Commit Graph

10701 Commits

Author SHA1 Message Date
Samuel Ortiz
ebf8547c38 virtcontainers: Remove useless startSandbox wrapper
startSandbox() wraps a single operation (sandbox.Start()), so we can
remove it and make the code easier to read/follow.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2019-01-07 09:48:22 -08:00
Eric Ernst
8a3f7cf6d3
Merge pull request #288 from sboeuf/add_config_x86_4_19_10
kernel: Add 4.19.10 config for x86
2019-01-07 09:20:50 -08:00
Nitesh Konkar
dab26ebf8a Developer-Guide: Update how to include seccomp in image
Update the developer guide to include documentation
for the inclusion of seccomp packages in initrd/rootfs
images.

Fixes: #339

Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
2019-01-07 20:35:46 +05:30
Peng Tao
a8e158c9e3
Merge pull request #1092 from lifupan/config
shimv2: get the kata configure file from env KATA_CONF_FILE
2019-01-07 22:35:52 +08:00
Graham Whaley
069987acd5
Merge pull request #342 from nitkon/patch-3
Limitations: Remove seccomp limitation.
2019-01-07 11:15:30 +00:00
Sebastien Boeuf
63e95c1af7
Merge pull request #295 from kata-containers/revert-269-build_development_kernel
Revert "kernel: update guest kernel to 4.19.8 on aarch64 "
2019-01-07 01:15:02 -08:00
Nitesh Konkar
4078d0aa14 Limitations: Remove seccomp limitation.
Document that seccomp support is now available.

FIxes: #341

Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
2019-01-07 14:29:52 +05:30
fupan
0b28ab9e57 shimv2: get the kata configure file from env KATA_CONF_FILE
If the env KATA_CONF_FILE was set, shimv2 will use it as the
kata configure file, otherwise, it will try to find it from
/etc and /usr/share directory.

Fixes: #1091

Signed-off-by: fupan <lifupan@gmail.com>
2019-01-05 17:50:47 +08:00
GabyCT
66ee0e480d
Merge pull request #338 from egernst/update-frequency
stable-branching: update frequency, reference schedule
2019-01-04 12:28:44 -06:00
Eric Ernst
a31c1b99d0 stable-branching: update frequency, reference schedule
Add a reference to the release rotation wiki, and clarify that
the current stable release schedule is every-other-week.

Fixes: #337

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
2019-01-04 08:47:09 -08:00
Peng Tao
0a5b5adbfb Revert "kernel: update guest kernel to 4.19.8 on aarch64 "
Reverts #269

The added kernel patch doesn't apply and is causing all CI to fail. FYI, the current guest kernel version is 4.14.67. Please rebase and re-submit your PR cleanly @Pennyzct.

e.g., http://jenkins.katacontainers.io/job/kata-containers-runtime-centos-7-4-PR/995/console

NFO: Applying patch /tmp/jenkins/workspace/kata-containers-runtime-centos-7-4-PR/go/src/github.com/kata-containers/packaging/kernel/patches/0003-backport-Arm64-KVM-Dynamic-IPA-and-52bit-IPA-support.patch
patching file arch/arm/include/asm/kvm_arm.h
patching file arch/arm/include/asm/kvm_host.h
Hunk #1 succeeded at 266 (offset -7 lines).
Hunk #2 succeeded at 314 with fuzz 2 (offset -40 lines).
patching file arch/arm/include/asm/kvm_mmu.h
Hunk #1 FAILED at 35.
Hunk #2 succeeded at 47 with fuzz 2 (offset -5 lines).
Hunk #3 succeeded at 266 with fuzz 2 (offset -96 lines).
1 out of 3 hunks FAILED -- saving rejects to file arch/arm/include/asm/kvm_mmu.h.rej
patching file arch/arm/include/asm/stage2_pgtable.h
patching file arch/arm64/include/asm/cpufeature.h
Hunk #1 FAILED at 262.
Hunk #2 succeeded at 284 (offset -246 lines).
1 out of 2 hunks FAILED -- saving rejects to file arch/arm64/include/asm/cpufeature.h.rej
patching file arch/arm64/include/asm/kvm_arm.h
Hunk #1 succeeded at 102 (offset -5 lines).
Hunk #2 succeeded at 116 (offset -5 lines).
Hunk #3 succeeded at 305 (offset -7 lines).
patching file arch/arm64/include/asm/kvm_asm.h
Hunk #1 succeeded at 27 (offset -3 lines).
Hunk #2 FAILED at 73.
1 out of 2 hunks FAILED -- saving rejects to file arch/arm64/include/asm/kvm_asm.h.rej
patching file arch/arm64/include/asm/kvm_host.h
Hunk #1 succeeded at 48 (offset -5 lines).
Hunk #2 FAILED at 61.
Hunk #3 succeeded at 399 with fuzz 2 (offset -41 lines).
Hunk #4 FAILED at 503.
2 out of 4 hunks FAILED -- saving rejects to file arch/arm64/include/asm/kvm_host.h.rej
patching file arch/arm64/include/asm/kvm_hyp.h
patching file arch/arm64/include/asm/kvm_mmu.h
Hunk #1 succeeded at 154 (offset 13 lines).
Hunk #2 succeeded at 229 with fuzz 1 (offset -17 lines).
Hunk #3 succeeded at 409 with fuzz 2 (offset -110 lines).
patching file arch/arm64/include/asm/stage2_pgtable-nopmd.h
patching file arch/arm64/include/asm/stage2_pgtable-nopud.h
patching file arch/arm64/include/asm/stage2_pgtable.h
patching file arch/arm64/kvm/guest.c
Hunk #1 succeeded at 305 (offset -86 lines).
patching file arch/arm64/kvm/hyp-init.S
Hunk #1 FAILED at 65.
1 out of 1 hunk FAILED -- saving rejects to file arch/arm64/kvm/hyp-init.S.rej
patching file arch/arm64/kvm/hyp/Makefile
Hunk #1 succeeded at 18 (offset -1 lines).
patching file arch/arm64/kvm/hyp/s2-setup.c
Reversed (or previously applied) patch detected! Assume -R? [n]
Apply anyway? [n]
Skipping patch.
1 out of 1 hunk ignored -- saving rejects to file arch/arm64/kvm/hyp/s2-setup.c.rej
patching file arch/arm64/kvm/hyp/switch.c
Hunk #1 FAILED at 198.
Hunk #2 succeeded at 226 (offset -37 lines).
1 out of 2 hunks FAILED -- saving rejects to file arch/arm64/kvm/hyp/switch.c.rej
patching file arch/arm64/kvm/hyp/tlb.c
Hunk #1 succeeded at 29 (offset -1 lines).
Hunk #2 succeeded at 38 (offset -1 lines).
patching file arch/arm64/kvm/reset.c
Hunk #4 FAILED at 86.
Hunk #5 succeeded at 133 (offset -4 lines).
1 out of 5 hunks FAILED -- saving rejects to file arch/arm64/kvm/reset.c.rej
patching file include/linux/irqchip/arm-gic-v3.h
Hunk #1 succeeded at 374 (offset -14 lines).
patching file include/uapi/linux/kvm.h
Hunk #1 succeeded at 739 (offset -11 lines).
Hunk #2 FAILED at 962.
1 out of 2 hunks FAILED -- saving rejects to file include/uapi/linux/kvm.h.rej
patching file virt/kvm/arm/arm.c
Hunk #1 succeeded at 115 (offset -5 lines).
Hunk #2 succeeded at 207 (offset -6 lines).
Hunk #3 succeeded at 236 (offset -6 lines).
Hunk #4 succeeded at 463 (offset -35 lines).
Hunk #5 FAILED at 546.
Hunk #6 succeeded at 1164 with fuzz 2 (offset -145 lines).
Hunk #7 succeeded at 1261 (offset -147 lines).
1 out of 7 hunks FAILED -- saving rejects to file virt/kvm/arm/arm.c.rej
patching file virt/kvm/arm/mmu.c
Hunk #1 succeeded at 43 with fuzz 2 (offset -2 lines).
Hunk #2 succeeded at 147 (offset -2 lines).
Hunk #3 succeeded at 216 (offset -35 lines).
Hunk #4 succeeded at 226 (offset -35 lines).
Hunk #5 succeeded at 245 (offset -35 lines).
Hunk #6 succeeded at 255 (offset -35 lines).
Hunk #7 succeeded at 272 (offset -35 lines).
Hunk #8 succeeded at 371 with fuzz 2 (offset 40 lines).
Hunk #9 FAILED at 340.
Hunk #10 FAILED at 370.
Hunk #11 FAILED at 388.
Hunk #12 FAILED at 408.
Hunk #13 succeeded at 753 (offset -143 lines).
Hunk #14 succeeded at 842 (offset -143 lines).
Hunk #15 succeeded at 850 (offset -143 lines).
Hunk #16 succeeded at 859 (offset -143 lines).
Hunk #17 succeeded at 881 (offset -143 lines).
Hunk #18 succeeded at 1024 (offset -182 lines).
Hunk #19 succeeded at 1114 (offset -188 lines).
Hunk #20 succeeded at 1148 (offset -188 lines).
Hunk #21 succeeded at 1176 (offset -188 lines).
Hunk #22 succeeded at 1190 (offset -188 lines).
Hunk #23 succeeded at 1333 (offset -196 lines).
Hunk #24 succeeded at 1552 (offset -220 lines).
Hunk #25 succeeded at 1852 (offset -219 lines).
4 out of 25 hunks FAILED -- saving rejects to file virt/kvm/arm/mmu.c.rej
patching file virt/kvm/arm/vgic/vgic-its.c
Hunk #1 succeeded at 233 (offset -8 lines).
Hunk #2 succeeded at 696 (offset -56 lines).
Hunk #3 succeeded at 721 (offset -56 lines).
Hunk #4 succeeded at 736 (offset -56 lines).
Hunk #5 succeeded at 746 (offset -56 lines).
Hunk #6 succeeded at 1214 (offset -80 lines).
Hunk #7 succeeded at 1232 (offset -80 lines).
Hunk #8 succeeded at 1279 (offset -80 lines).
Hunk #9 succeeded at 2135 (offset -82 lines).
Hunk #10 succeeded at 2207 (offset -82 lines).
Hunk #11 succeeded at 2256 (offset -82 lines).
patching file virt/kvm/arm/vgic/vgic-mmio-v3.c
Hunk #1 succeeded at 326 (offset -38 lines).
Hunk #2 succeeded at 343 (offset -38 lines).
Build step 'Execute shell' marked build as failure
Performing Post build task...
Match found for :.* : True
Logical operation result is TRUE
Running script : #!/bin/bash

Fixes: #296
Signed-off-by: Peng Tao <bergwolf@gmail.com>
2019-01-04 09:32:12 +08:00
Jose Carlos Venegas Munoz
4be12af819
Merge pull request #286 from marcov/fix-version-compare
obs-packaging: support comparisons of pre-releases versions
2019-01-02 13:09:41 -06:00
Sebastien Boeuf
8161b4c1c1
Merge pull request #1077 from mcastelino/topic/firecracker-api-fix
firecracker: Network API update
2019-01-02 02:29:45 -08:00
James O. D. Hunt
63024cdd5b
Merge pull request #269 from Pennyzct/build_development_kernel
kernel: update guest kernel to 4.19.8 on aarch64
2019-01-02 09:07:59 +00:00
Xu Wang
0d215b7439
Merge pull request #306 from zeigerpuppy/zeigerpuppy-patch-1
Patch for debian install instructions docs
2018-12-30 17:52:26 +08:00
Xu Wang
8a9e40451b
arch-images: add a figure for shimv2
The comparison w/ or w/o shimv2

Signed-off-by: Xu Wang <xu@hyper.sh>
2018-12-30 14:42:04 +08:00
zeigerpuppy
e9ca4d8d60 docs: Add Debian installation guides
Fixes #310.

These install instructions are based on the katacontainers repository for Debian.  For installation, a newer version of `librbd1` is required.  This is available from the `unstable` repo.

Tested only on Debian 9 - Stretch (x86_64).
- tested with `docker-ce=17.12.0~ce-0~debian`

Signed-off-by: zeigerpuppy <zeigerpuppy@users.noreply.github.com>
2018-12-29 14:45:33 +11:00
Manohar Castelino
5c6d94d756 firecracker: Revendor firecracker go sdk to 0.12.0
Revendor firecracker go sdk for Firecracker 0.12.0 API changes

git shortlog

9614612 (HEAD -> master, origin/master, origin/HEAD) Merge pull request
653c342 Adding drives builder
3c1f5c3 Merge pr #41
c4151ff Migrate firectl to its own repository
433f262 Merge pull request #23 from xibz/fifo_logging_file
121ef9a add handler lists to handle initialization
0fd9825 Adding support for capturing fifo logs to file.
6b08ec7 Merge branch 'fc-0.12.0'
25878e7 Update for Firecracker 0.12.0 API changes
ea93f77 Regenerate API client from swagger spec
00d8eee Update swagger.yaml for firecracker 0.12.0

Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
2018-12-27 19:47:17 -08:00
Eric Ernst
fc90bdad22
Merge pull request #329 from kata-containers/fix-ubuntu-guide
install: use stable instead of master for docs
2018-12-27 10:22:31 -08:00
Manohar Castelino
ec5cf18bd1 firecracker: Network API update
The Network API no longer supports the state field. Using the
state field causes the API call to fail.

Note: The firecracker binary needs to be updated to match the API
as the older versions will expect the state field.

Fixes: #1078

Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
2018-12-27 09:34:13 -08:00
Eric Ernst
808d85b467 install: use stable instead of master for docs
1.5.0-rc2 packages for linux-container fail for Ubuntu.  Let's use 1.4-stable instead of master for now.

Fixes #325

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
2018-12-27 17:23:32 +00:00
Eric Ernst
e89efa29b7
Merge pull request #292 from bergwolf/releasing-1.5.0-rc2
Add 1.5.0-rc2 changes
2018-12-27 07:40:19 -08:00
Frank Cao
174e0c98bc
Merge pull request #963 from running99/master
container: Use lazy unmount
2018-12-26 09:50:44 +08:00
fli
2b75f440f0
Merge pull request #962 from teawater/nvdimm
block: Add new block storage driver "nvdimm"
2018-12-26 09:38:55 +08:00
James O. D. Hunt
4265ca9e12
Merge pull request #321 from Pennyzct/qemu-section
qemu: add 'Build a custom qemu-system-aarch64' section
2018-12-24 09:02:50 +00:00
Peng Tao
ce105e77da obs: bump versions.txt for 1.5.0-rc2 release
To match what we have shipped.

Signed-off-by: Peng Tao <bergwolf@gmail.com>
2018-12-24 16:55:20 +08:00
Peng Tao
7a269ea6e6 runtime-spec: add containerd-shim-kata-v2
Otherwise rpmbuild fails.

Signed-off-by: Peng Tao <bergwolf@gmail.com>
2018-12-24 16:53:07 +08:00
Peng Tao
f4994f4531 obs: reset kata_version
We've changed `-rc` to `~rc` for rpmbuild. But we need to change
it back when doing comparision.

Signed-off-by: Peng Tao <bergwolf@gmail.com>
2018-12-24 16:50:25 +08:00
Hui Zhu
dd28ff5986 memory: Add new option memory_offset
This value will be plused to max memory of hypervisor.
It is the memory address space for the NVDIMM devie.
If set block storage driver (block_device_driver) to "nvdimm",
should set memory_offset to the size of block device.

Signed-off-by: Hui Zhu <teawater@hyper.sh>
2018-12-24 15:36:25 +08:00
Hui Zhu
ef75c3d19e block: Add new block storage driver "nvdimm"
Set block_device_driver to "nvdimm" will make the hypervisor use
the block device as NVDIMM disk.

Fixes: #1032

Signed-off-by: Hui Zhu <teawater@hyper.sh>
2018-12-24 15:32:33 +08:00
Eric Ernst
b954eecad1
Merge pull request #1072 from egernst/1.5.0-rc2-branch-bump
# Kata Containers 1.5.0-rc2
2018-12-21 13:54:00 -08:00
Eric Ernst
53215acc8e
Merge pull request #222 from bergwolf/1.5.0-rc2-branch-bump
# Kata Containers 1.5.0-rc2
2018-12-21 12:29:34 -08:00
Eric Ernst
0f2c5bcf3d release: Kata Containers 1.5.0-rc2
- sandbox: cleanup sandbox if creation failed
- mounts: Ignore existing mounts if they cannot be honored
- config: Add firecracker as a supported hypervisor configuration
- Firecracker: virtio mmio support
- Firecracker VMM support
- shimv2: discard log before shim init log output
- virtcontainers: cgroups: Don't error if no thread ID
- Copy files from host to guest
- katautils: check config factory/template and vsock
- virtcontainers: Add context when creating tests sandboxes
- make: Add "GOPATH not set"
- virtcontainers: network: Use multiqueue flag only when appropriate
- katautils: fix the issue of shimv2 boot failed with vsock enabled
- docs: add IBM Z in the README
- qemu-arm64: refactor 'console=hvc0,hvc1' for kata-agent debugging
- network: Don't assume multiple queues support by default
- virtcontainers: make sandbox manage VM resources
- factory: set guest time after resuming
- shimv2: fix the error of reaping qemu process mistakenly
- s390x: add support for s390x
- config: Add cache-related options for block devices

83e38c9 mounts: Ignore existing mounts if they cannot be honored
bf1a5ce sandbox: cleanup sandbox if creation failed
0d84d79 virtio-mmio: Add support for virtio-mmio
353564a config: Reorganize the code to fix code complexity
d6c1f53 config: Add firecracker configuration support
b4c3a2f virtcontainers: fc: Stop the VM by killing the process
fba2379 firecracker: Add support for pseudo hotplug
22ebc09 firecracker: Close the vsock vhostfd
e65bafa virtcontainers: Add firecracker as a supported hypervisor
c1d3f1a firecracker: VMM API support
c34b045 firecracker: vendor in all firecracker dependencies
a21d1e6 virtcontainers: cgroups: Don't error if no thread ID
378d815 virtcontainers: copy or bind mount shared file
bc31844 virtcontainers: Check file sharing support
6291762 virtcontainers: copy files form host to guest
dcd48a9 vc: capabilities: add capability flags for filesystem sharing
e776380 vendor: update kata agent
e4e7c3a katautils: check config template and vsock
0f1fde4 virtcontainers: network: Use multiqueue flag only when appropriate
f63a18d virtcontainers: Add context when creating tests sandboxes
05be5bf shimv2: discard log before shim init log output
e98dee6 docs: drop 's in architecture names for consistency
1892102 docs: add IBM Z in the README
573b73e katautils: fix the issue of shimv2 boot failed with vsock enabled
c8c564b qemu-arm64: refactor 'console=hvc0,hvc1' for kata-agent debugging
a1af1cb virtcontainers: network: Rely on hypervisor capabilities for multi queues
a227ab8 virtcontainers: hypervisor: Add capability regarding multiqueue support
0bcd221 virtcontainers: network: Rename numCPUs to queues
2cb4bb9 virtcontainers: network: Reorganize endpoints interconnection
d4586d4 test: remove TestHotplugRemoveMemory
0d80202 vc:sandbox: rename newcontainer to fetchcontainer.
618cfbf vc: sandbox: Let sandbox manage VM resources.
2535844 make: Add "GOPATH not set"
8444a7a factory: set guest time after resuming
f813708 vendor: update agent vendor for SetGuestDateTime
6f83061 s390x: add support for s390x
df8b7db shimv2: fix the issue of reaping child mistakenly
e4a3fd5 vendors: upgrade the containerd vendors
6024088 config: Add cache-related options for block devices

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
2018-12-21 19:31:19 +00:00
Eric Ernst
4014ab0212
Merge pull request #1058 from bergwolf/vsock-cleanup
sandbox: cleanup sandbox if creation failed
2018-12-21 10:42:33 -08:00
Sebastien Boeuf
1e8f84854c
Merge pull request #1069 from sboeuf/fix_fc_k8s
mounts: Ignore existing mounts if they cannot be honored
2018-12-21 09:36:32 -08:00
Sebastien Boeuf
83e38c959a mounts: Ignore existing mounts if they cannot be honored
In case we use an hypervisor that cannot support filesystem sharing,
we copy files over to the VM rootfs through the gRPC protocol. This
is a nice workaround, but it only works with regular files, which
means no device file, no socket file, no directory, etc... can be
sent this way.

This is a limitation that we accept here, by simply ignoring those
non-regular files.

Fixes #1068

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
2018-12-21 15:38:06 +00:00
Peng Tao
d890478fa2 release: Kata Containers 1.5.0-rc2
- docs: update compatibility matrix with s390
- setup: Add make and gcc as dependencies
- suse: fix port URL detection for aarch64
- s390x: set CC for fedora
- Add 'install' target to makefile
- rootfs: Bump golang version to 1.11.1
- tests: skip docker,kata install with KATA_DEV_MODE

c3d77ae docs: add s390 to the compatibility matrix
be97380 setup: Add make and gcc as dependencies
de7fe19 s390x: set CC for fedora
3366a32 README: add ARM architecture to openSUSE
804286f suse: fix port URL detection for aarch64
434fff8 rootfs_builder: Dont fail if GOPATH not defined.
1bbf1e4 rootfs: Allow use host repositories.
f994560 rootfs: Bump golang version to 1.11.1
06c8d88 makefile: Add make install
9c0773a test: avoid errors in exit_handler
eb92306 tests: skip docker,kata install with KATA_DEV_MODE

Signed-off-by: Peng Tao <bergwolf@gmail.com>
2018-12-21 17:11:51 +08:00
Peng Tao
bf1a5ce000 sandbox: cleanup sandbox if creation failed
This includes cleaning up the sandbox on disk resources,
and closing open fds when preparing the hypervisor.

Fixes: #1057

Signed-off-by: Peng Tao <bergwolf@gmail.com>
2018-12-21 13:46:16 +08:00
Eric Ernst
0f6fb5439a
Merge pull request #1043 from sboeuf/fc_config
config: Add firecracker as a supported hypervisor configuration
2018-12-20 21:17:43 -08:00
Sebastien Boeuf
e14071f2bd
Merge pull request #1045 from mcastelino/topic/firecracker-virtio-mmio
Firecracker: virtio mmio support
2018-12-20 19:47:01 -08:00
running
c099be56da container: Use lazy unmount
Unmount recursively to unmount bind-mounted volumes.
Fixes: #965
Signed-off-by: Ning Lu <crossrunning@outlook.com>
2018-12-21 11:11:58 +08:00
Manohar Castelino
0d84d799ea virtio-mmio: Add support for virtio-mmio
Start adding support for virtio-mmio devices starting with block.
The devices show within the vm as vda, vdb,... based on order of
insertion and such within the VM resemble virtio-blk devices.

They need to be explicitly differentiated to ensure that the
agent logic within the VM can discover and mount them appropropriately.
The agent uses PCI location to discover them for virtio-blk.
For virtio-mmio we need to use the predicted device name for now.

Note: Kata used a disk for the VM rootfs in the case of Firecracker.
(Instead of initrd or virtual-nvdimm). The Kata code today does not
handle this case properly.

For now as Firecracker is the only Hypervisor in Kata that
uses virtio-mmio directly offset the drive index to comprehend
this.

Longer term we should track if the rootfs is setup as a block
device explicitly.

Fixes: #1046

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
2018-12-20 15:08:51 -08:00
Sebastien Boeuf
353564abe0 config: Reorganize the code to fix code complexity
By breaking down updateRuntimeConfig() into smaller functions, this
commit prevents the function to grow a Go complexity higher than 15.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2018-12-20 15:02:55 -08:00
Eric Ernst
d6c1f531a9 config: Add firecracker configuration support
In order to let the user choose firecracker hypervisor instead of
QEMU (from the configuration.toml), let's add it to the list of
supported hypervisors.

Fixes #1042

Depends-on: github.com/kata-containers/runtime#1044

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
2018-12-20 15:02:55 -08:00
Sebastien Boeuf
8764fc1467
Merge pull request #1044 from mcastelino/topic/fc-vendor
Firecracker VMM support
2018-12-20 15:02:06 -08:00
Sebastien Boeuf
b4c3a2ffbd virtcontainers: fc: Stop the VM by killing the process
Because firecracker currently does not support a proper stop from
the caller, and because we don't want the agent to initiate a reboot
to shutdown the VM, the simplest and most efficient solution at the
moement is to signal the VM process with SIGTERM first, followed by
a SIGKILL if the process is still around.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2018-12-20 11:54:59 -08:00
Manohar Castelino
fba23796d6 firecracker: Add support for pseudo hotplug
Use the firecracker rescan logic to update the pre-attached drive.
This allows us to emulate hotplug.

Initially the drive backing stores are set to empty files on the
host. Once the actual block based device or file is available
swap the backing store.

The rescan needs to be issued iff the VM is running.

Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
2018-12-20 11:54:59 -08:00
Manohar Castelino
22ebc09f00 firecracker: Close the vsock vhostfd
Unlike QEMU firecracker cannot accept a fd as part of the REST API.
Close the vsock vhostfd close to the point where we launch the VM.

Note: This is still racy.

Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
2018-12-20 11:54:59 -08:00
Manohar Castelino
e65bafa793 virtcontainers: Add firecracker as a supported hypervisor
Add firecracker as a supported hypervisor. This connects the
newly defined firecracker implementation as a supported
hypervisor.

Move operation definition to the common hypervisor code.

Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
2018-12-20 11:54:59 -08:00
Manohar Castelino
c1d3f1a98b firecracker: VMM API support
Initial Support for the firecracker VMM

Note:
- 9p is unsupported by firecracker
- Enable pseudo hotplug block device hotplug capability

Initially, this will be a pseudo capability for Firecracker hypervisor,
but we will utilize a pool of block devices and block device rescan as a
temporary workaround.

Fixes: #1064

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
2018-12-20 11:54:49 -08:00