When we genete packages file we want to see
the resulting files. This changes to now
create repos in a tmpdir.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
If want to create pkgs based in new branch, this script will create
all the empty repositories in OBS for each kata package.
Then we can point use the rest of scripts to push changes to this new repo.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Add a heuristic to ensure the amount of memory allocated to the
hypervisor is bigger than the size of the image.
This catches simple configuration issues where `default_memory=` is set
to a smaller value than the size of either the `image=` or `initrd=`
files.
If the configured image type is `initrd`, fail but only warn in the
logs for `image` as although it seems a highly unlikely scenario, it is
permitted.
Update tests to ensure that created resources have `>0` bytes.
Fixes#636.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
The `TestMinimalRuntimeConfig` should not be using the real
resource files that might be installed on a system so make temporary
files instead to better control the test.
Split out `TestMinimalRuntimeConfigWithVsock` to reduce cyclomatic
complexity (along with dropping the config file delete at the end - not
required as the entire test-specific directory gets auto-deleted).
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
pkglib.sh uses BUILD_ARCH and DEB_ARCH which are
by default not set and hence take the value of
x86_64 and amd64 respectively. Make this
architecture specific.
Fixes: #154
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
qemu-lite is required to be packaged only
for amd64 arch. Skip it for all other
architectures.
Fixes: #152
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
Currently, since GOARCH is not passed as build-arg
to a Dockerfile, it by default always pick's up amd64
when building it. Also pass it as --env when running it.
Fixes#148
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
govmm has ExecuteBlockdevAdd() function and ExecuteBlockdevDel() function
doesn't compatible with qemu 2.8,because blockdev-add and x-blockdev-del usages
are different between qemu 2.7 and qemu 2.8
shortlog:
ce070d1 govmm: modify govmm to be compatible with qemu 2.8
0286ff9 qemu/qmp: support hotplug a nic whose qdisc is mq
8515ae4 qmp: Remind users that you must first call ExecuteQMPCapabilities()
21504d3 qemu/qmp: Add netdev_add with chardev support
ed34f61 Add some negative test cases for qmp.go
17cacc7 Add negative test cases for qemu.go
fixes: #637
Signed-off-by: flyflypeng <jiangpengfei9@huawei.com>
Fixes#144
Current kata containers can't run with kernel 4.1 built from current x86 config,
it will report error:
```
$ docker run -ti --runtime kata busybox sh
docker: Error response from daemon: oci runtime error: rpc error: code = Internal
desc = Could not run process: container_linux.go:348: starting container process
caused "process_linux.go:402: container init caused \"open /dev/ptmx: no such
file or directory\"".
```
This is caused by bogus devpts mount options. When run container with docker,
docker will assign a default devpts mount for every container which equals to
command below:
```
$ mount -t devpts -o nosuid,noexec,newinstance,ptmxmode=0666,mode=0620,gid=5 \
devpts /dev/pts
```
This requires kernel config `CONFIG_DEVPTS_MULTIPLE_INSTANCES=y` to work properly
under kernel-4.1, but this option is already removed from latest kernel.
It's better to add it back for support older kernel than current 4.14.
Signed-off-by: Wei Zhang <zhangwei555@huawei.com>
If the sandbox has been initialized with a factory, this means the
caller should be in charge of adding any network to the VM, and
virtcontainers library cannot make any assumptions about adding
the default underlying network.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
The CLI being the implementation of the OCI specification, and the
hooks being OCI specific, it makes sense to move the handling of any
OCI hooks to the CLI level. This changes allows the Kata API to
become OCI agnostic.
Fixes#599
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
As we want to call the OCI hook from the CLI, we need a way for the
CLI to figure out what is the network namespace used by the sandbox.
This is needed particularly because virtcontainers creates the netns
if none was provided.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit moves the network namespace creation out of virtcontainers
in order to anticipate the move of the OCI hooks to the CLI through a
follow up commit.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Since we removed the CNI implementation and that we agreed the network
should only be handled in a single way from virtcontainers, this patch
logically replace the "CNM" naming with "Default".
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
When pcre-tools is installed before build/obs-service-tar_scm
then "build-mkbaselibs-20180629-289.1.noarch.rpm" is installed
as dependency but OBS repo does not have that rpm. So install
"pcre-tools" at the end and dockerfile builds fine on ppc64le.
Fixes: #139
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
govmm has ExecuteBlockdevAdd() function and ExecuteBlockdevDel() function
doesn't compatible with qemu 2.8,because blockdev-add and x-blockdev-del usages
are different between qemu 2.7 and qemu 2.8
Follow the qemu 2.7 and qemu 2.8 qmp-commands.txt documents to modify ExecuteBlockdevAdd()
function and ExecuteBlockdevDel() function to be compatible with qemu 2.8
Signed-off-by: flyflypeng <jiangpengfei9@huawei.com>
The minimum golang version should be defined *once* - in [1]. Since the
developer guide already provides a link to that human-readable file,
remove the hard-coded golang version number to avoid having to maintain
that part of the devguide.
Fixes#232.
[1] - https://github.com/kata-containers/runtime/blob/master/versions.yaml
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Update the agent vendoring for the new `NewAgentClient()` API - the
agent client code will enable gRPC tracing when passed a context
containing an opentracing span.
Agent client code changes:
6d26d61 client: Add context parameter and enable tracing support
Fixes#640.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
The storage implementation of filesystem was in the same file where
the resource storage interface was declared. It's more proper to
separate implementations and interface into different files.
Fixes#633
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This noop implementation of resourceStorage will allow for easier
unit testing of some sandbox functions.
Fixes#632
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
The specific agent implementation kata_agent was defining a very
useful generic function that is now moved to the global file
network.go.
Fixes#629
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
The QMP shutdown is taken care of by the sandbox release, through a
call to hypervisor.disconnect(). By shutting down the QMP at the qemu
level directly, we are creating some unrecoverable errors by trying to
close an already closed channel.
This patch simply removes the faulty code, following the same design
other hotplug functions are designed.
Fixes#627
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
If we hotplug a nic with args mq=on, its qdisc will be mq by default.
This aligns with cold plug nics.
Signed-off-by: Ruidong Cao <caoruidong@huawei.com>
QEMU supports GICv2, GICv3 and host parameters for guest
gic-version. The "host" parameter will let QEMU detect
GIC version by itself. This parameter will work properly
when host GIC version is GICv2 or GICv3. But the detection
will failed when host GIC is GICv4 or higher:
"Unable to determine GIC version supported by host"
In this case, we have to detect the host GIC version manually
and force QEMU to use GICv3 when host GIC is GICv4 or higher.
Fixes: #614
Signed-off-by: Wei Chen <wei.chen@arm.com>
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Before calling any other command it is necessary to call
ExecuteQMPCapabilities() otherwise QEMU will not process the subsequent QMP
commands.
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
