The devno number is use to identify the device on IBM Z arch.
Fixes: #1153
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Reviewed-by: Jan Schintag <jan.schintag@de.ibm.com>
Create generic function to be reused to the reimplemented methods by
various architectures
Fixes: #1153
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Reviewed-by: Jan Schintag <jan.schintag@de.ibm.com>
On IBM Z, CCW bus type can be additionally used.
Fixes: #1153
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Reviewed-by: Jan Schintag <jan.schintag@de.ibm.com>
In this way it is possible to set bridge variable for each arch when
instantiating the hypervisor.
Fixes: #1153
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Co-authored-by: Jan Schintag <jan.schintag@de.ibm.com>
The abstraction of the bridge type to add additional types.
Fixes: #1153
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Co-authored-by: Jan Schintag <jan.schintag@de.ibm.com>
s389x doesn't support dimm and we need to skip it.
Fixes: #2003
detail commit change:
9463486 s390x: dimm not supported
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Casting in golang doesn't return a pointer to the structure, instead a new
structure is instantiated. This patch is to update the old structure with
the new one in order to apply the changes.
fixes#2016
Signed-off-by: Julio Montes <julio.montes@intel.com>
The container store should be deleted when new/create is failed if the
store is newly created.
Fixes: #2013
Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>
Use all subsystems for SandboxOnly option to make sure
all cgroups are deleted.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Add containers does not need to check the cgroup path
this is done in a different function
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
When a new sandbox is created, join to its cgroup path
this will create all proxy, shim, etc in the sandbox cgroup.
Fixes: #1879
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
No call cgroup operations for containers in host
if SandboxCgroupOnly is enabled.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
add option to eneable only pod cgroup (SandboxCgroupOnly)
Depends-on: github.com/kata-containers/tests#1824
Fixes: #1879
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
The container CgroupsPath is optional acording to OCI.
If for some reason the runtime decide to not define one.
just skip cgroup operations.
This is going to be useful for upcoming, sandbox cgroup only
cgroup managment feature.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Some errors propagate with printing showing a cgroup path.
If for some reason this is empty is difficult to know looking
at the logs.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
constrainHypervisor -> constrainHypervisorVCPUs
Document and rename function.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
prefix cgroup related methods with cgroups,
make easy to group together in auto-generated docs.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Refactor unit test so that podman can be used to run tests when docker
is not available.
Fixes: #2006
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
The documentation says hugepages are required for virtio-fs. This
limitation was removed in Kata 1.8 in kata-runtime commit
a41894da18 ("runtime: Enable file based
backend").
Fixes: #544
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
Create a dedicate how-to guide for running Kata with k8s, and link to it
from the original guide location inside the Developer Guide.
Fixes: #333
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
This commit adds documentation for privileged containers and the mounting of host devices
when privileged is used. It has instructions for disabling this functionality when using
Containerd and CRI.
Fixes#529
Signed-off-by: Alex Price <aprice@atlassian.com>
Since virtio-fs is under active development, more
options will be added increasingly. To avaoid frequent
change on runtime side to handle option changes, use
one mingled arg to ease testing new option/feature of
virtiofsd.
See `virtiofsd -h` for more option details.
Fixes: #1999
Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>
When shimv2 was killed by accident, containerd would try to
launch a new shimv2 binarry to cleanup the container. In order
to avoid race condition, the cleanup should be done serialized
in a sandbox. Thus adding a new api to do this by locking the
sandbox.
Fixes:#1832
Signed-off-by: lifupan <lifupan@gmail.com>
`virtcontainers.ensureDestinationExists` will create the bind
destination directory/file, which should be removed properly when
unmounting.
Fixes: #1974
Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>
