hypervisor: allow to return a slice of pids
88e281c monitor: enlarge watch buffer
db50978 kata-check: require kvm/vhost modules for amd64
4deeb05 versions: update version of qemu to 4.1.0
4a28b52 test: add test for network metric
dc38ba7 test: fix cgroup mock test
6534357 shim-v2: add network stat in metric
21698aa vendor: update cgroup
e7457e6 qemu: add logfile when debug is on
aebc496 qemu: fix memory prealloc option handling
6c77d76 qemu: check guest status with qmp query-status
5b50b34 shimv2: cancel monitor before stopping sandbox
49184ee vendor: update govmm
d90eba8 network: always cold unplug network devices
d26ff71 Revert: "sandbox: remove network before stopping vm"
debc7d9 agent: add default timeout for grpc requests
9d4050e container: do not pause a StateReady container
b58ab66 qemu: do not try to stop qemu multiple times
794e08e sandbox: remove network before stopping vm
31ddb4d virtcontainers: add watchconsole for no_proxy type
3fc17e9 vsock: Propogate error for vsock ioctl
565f14f acrn: Change the default network model for ACRN to macvtap
2c99b95 network: Deprecate bridged networking mode.
e467293 virtcontainers: fix hotplug pci devices execeed max capacity bug
604e1ab versions: kernel: update to 4.19.65
df7cf77 network: Ignore routes with proto as "kernel"
355b9c0 virtcontainers: add support for loading kernel modules
979f064 vendor: update kata agent
0832294 pkg/katautils: Do not set `init` in the kernel command line
2058751 shim-v2: fix shim leak when hypervisor exit unexpectly
a9168a3 virtiofs: wait for virtiofsd process to release its resources
263fb64 acrn: Add toml to gitignore
6e1e6a2 virtiofs: fix virtiofs crash when cache=none
50c3e56 network: fix failed to remove network
0d0a84e versions: Upgrade to k8s 1.15
7668aeb virtcontainers: support SMP die
104c04d vendor: update govmm
e41a6b9 vendor: Update vendor directories
95e8a7a dep: Remove nested vendor directories
f3d0978 persist: improve readability
3bfbbd6 persist: merge "network.json"
99cf3f8 persist: merge "agent.json"
7d5e48f persist: manage "hypervisor.json" with new store
d5d7d82 vc: move container mount cleanup to container.go
e02f6dc shimv2: monitor sandbox liveness
262484d monitor: watch hypervisor
67c401c agent: use hypervisor pid as backup proxy pid for non-kata proxy cases
835b6e9 sandbox: do not fail SIGKILL
bc4460e sandbox: support force stop
4130913 agent: mark agent dead when failing to connect
c472a01 container: allow to stop a paused container
f886c0b vc: drop container SetPid API
f2e6a31 ci: Allow travis to use go install script
3063391 ut: skip TestBindUnmountContainerRootfsENOENTNotError for non-root
c4583f4 ut: skip TestStartNetworkMonitor for non-root
f2423e7 virtcontainers: convert virtcontainers tests to testify/assert
50e263d qemu: support vfio pass x-pci-vendor-id and x-pci-device-id pass
2cf4189 vendor: update github.com/intel/govmm
Signed-off-by: katacontainersbot <katacontainersbot@gmail.com>
