Since aarch64 need custom QEMU binary and doesn't support OBS
packaging for now, we add this section to lead developers to build
required qemu-system-aarch64 binary.
Fixes: #320
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Vendor in all firecracker dependencies. This allows virtcontainers
to pull call the firecracker REST API.
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
In case the hypervisor implementation does not return any thread
ID, this should not issue any error since there is simply nothing
to constrain.
Fixes#1062
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Copy files to contaier's rootfs if hypervisor doesn't supports filesystem
sharing, otherwise bind mount them in the shared directory.
see #1031
Signed-off-by: Julio Montes <julio.montes@intel.com>
If the hypervisor does not support filesystem sharing (for example, 9p),
files will be copied over gRPC using the copyFile request function.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Files are copied over gRPC and there is no limit in size of the files that
can be copied. Small files are copied using just one gRPC call while big files
are copied by parts.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Not all hypervisors support filesystem sharing. Add capability flags to track
this. Since most hypervisor implementations in Kata *do* support this, the set
semantices are reversed (ie, set the flag if you do not support the feature).
Fixes: #1022
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Signed-off-by: Julio Montes <julio.montes@intel.com>
Brings support to copy file from host to guest
shortlog:
169d755 protocols/grpc: implement function to copy files
ff87c26 virtio-mmio: Add support for virtio-mmio blk devices
b9c5d5b libcontainer: use /run as root containers path
092f1a0 block: add support of block storage driver "nvdimm"
Signed-off-by: Julio Montes <julio.montes@intel.com>
Vsock conflicts with factory, when both of them are enabled,
kata will try to create a new vm template which is useless,
thus it's better to return an error directly to let users know
that those two config cannot be enabled at the same time.
Fixes: #1055
Signed-off-by: fupan <lifupan@gmail.com>
The multiqueue flag associated with the TUNTAP network device cannot
be used if the number of queues indicates 0. When 0, this means the
multiqueue is not supported, and we cannot use the according flag.
Fixes#1051
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
We can use the background context when creating test sandboxes from the
sanbox unit tests. This shuts the "trace called before context set"
erros down.
Fixes: #1048
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
We want to make sure Kata runs on latest stable kernels so that it
benefits from the latest features.
For instance, in case of Kata relying on NEMU hypervisor, the recent
kernel patches reworking the way timer calibration is handled are
solving some boot latency issues.
Fixes#287
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
We need to bump the kernel version from 4.14.67 to 4.19.10 in order
to follow the recent kernel config bump.
Fixes#1029
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
containerd would like to get the shim's socket
address from shimv2's stdout, thus it's better
to discard the log's output before shimv2 init
it's logger and at the same time add a hook to
log into syslog.
Fixes: #1035
Signed-off-by: Fupan Li <lifupan@gmail.com>
Fix version compare when specifying a pre-release version in
versions.txt. This is needed because kata on git uses strict semver,
while kata RPM packages uses ~ in place of - for PATCH version, to
allow RPM version comparison to work properly.
Fixes: #285
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
Since kata-agent is using virtio-console to output debugging info
and the console ports are available in the guest as /dev/hvc0 and
/dev/hvc1, we should swap origin console type 'console=ttyAMA0'
with 'console=hvc0,hvc1'.
Fixes: #1033
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Wei Chen <Wei.Chen@arm.com>
For supporting nvdimm, we need to update kernel on aarch64 to the
stable version 4.19.8 and backport Suzuki K Poulose's latest
Dynamic IPA and 52bit IPA support patch series
(https://patchwork.kernel.org/cover/10616271/)which has been included
in 4.20-rc3+ to the v4.19.8.
Fixes: #268
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Wei Chen <Wei.Chen@arm.com>
In order to properly setup the network, hence allocate or not multiple
queues, this commit makes sure that the hypervisor capabilities are
checked for this.
Fixes#1027
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Each hypervisor is different and supports different options regarding
the network interface it creates. In particular, the multiqueue option
is not supported by Firecracker and should not be assumed by default.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
The point of knowing the number of CPUs from the network perspective
is to determine the number of queues that can be allocated to the
network interface of the our virtual machine.
Therefore, it's more logical to name it queues from a network.go
perspective.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
In order to prevent from future duplication of calls into the
hypervisor interface, the hypervisor is directly passed as part
of the xConnectVMNetwork() function. Because this does not apply
the disconnection case, this commit splits the former function
into two separate ones.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Only create a new docker unit file if no other existing unit files
are detected. Creating a new docker file when not necessary may mask out
existing docker daemon configurations.
Fixes: #300
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
We want to make sure Kata runs on latest stable kernels so that it
benefits from the latest features.
For instance, in case of Kata relying on NEMU hypervisor, the recent
kernel patches reworking the way timer calibration is handled are
solving some boot latency issues.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
