It is expected that this document will change over time. This
represents an initial starting point as we create and release
our stable branches.
Fixes: #237
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
In addition to supporting hotplug for VFIO mediated device on PCI bridge,
this patch adds hotplug functionality on root bus.
When parameter bus and addr are set to be empty, the system will pick up
an empty slot on root bus.
Signed-off-by: Zhao Xinda <xinda.zhao@intel.com>
Add details of the KSM throttler to the output of the data collection
script. Look for both Kata and Clear Containers KSM throttler details.
Fixes#739.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Get and store guest details after sandbox is completely created.
And get memory block size from sandbox state file when check
hotplug memory valid.
Signed-off-by: Clare Chen <clare.chenhui@huawei.com>
Signed-off-by: Zichang Lin <linzichang@huawei.com>
Add support for using update command to hotplug memory to vm.
Connect kata-runtime update interface with hypervisor memory hotplug
feature.
Fixes#625
Signed-off-by: Clare Chen <clare.chenhui@huawei.com>
Fixes#671
agent Shortlog:
7e8e20b agent: add GetGuestDetails gRPC function
5936600 grpc: grpc.Code is deprecated
2d3b9ac release: Kata Containers 1.3.0-rc0
a6e27d6 client: fix dialer after vendor update
cd03e0c vendor: update grpc-go dependency
1d559a7 channel: add serial yamux channel close timeout
fcf6fa7 agent: update resources list with the right device major-minor number
Signed-off-by: Zichang Lin <linzichang@huawei.com>
In order to choose if the network monitor should be used or not, this
patch makes it configurable from the configuration.toml file.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Because the network monitor will be listening to every event received
through the netlink socket, it will be notified everytime a new link
will be added/updated/modified in the network namespace it's running
into. The goal being to detect new interface added by Docker such as
a veth pair.
The problem is that kata-runtime will add other internal interfaces
when the network monitor will ask for the addition of the new veth
pair. And we need a way to ignore those new interfaces being created
as they relate to the veth pair that is being added. That's why, in
order to prevent from running into an infinite loop, virtcontainers
needs to tag the internal interfaces with the "kata" suffix so that
the network monitor will be able to ignore them.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
8abc400 agent: add test to WaitProcess()
f746ed8 agent: allow multiple waitProcess()
157f1c1 travis: Add variable needed to run static checks
ed54087 travis: bump golang version
ba0c7fc client: wait for session to be fully closed
0865c98 agent: wait session to be fully shutdown
55f1480 vendor: update yamux dependency
5e36bfc network: Wait for network device in UpdateInterface
218ce89 device: Rename getBlockDeviceNodeName to getPCIDeviceName
c9a4e2e uevent: Store the interface field as device name for network interfaces
74a5364 build: fix make proto error
b1c2ad8 agent: add support for online memory and cpu separately.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit adds some unit testing in order to validate some of the
new code that have been introduced with the new network monitor.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit modifies the Makefile at the root of this repository
so that the binary kata-netmon can be built from there.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Instead of dumping logs through the standard output with fmt.Printf()
function, this commit improves the logging by relying on logrus.
Also, it relies on the syslog hook so that all the logs get redirected
to the journal.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
In order to reduce the overhead due to the import of the whole
agent protocol, only the needed structures are duplicated. This
is a temporary solution, and those structures should be defined
into their own package to prevent from such overhead.
Note: the overhead of the binray size went down from 15MiB to
3MiB when this commit removed the dependency on the agent protocol.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit introduces a new watcher dedicated to the monitoring
of a specific network namespace in order to detect any change that
could happen to the network.
As a result of such a detection, the watcher should call into the
appropriate runtime path with the correct arguments to modify the
pod network accordingly.
Fixes#170
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
The PR moves ahead the start of proxy process for vm factory so that
it waits for both vm and proxy to be up at the same time. This saves
about 300ms for new container creation in my local test machine.
Fixes: #683
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Callers can use setProxy to ask agent to use an existing proxy.
agent is modified to rely on its state.URL to tell if an
its proxy is a valid one. And startProxy will skip a valid
proxy since it is already started.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
A proxy is mostly associated with an agent. Decouple it from sandbox
so that we can start it before linking vm with an actual sandbox.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Add `disable_vhost_net` option to enable or disable the use of
vhost_net. Vhost_net can improve network performance.
Signed-off-by: Ruidong Cao <caoruidong@huawei.com>
If the length of vhostfds is zero, it means host doesn't support vhost. So
do not pass vhost="on" in QMP.
Full list:
1a1fee7 qemu/qmp: nic can works without vhost
Fixes#169
Signed-off-by: Ruidong Cao <caoruidong@huawei.com>
If neither initrd nor rootfs path is mentioned in
the configuration.toml file, then error out stating
the same
Fixes: #587
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
The runtime and hypervisor `Debug` options were always showing as
`false` (although all debug options in `configuration.toml` were
correctly honoured).
Note: Also moved location of `FactoryConfig` in `RuntimeConfig` as the
`malign` linter was complaining:
```
virtcontainers/pkg/oci/utils.go:102:20⚠️ struct of size 408 could be 400 (maligned)
```
Fixes#724.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
The contents of .iso used to bootstrap VMs with cloudinit are
initialised using a precreated, short-lived directory. The
permissions on this directory were too lenient. This commit
restricts access to this directory to the user and his/her group.
Signed-off-by: Mark Ryan <mark.d.ryan@intel.com>
Instead of using a default queue size of 8 for macvtap fds,
use the number of CPUs on the guest as the queue size.
This is the recommended approach. This also shown better
performance results.
Fixes#680
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
