Add a test to ensure the JSON output passes the same
parameter check and write/re-read test as the TOML one.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
With the addition of the JSON kata-env output, we need
to fix up the tests:
- add a test for the JSON flag
- fix the format/layout of the other tests to take into
account the change in function API and the additon of a
flagset to the cmdline ctx.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
A Dockerfile is created and reference daemonsets are also
provided for deploying Kata Containers onto a running Kubernetes
cluster. A few daemonsets are introduced:
1) runtime-labeler: This daemonset will create a label on each node in
the cluster identifying the CRI shim in use. For example,
container-runtime=crio or container-runtime=containerd.
2) crio and containerd kata installer: Assuming either CRIO or
containerd is the CRI runtime on the node (determined based on label
from (1),, either the crio or containerd variant will execute. These daemonsets
will install the VM artifacts and host binaries required for using
Kata Containers. Once installed, it will add a node label kata-runtime=true
and reconfigure either crio or containerd to make use of Kata for untrusted workloads.
As a final step it will restart the CRI shim and kubelet. Upon deletion,
the daemonset will remove the kata binaries and VM artifacts and update
the label to kata-runtime=cleanup.
3) crio and containerd cleanup: Either of these two daemonsets will run,
pending the container-runtime label value and if the node has label
kata-runtime=cleanup. This daemonset simply restarts crio/containerd as
well as kubelet. This was not feasible in a preStepHook, hence the
seperate cleanup step.
An RBAC is created to allow the daemonsets to modify labels on the node.
To deploy kata:
kubectl apply -f kata-rbac.yaml
kubectl apply -f kata-deploy.yaml
To remove kata:
kubectl delete -f kata-deploy.yaml
kubectl apply -f kata-cleanup.yaml
kubectl delete -f kata-cleanup.yaml
kubectl delete -f kata-rbac.yaml
This initial commit is based on contributions by a few folks on
github.com/egernst/kata-deploy
Also-by: Saikrishna Edupuganti <saikrishna.edupuganti@intel.com>
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Signed-off-by: Jon Olson <jonolson@google.com>
Signed-off-by: Ricardo Aravena <raravena@branch.io>
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
The test files do not have access to our app level
exit() function, and are thus OK to call os.Exit() if
they need. Skip them from the check.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Having a direct JSON output for kata-env will help record
results in our CIs in some instances. Add that ability with
a kata-env command line extension.
Fixes: #474
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Allow the path being checked by the os-no-exit script to be
passed in, and update the Makefile to use that to check the
current code paths of the cli and virtcontainers.
Fixes: #477
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
If we find no files to check, gracefully quit the test.
Formerly, if the list was empty we ended up trying to read
from stdin, and thus hung.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Add script that will help to bump versions for all the projects.
Fixes: #49
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Journald, by default on some systems, will rate limit log messages,
and in the case of our 'enable full debug', will likely drop some
of our debug.
Document how to identify if this is happening, and how to configure
`systemd-journald` appropriately.
Fixes: #181
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
as default image-type and initrd weren't for non-x86_64 arch,
reconstructuring them to be architecture-specific.
Fixes: #461
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
After the sandbox is paused, it's needed to stop its monitor,
Otherwise, its monitors will receive timeout errors if it is
paused for a long time, thus its monitor will not tell it's a
crash caused timeout or just a paused timeout.
Fixes: #472
Signed-off-by: fupan <lifupan@gmail.com>
Reworked `TestCCProxyStart` to create a generic `testProxyStart()` that
is now used for testing both CC and Kata proxies.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add the `-sandbox` option when launching the proxy. This isn't strictly
required by the proxy, but is extremely useful for log analysis to allow
log entries to be matched to sandboxes as the proxy will add a
`sandbox` field in each log entry.
Fixes#463.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
I got following warning after upgrading dep tool:
Warning: the following project(s) have [[constraint]] stanzas in Gopkg.toml:
✗ github.com/hashicorp/yamux
However, these projects are not direct dependencies of the current project:
they are not imported in any .go files, nor are they in the 'required' list in
Gopkg.toml. Dep only applies [[constraint]] rules to direct dependencies, so
these rules will have no effect.
Either import/require packages from these projects so that they become direct
dependencies, or convert each [[constraint]] to an [[override]] to enforce rules
on these projects, if they happen to be transitive dependencies,
So let's convert constraint to override over yamux. In the meanwhile,
update the yamux vendor. Full commit list:
4c2fe0d (origin/b-consul-3040) Dont output keepalive error when the session is closed
f21aae5 Make sure to drain the timer channel on defer, and a clarifying comment
601ccd8 Make receive window update logic a bit cleaner
02d320c Uses timer pool in sendNoWait, like in waitForSendErr
cf433c5 window update unit test for partial read; benchmark large buffer
ca8dfd0 improve memory utilization in receive buffer, fix flow control
683f491 Fix race around read and write deadlines in Stream (#52)
40b86b2 Add public session CloseChan method (#44)
Note that commit 4c2fe0d might also help kata-containers/agent/issues/231.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
To include vm factory related commits. Full list:
54caf78 (mine/templating, templating) qmp: add hotplug memory
e66a9b4 qemu: add appendMemoryKnobs helper
8aeca15 qmp: add migrate set arguments
a03d496 qmp: add set migration capabilities
0ace417 qemu: allow to set migration incoming
723bc5f qemu: allow to create a stopped guest
283d7df qemu: add file backed memory device support
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Add the runtime CLI command name to the virtcontainers logger so that it
is clear when reading virtcontainers log entries which runtime command
they refer to.
Fixes#448.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
the yaml file is the recipe to build a snap image
with all Kata Containers components inside.
fixes#81
Signed-off-by: Julio Montes <julio.montes@intel.com>
We populate all the conent of a OBS project.
Lets remove after we checkout to the OBS project.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Packaging scripts search for patches in a directory
called 'patches'. We store the kernel patches in a diferent place
to make easy to mantain them.
Lets do a symlink to allow the automation find the patches.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
We dont have commit when we build the pkg.
Lets define the COMMIT variable to kwnow the commit from each project.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
