github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-29 16:57:18 +00:00
Code Issues Projects Releases Wiki Activity
403 Commits 82 Branches 134 Tags 325 MiB
c3282958f2
Commit Graph

403 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marco Vedovati
c3282958f2 ccloudvm: update kata install URL 
Update the kata install commands to point to the correct repository URL.

Fixes: #326

Signed-off-by: Marco Vedovati <mvedovati@suse.com>
 2019-02-04 17:25:05 +01:00
James O. D. Hunt
970b26c349
Merge pull request #304 from egernst/kata-deploy-1.5.0-rc2 
kata deploy rewrites
 2019-02-01 09:17:21 +00:00
Eric Ernst
b4ba52d432 kata-deploy: s/kata-containers.io/katacontainers.io 
To be consistent with project URL, use katacontainers.io
instead of kata-containers.io

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2019-01-31 21:13:00 -08:00
Eric Ernst
5f955968e6 kata-deploy: update documentation after 1.5 rewrite 
With the 1.5 release, we made several changes:
-simplification of daemonsets
-introduction of runtimeClass

Update documentation to take this into account.

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2019-01-31 21:12:40 -08:00
Eric Ernst
53115c0de9 kata-deploy: add docker details to readme 
Add details for Docker configuration to the kata-deploy README

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2019-01-31 21:12:40 -08:00
Eric Ernst
c0cdc045a5 kata-deploy: add script for configuring Docker 
Before the kata-deploy container image was intended to be
used with only Kubernetes.  This commit adds a script for configuring
Kata to run with Docker.

This assumes > release 1.5 of Kata, as Firecracker is being configured
as well as QEMU based Kata. Note, in order for this to work, Docker must
be configured to use a block-based storage driver.

To succeed, it the following directories must be mounted:
- /opt/kata - this is the location that the kata artifacts are stored
- /run/systemd - for reloading the docker service
- /var/run/dbus - for reloading the docker service
- /etc/docker - for updating the docker configuration (daemon.json)

usage: kata-deploy-kata [install | remove]

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2019-01-31 21:12:40 -08:00
Eric Ernst
471415b245 kata-deploy: updates for Dockerfile 
Additional packages are necessary and/or were removed from the base
image.

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
 2019-01-31 21:12:40 -08:00
Eric Ernst
5db1ba5710 kata-deploy: add support for runtime class, firecracker 
Simplify the yaml and combine the prior scripts. The resulting script,
kata-deploy.sh, is used for  install and configuration and
removal for CRI-O and containerd. While this could be used standalone
outside of daemonsets, today it will sleep infinity after processing the
request, since it is assumed to be called by a daemon.

By checking the CRI runtime within the script itself, we no longer need
to support many daemonsets for deploy - just a single. Still requires a
seperate cleanup daemonset (for restarting the CRI runtime), and an
RBAC.

Verified with CRI-O -- containerd testing WIP

Throwing this up now for feedback since I do not bash good.

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Signed-off-by: Saikrishna Edupuganti <saikrishna.edupuganti@intel.com>
 2019-01-31 21:12:40 -08:00
Julio Montes
e12442bc65 snap: release 1.5.0 
release kata containers 1.5.0

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-31 21:12:40 -08:00
Julio Montes
7e312f833b snap: use new GOPATH to build image 
Use a new GOPATH to build image in order to avoid clashes with user's GOPATH,
otherwise user's kata agent will be used causing problem if that repository is
not up to date.

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-31 21:12:40 -08:00
Julio Montes
51f5c22409 snap: remove commands used for debugging 
remove set and env commands that were used for debugging

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-31 21:12:40 -08:00
Julio Montes
70876b3343 snap: apply patch in runtime to fix config paths 
This is a hotfix to fix https://github.com/kata-containers/runtime/issues/1185

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-31 21:12:40 -08:00
Julio Montes
2145fc1112 snap: apply patch in runtime to fix DESTDIR 
This is a hotfix to fix https://github.com/kata-containers/runtime/pull/1162

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-31 21:12:40 -08:00
Julio Montes
e7ff7e1c44 snap: fix qemu command name 
set qemu-system instead of qemu-lite as default qemu command

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-31 21:12:40 -08:00
Julio Montes
d901b625c9 snap: get sources from git repositories 
get source from git repositories to show the right commit
version of each component.

fixes #317

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-31 21:12:40 -08:00
James O. D. Hunt
a6b5d7e5e4
Merge pull request #294 from jcvenegas/release-fixes-1.4.1 
release: 1.5.0 fixes
 2019-01-31 08:52:39 +00:00
Jose Carlos Venegas Munoz
784f14b4f7 release: docs: update installation notes. 
Documentation is not forked today.

Fixes: #320

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-30 13:51:08 -06:00
Jose Carlos Venegas Munoz
d1f8846adb releaes: static: add wrapper for firecracker config. 
https://github.com/kata-containers/documentation/wiki/Initial-release-of-Kata-Containers-with-Firecracker-support

The wiki says that a wrapper is part of the release tarball,  `make install`
from runtime is not doing it, add workaround until this is added as an official wrapper.

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-30 13:51:08 -06:00
Jose Carlos Venegas Munoz
ed39937a2c static: release: add correct symlink until is fixed 
dest dir is broken and symlink is created on the host not the tarbal.

See:
https://github.com/kata-containers/runtime/issues/1161

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-30 13:51:08 -06:00
Jose Carlos Venegas Munoz
0a889b540b release: static: add firecracker to tarball. 
The firecracker binary was not added to release tarball.

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-30 13:51:08 -06:00
Jose Carlos Venegas Munoz
4f02627d30 pkgs: runtime: spec fix qemu path 
QEMUCMD is used to identify the defauly hypervisor on kata.

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-30 08:49:34 -06:00
Jose Carlos Venegas Munoz
6e2677c456 pkgs: Fix spec file. 
- Remove not needed require
- call %autosetup before apply patches.

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-30 08:49:34 -06:00
Jose Carlos Venegas Munoz
6b11ed27a3 pkg: spec: add all files that match as config file. 
New hypervisor configs could be added in the future, add
any possible new config file.

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-28 14:32:19 -06:00
Jose Carlos Venegas Munoz
d8fcb58d02 deploy: release: Fix config paths 
Now there are 2 config paths lets update both to not use
initrd by default.

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-28 14:32:19 -06:00
Jose Carlos Venegas Munoz
c9ac12d58b pkgs: Update version for kata 1.5.0 
Update versions file as part of release process.

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-28 14:32:19 -06:00
Jose Carlos Venegas Munoz
8693ba7513 pkgs: debian: fix kernel build. 
Dont use -j all, it may lead the builder workers run out of memory.

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-28 14:32:19 -06:00
Jose Carlos Venegas Munoz
8db26ee1d4
Merge pull request #318 from devimc/topic/snapFixVersions 
snap: release 1.5.0
 2019-01-28 14:09:06 -06:00
Julio Montes
86fca4564e snap: release 1.5.0 
release kata containers 1.5.0

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-28 09:37:05 -06:00
Julio Montes
7684c8e29a snap: use new GOPATH to build image 
Use a new GOPATH to build image in order to avoid clashes with user's GOPATH,
otherwise user's kata agent will be used causing problem if that repository is
not up to date.

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-28 09:37:05 -06:00
Julio Montes
e5940ce66d snap: remove commands used for debugging 
remove set and env commands that were used for debugging

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-28 09:21:46 -06:00
Julio Montes
7d77ae9ca8 snap: apply patch in runtime to fix config paths 
This is a hotfix to fix https://github.com/kata-containers/runtime/issues/1185

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-28 09:21:46 -06:00
Julio Montes
7c25b606ba snap: apply patch in runtime to fix DESTDIR 
This is a hotfix to fix https://github.com/kata-containers/runtime/pull/1162

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-28 09:19:24 -06:00
Archana Shinde
767ac47a15
Merge pull request #312 from jongwu/memory_hotplug 
kernel: Add memory hotplug(add) support for arm64
 2019-01-25 14:37:52 -08:00
Julio Montes
526c5ffd76 snap: fix qemu command name 
set qemu-system instead of qemu-lite as default qemu command

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-25 07:53:41 -06:00
Julio Montes
33dc19f82a snap: get sources from git repositories 
get source from git repositories to show the right commit
version of each component.

fixes #317

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-23 10:07:19 -06:00
Jianyong Wu
d2a42cb6d5 kernel: config: bump config 
Fixes: #309

Signed-off-by: Jianyong Wu  <jianyong.wu@arm.com>
 2019-01-18 02:55:44 -05:00
Jianyong Wu
e654dbd836 kernel: Add memory hotplug(add) support for arm64 
As memory hotplug for arm64 by acpi is not ready on qemu, we choose
"probe" instead. You can refer to [1] to get more infomation about
"probe". The process of memory hotplug by "probe" in kata lies below:
firstly, add memory in qemu qmp; secondly, echo the start phyical address
of that memory to /sys/devices/system/memory/probe, which will be done
through kata-agent; thirdly, excute online op, then this newly added
memory is capable to be used.

All functions in this patch will be called after "echo" op. It can be
divided into two parts:
1. create page table for that memory;
2. add that memory to memblock.

In this patch, NUMA must be turned off for not all arm64 machine supports
NUMA.
As the newly added memory should be placed from 2T to 6T which is decided
in qemu and phyical address and virtual address will be one-one mapping
when create pgd for that memory, we must config ARM64_VA_BITS as 48.
Also some configs should be turned on, especially "ARCH_MEMORY_PROBE".

We have tested this patch integrated with another patch which performed
that echo op. It works well when using "-m" in command line when start a
kata-container on aarch64 machine.

This patch derived from Maciej Bielski. You can refer to [2] to get full
infomation about it.

[1] https://www.kernel.org/doc/Documentation/memory-hotplug.txt
[2] https://lkml.org/lkml/2017/11/23/183

Fixes: #309

Signed-off-by: Jianyong Wu  <jianyong.wu@arm.com>
Signed-off-by: Jia He <justin.he@arm.com>
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
 2019-01-18 02:52:18 -05:00
Jose Carlos Venegas Munoz
f802dd8796
Merge pull request #303 from mcastelino/topic/firecracker 
Firecracker: Add support for firecracker packaging
 2019-01-17 15:18:39 -05:00
Manohar Castelino
6a44bdb48b Firecracker: Add support for firecracker packaging 
Start packaging the supported version of firecracker.

Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
 2019-01-17 09:37:31 -08:00
Jose Carlos Venegas Munoz
b3d2688762
Merge pull request #306 from devimc/topic/fixSnap 
snap: don't use make snap to build the snap
 2019-01-14 16:43:44 -05:00
Julio Montes
7f7e258d14 snap: don't use make snap to build the snap 
In some build systems like launchpad is not possible to run neither
custom commands or hooks, hence build a snap image with `make snap` is
not feasible, to deal with this limitation, the final snapcraft.yaml
is part of the repository and all packages versions are read from versions.yaml
in the runtime repository.

fixes #305

Signed-off-by: Julio Montes <julio.montes@intel.com>
 2019-01-14 07:58:48 -06:00
Eric Ernst
a60cd133bd
Merge pull request #300 from jcvenegas/use-local-kernel-version 
kernel: build: Use local kernel version.
 2019-01-09 11:09:52 -08:00
Jose Carlos Venegas Munoz
95fef541c2 kernel: test: improve error handler 
print output from  last command that failed.

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-09 11:21:13 -06:00
Jose Carlos Venegas Munoz
789970bc43 kernel: config: bump config 
Kernel dir changed.

Depends-on:github.com/kata-containers/tests#1033

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-08 17:23:50 -06:00
Jose Carlos Venegas Munoz
a5c2a2c813 kernel: test: Fix detection on kernel changes. 
Kernele changes are not being detected, fix it.

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-08 16:28:50 -06:00
Jose Carlos Venegas Munoz
2e93dbd737 kernel: build: Use local kernel version. 
If the runtime repository is already cloned get version from it,
else keep getting from github.

Fixes: #299

Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
 2019-01-08 15:23:12 -06:00
Eric Ernst
8a3f7cf6d3
Merge pull request #288 from sboeuf/add_config_x86_4_19_10 
kernel: Add 4.19.10 config for x86
 2019-01-07 09:20:50 -08:00
Sebastien Boeuf
63e95c1af7
Merge pull request #295 from kata-containers/revert-269-build_development_kernel 
Revert "kernel: update guest kernel to 4.19.8 on aarch64 "
 2019-01-07 01:15:02 -08:00
Peng Tao
0a5b5adbfb Revert "kernel: update guest kernel to 4.19.8 on aarch64 " 
Reverts #269

The added kernel patch doesn't apply and is causing all CI to fail. FYI, the current guest kernel version is 4.14.67. Please rebase and re-submit your PR cleanly @Pennyzct.

e.g., http://jenkins.katacontainers.io/job/kata-containers-runtime-centos-7-4-PR/995/console

NFO: Applying patch /tmp/jenkins/workspace/kata-containers-runtime-centos-7-4-PR/go/src/github.com/kata-containers/packaging/kernel/patches/0003-backport-Arm64-KVM-Dynamic-IPA-and-52bit-IPA-support.patch
patching file arch/arm/include/asm/kvm_arm.h
patching file arch/arm/include/asm/kvm_host.h
Hunk #1 succeeded at 266 (offset -7 lines).
Hunk #2 succeeded at 314 with fuzz 2 (offset -40 lines).
patching file arch/arm/include/asm/kvm_mmu.h
Hunk #1 FAILED at 35.
Hunk #2 succeeded at 47 with fuzz 2 (offset -5 lines).
Hunk #3 succeeded at 266 with fuzz 2 (offset -96 lines).
1 out of 3 hunks FAILED -- saving rejects to file arch/arm/include/asm/kvm_mmu.h.rej
patching file arch/arm/include/asm/stage2_pgtable.h
patching file arch/arm64/include/asm/cpufeature.h
Hunk #1 FAILED at 262.
Hunk #2 succeeded at 284 (offset -246 lines).
1 out of 2 hunks FAILED -- saving rejects to file arch/arm64/include/asm/cpufeature.h.rej
patching file arch/arm64/include/asm/kvm_arm.h
Hunk #1 succeeded at 102 (offset -5 lines).
Hunk #2 succeeded at 116 (offset -5 lines).
Hunk #3 succeeded at 305 (offset -7 lines).
patching file arch/arm64/include/asm/kvm_asm.h
Hunk #1 succeeded at 27 (offset -3 lines).
Hunk #2 FAILED at 73.
1 out of 2 hunks FAILED -- saving rejects to file arch/arm64/include/asm/kvm_asm.h.rej
patching file arch/arm64/include/asm/kvm_host.h
Hunk #1 succeeded at 48 (offset -5 lines).
Hunk #2 FAILED at 61.
Hunk #3 succeeded at 399 with fuzz 2 (offset -41 lines).
Hunk #4 FAILED at 503.
2 out of 4 hunks FAILED -- saving rejects to file arch/arm64/include/asm/kvm_host.h.rej
patching file arch/arm64/include/asm/kvm_hyp.h
patching file arch/arm64/include/asm/kvm_mmu.h
Hunk #1 succeeded at 154 (offset 13 lines).
Hunk #2 succeeded at 229 with fuzz 1 (offset -17 lines).
Hunk #3 succeeded at 409 with fuzz 2 (offset -110 lines).
patching file arch/arm64/include/asm/stage2_pgtable-nopmd.h
patching file arch/arm64/include/asm/stage2_pgtable-nopud.h
patching file arch/arm64/include/asm/stage2_pgtable.h
patching file arch/arm64/kvm/guest.c
Hunk #1 succeeded at 305 (offset -86 lines).
patching file arch/arm64/kvm/hyp-init.S
Hunk #1 FAILED at 65.
1 out of 1 hunk FAILED -- saving rejects to file arch/arm64/kvm/hyp-init.S.rej
patching file arch/arm64/kvm/hyp/Makefile
Hunk #1 succeeded at 18 (offset -1 lines).
patching file arch/arm64/kvm/hyp/s2-setup.c
Reversed (or previously applied) patch detected! Assume -R? [n]
Apply anyway? [n]
Skipping patch.
1 out of 1 hunk ignored -- saving rejects to file arch/arm64/kvm/hyp/s2-setup.c.rej
patching file arch/arm64/kvm/hyp/switch.c
Hunk #1 FAILED at 198.
Hunk #2 succeeded at 226 (offset -37 lines).
1 out of 2 hunks FAILED -- saving rejects to file arch/arm64/kvm/hyp/switch.c.rej
patching file arch/arm64/kvm/hyp/tlb.c
Hunk #1 succeeded at 29 (offset -1 lines).
Hunk #2 succeeded at 38 (offset -1 lines).
patching file arch/arm64/kvm/reset.c
Hunk #4 FAILED at 86.
Hunk #5 succeeded at 133 (offset -4 lines).
1 out of 5 hunks FAILED -- saving rejects to file arch/arm64/kvm/reset.c.rej
patching file include/linux/irqchip/arm-gic-v3.h
Hunk #1 succeeded at 374 (offset -14 lines).
patching file include/uapi/linux/kvm.h
Hunk #1 succeeded at 739 (offset -11 lines).
Hunk #2 FAILED at 962.
1 out of 2 hunks FAILED -- saving rejects to file include/uapi/linux/kvm.h.rej
patching file virt/kvm/arm/arm.c
Hunk #1 succeeded at 115 (offset -5 lines).
Hunk #2 succeeded at 207 (offset -6 lines).
Hunk #3 succeeded at 236 (offset -6 lines).
Hunk #4 succeeded at 463 (offset -35 lines).
Hunk #5 FAILED at 546.
Hunk #6 succeeded at 1164 with fuzz 2 (offset -145 lines).
Hunk #7 succeeded at 1261 (offset -147 lines).
1 out of 7 hunks FAILED -- saving rejects to file virt/kvm/arm/arm.c.rej
patching file virt/kvm/arm/mmu.c
Hunk #1 succeeded at 43 with fuzz 2 (offset -2 lines).
Hunk #2 succeeded at 147 (offset -2 lines).
Hunk #3 succeeded at 216 (offset -35 lines).
Hunk #4 succeeded at 226 (offset -35 lines).
Hunk #5 succeeded at 245 (offset -35 lines).
Hunk #6 succeeded at 255 (offset -35 lines).
Hunk #7 succeeded at 272 (offset -35 lines).
Hunk #8 succeeded at 371 with fuzz 2 (offset 40 lines).
Hunk #9 FAILED at 340.
Hunk #10 FAILED at 370.
Hunk #11 FAILED at 388.
Hunk #12 FAILED at 408.
Hunk #13 succeeded at 753 (offset -143 lines).
Hunk #14 succeeded at 842 (offset -143 lines).
Hunk #15 succeeded at 850 (offset -143 lines).
Hunk #16 succeeded at 859 (offset -143 lines).
Hunk #17 succeeded at 881 (offset -143 lines).
Hunk #18 succeeded at 1024 (offset -182 lines).
Hunk #19 succeeded at 1114 (offset -188 lines).
Hunk #20 succeeded at 1148 (offset -188 lines).
Hunk #21 succeeded at 1176 (offset -188 lines).
Hunk #22 succeeded at 1190 (offset -188 lines).
Hunk #23 succeeded at 1333 (offset -196 lines).
Hunk #24 succeeded at 1552 (offset -220 lines).
Hunk #25 succeeded at 1852 (offset -219 lines).
4 out of 25 hunks FAILED -- saving rejects to file virt/kvm/arm/mmu.c.rej
patching file virt/kvm/arm/vgic/vgic-its.c
Hunk #1 succeeded at 233 (offset -8 lines).
Hunk #2 succeeded at 696 (offset -56 lines).
Hunk #3 succeeded at 721 (offset -56 lines).
Hunk #4 succeeded at 736 (offset -56 lines).
Hunk #5 succeeded at 746 (offset -56 lines).
Hunk #6 succeeded at 1214 (offset -80 lines).
Hunk #7 succeeded at 1232 (offset -80 lines).
Hunk #8 succeeded at 1279 (offset -80 lines).
Hunk #9 succeeded at 2135 (offset -82 lines).
Hunk #10 succeeded at 2207 (offset -82 lines).
Hunk #11 succeeded at 2256 (offset -82 lines).
patching file virt/kvm/arm/vgic/vgic-mmio-v3.c
Hunk #1 succeeded at 326 (offset -38 lines).
Hunk #2 succeeded at 343 (offset -38 lines).
Build step 'Execute shell' marked build as failure
Performing Post build task...
Match found for :.* : True
Logical operation result is TRUE
Running script : #!/bin/bash

Fixes: #296
Signed-off-by: Peng Tao <bergwolf@gmail.com>
 2019-01-04 09:32:12 +08:00
Jose Carlos Venegas Munoz
4be12af819
Merge pull request #286 from marcov/fix-version-compare 
obs-packaging: support comparisons of pre-releases versions
 2019-01-02 13:09:41 -06:00