Now we are using the fragments, drop the x86_64 4.19 config file
so we default to fragment mode.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Add the framework to build kernel config files from trees
of kernel fragments.
If no fragment directory is found for the requested kernel
version and architecture then revert to looking for a whole
prebuilt kernel config file instead.
Fixes: #234
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Create a script that will be added to the
`kata-static-${version}-${arch}.tar.xz` file and which can be either run
directly by the user to configure Docker, or can be run indirectly by
the `kata-manager` script.
Fixes: #648.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Update top-level vendor with
"dep ensure add github.com/blang/semver@3.6.1"
dep check should not succeed.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
It is not really recommended to have nested vendor directories.
dep does not work well with nested directories:
https://github.com/golang/dep/issues/985
Recommendation is to use flatten the vendor directories.
Hence remove any nested vendor directories.
Fixes#1909
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
The networking part of the doc talks about the
two ends of the veth pair. One end is in the container
networking namespace and the other one should
be in the host networking namespace. Fix this info.
Fixes: #518
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
For some reason, busybox image crashed on fedora 30 rootfs on aarch64.
For now, we will switch back to use fedora 28.
Fixes: #334
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Fixes#803
Merge "hypervisor.json" into "persist.json", so the new store can take
care of hypervisor data now.
Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>
For one thing, it is container specific resource so it should not
be cleaned up by the agent. For another thing, we can make container
stop to force cleanup these host mountpoints regardless of hypervisor
and agent liveness.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Then we can check hypervisor liveness in those cases to avoid long
timeout when connecting to the agent when hypervisor is dead.
For kata-agent, we still use the kata-proxy pid for the same purpose.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Once we have found the container, we should never fail SIGKILL.
It is possible to fail to send SIGKILL because hypervisor might
be gone already. If we fail SIGKILL, upper layer cannot really
proceed to clean things up.
Also there is no need to save sandbox here as we did not change
any state.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
When force is true, ignore any guest related errors. This can
be used to stop a sandbox when hypervisor process is dead.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Whenever we fail to connect, do not make any more attempts.
More attempts are possible during cleanup phase but we should
not try to connect any more there.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
When a container is paused and something goes terribly
wrong, we still need to be able to clean thing up. A paused
container should be able to transit to stopped state as well
so that we can delete it properly.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
This allows travis to use the go install script instead of having a
hard coded golang version at travis.yml
Fixes#1903
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
Move some of the functions in rootfs.sh (generate_dockerfile,
detect_go_version) in scripts/lib.sh, to make those functions reusable
outside of rootfs.sh.
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
It requires root to manipulate netns and otherwise fails
like below:
=== RUN TestStartNetworkMonitor
--- FAIL: TestStartNetworkMonitor (0.00s)
Error Trace: sandbox_test.go:1481
Error: Expected nil, but got: &errors.errorString{s:"Error switching to ns /proc/6648/task/6651/ns/net: operation not permitted"}
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Convert virtcontainers tests to testify/assert to make the virtcontainers
tests more readable.
fixes#156
Signed-off-by: Julio Montes <julio.montes@intel.com>
since some vendor id like 1ded can not be identified by virtio-pci
driver, so need to pass a specified vendor id to qemu.
Fixes: #1894
Signed-off-by: Ace-Tang <aceapril@126.com>
