libcontainer's cgroups V2 implementation requires BPF to run a BPF
program in the container
fixes#955
Signed-off-by: Julio Montes <julio.montes@intel.com>
Now that ubuntu 19.04 and fedora 29 has come EOL, we should remove the generation of
the obs generation and testing for ubuntu 19.04.
Fixes#953
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
This will test the kata-containers packages that are available on
Fedora 31 to see that they are working properly.
Fixes#951
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
This repo triggers the github action to create release tarballs.
It looks for release tags in other repos. So tag this repo
last to make sure tags have been created on other repos.
Fixes#947
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Removes two (similar) functions that install `yq`. Instead of
having different functions, use the one that we have in the
tests repository.
In addition, removes the `.ci/lib.sh` which only had an additional
`clone_tests_repo` function which was not being used.
Fixes: #939.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Do not check for 'not in final' in spec creation, the logic
to fully validate is longer that just one grep.
Next should:
Use the same script build-kernel.sh to generate spec and validate it.
For now is still safe as CI will run all the build-kernels.sh to verify
the resulting config.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Kernel build for packages got broken after upgrade, this add needed
changes to build again.
Fixes#924
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
- Config changes for 5.4 kernel
- kernel: Enable new LTS 5.4.x on ppc64le arch
- lib: yq: explode anchors to get real value of image values
- kernel: use the maximum number of CPUs supported by KVM
- release: use absolute path for kubeconfig
- network: Enable ipv6 config CONFIG_IPV6_MULTIPLE_TABLES
- actions: check for packaging before clone
- release: bump kata-containers repository
- kernel/configs: enable CONFIG_X86_MPPARSE
- obs: Add ubuntu 19.04 testing
- release: tag and branch kata-containers repository
- add workflow for testing kata-deploy
- fixes for qemu 4.2.0
- config: enable printk_time for arm64.
- kernel: Enable new LTS 5.4.3 on AArch64
- FC: ELF format kernel image unsupported with firecracker on AArch64
- kata-static: Add sudo while building cloud hypervisor docker image
- obs: Remove fedora 28 obs packages
- snap: fix how latest stable version is obtained
- qemu: Patch qemu to support image without write access.
- snap: fix snap in launchpad
- kata-deploy: action: take updated yaml paths into account
04386a6 kernel: Enable new LTS 5.4.x on ppc64le arch
ea8b775 lib: yq: explode anchors to get real value of image values
b66fb43 kernel: Remove CONFIG_INET6 options from fragments
17d86c3 kernel: Always apply whitelist
ba68012 kernel: use the maximum number of CPUs supported by KVM
e0a57b6 network: Enable ipv6 config CONFIG_IPV6_MULTIPLE_TABLES
0751072 release: use absolute path for kubeconfig
32f2ff1 actions: check for packaging before clone
0ff7072 release: bump kata-containers repository
a95b359 kernel/configs: enable CONFIG_X86_MPPARSE
b023d8d kata-deploy: use clh instead of cloud-hypervisor
59a34bb static-build: drop NEMU, add CLH
6c9db9b kata-deploy-action: test CLH
f184afc testing: add workflows for testing kata-deploy
c14ded3 obs: Add ubuntu 19.04 testing
3ce2d36 release: tag and branch kata-containers repository
2ef9bbc FC: ELF format kernel image unsupported with firecracker on AArch64
ca6df85 kata-static: Add sudo while building cloud hypervisor docker image
59dc61d kernel: Enable new LTS 5.4.3 on AArch64
34d2c81 obs: Remove fedora 28 obs packages
ce2accc qemu/patches: add patches for qemu 4.2.0
7c13dc3 static-build: update blacklist for qemu 4.2.0
a407c92 config: enable printk_time for arm64.
5877ab7 snap: fix how latest stable version is obtained
43a6e67 snap: overwrite Makefile variables
bfe65e0 kernel: make get_config_version quiet
076cfa9 qemu: Patch qemu to support image without write access.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
There was a race condition between bind() and listen() that was hit very
rarely when using Kata Containers and Cloud-Hypervisor. It's been
identified the problem is really coming from the virtio-vsock driver,
which is fixed by those new kernel patches uploaded for each version of
the kernels used by Kata Containers.
Fixes#932
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Linux has embraced another LTS kernel version v5.4.x.
Update the kernel config for Power as well.
Fixes: #936
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
yq is not exploding anchors anymore and requiere an extra flag.
Add flag to fix CI.
Fixes: #934
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Now crio.conf has some kata entries in by default, but commented
out and without the runtime_path elements to them, our deploy
script gets a little confused and fails to add the kata-qemu
elements to the config.
This is because the grep spots the commented out lines, and tries
to, unsuccessfully, update the matching runtime_path elements, that
don't actually exist.
Improve this by matching only uncommented config lines, so now the
script sees that the runtime is not really configured already, and
instead of trying to edit/update it, will place a entry at the
end of the file.
Fixes: #928
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Dont think these are options are required at all.
Remove them from fragments and whitelist.
Fixes#924
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
The whitelist contains options that we dont really care.
Always apply it, irrespective of if we are using an
experimental kernel.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Since we don't know how many CPUs can have the host, we should
use the maximum number of CPUs supported by KVM (240).
255 is the maximum number of CPUs supported in the kernel, but the
maximmum number of CPUs recommended by KVM is 240, if more than 240
CPUs are used, next error will be returned by QEMU
```
Number of hotpluggable cpus requested (255) exceeds the
recommended cpus supported by KVM (240)
```
fixes#922fixeskata-containers/runtime#2413
Signed-off-by: Julio Montes <julio.montes@intel.com>
Although CONFIG_IPV6 is enabled, this additional config is
needed so that multiple route tables are used for ipv6.
Without this, the kernel adds routes for "fe80::/64"
with proto kernel in the main table instead of the
local routing table.
This makes the behaviour similar to regular containers.
Fixes#920
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
If already exit do not clone it, but fetch.
Fetch will keep repository is up-to-date before checkout.
Fixes: #911
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
kata-containers is now part of the release processs.
Lets update the version for that repository.
Fixes: #905
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Firecracker needs CONFIG_X86_MPPARSE to support `vcpu_count`, otherwise the
amount of cpus wil always be 1.
fixes#901
Signed-off-by: Julio Montes <julio.montes@intel.com>
We still were adding NEMU binaries - remove, and make sure we create a
kata-clh file for kata-deploy binaries.
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
1. AKS based action updated to be run from either packaging or remote
repository. We will only clone kata-deploy for yaml/scripts/tests if we
are running the action outside of the packaging repo. If in packaging,
the bits are already included. Misc. cleanup as well.
2. Workflow introduced which leverages the updated AKS action. This will
allow testing of packaging changes to kata-deploy.
The workflow itself uses the following github action: xt0rted/slash-command-action
The workflow will create a kata-deploy container image based off of the latest
release, utilizing the latest released Kata artifacts off of master. It
will then use the AKS kata-deploy GitHub action.
Users with admin access on the repo can trigger this test by:
/test kata-deploy
Fixes: #845
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Now that we have obs packages for ubuntu 19.04, we should add it in the
testing script.
Fixes#884
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
Now CI depends on this repository, needed to make work stable
branches starting stable-1.10
Fixes: #894
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
