Return error soon when addDeviceToBridge() can not get empty address
from bridges, or the error will thrown by qemu, this is not obvious.
Fixes: #1005
Signed-off-by: Ace-Tang <aceapril@126.com>
VMCache is a new function that creates VMs as caches before using it.
It helps speed up new container creation.
The function consists of a server and some clients communicating
through Unix socket. The protocol is gRPC in protocols/cache/cache.proto.
The VMCache server will create some VMs and cache them by factory cache.
It will convert the VM to gRPC format and transport it when gets
requestion from clients.
Factory grpccache is the VMCache client. It will request gRPC format
VM and convert it back to a VM. If VMCache function is enabled,
kata-runtime will request VM from factory grpccache when it creates
a new sandbox.
VMCache has two options.
vm_cache_number specifies the number of caches of VMCache:
unspecified or == 0 --> VMCache is disabled
> 0 --> will be set to the specified number
vm_cache_endpoint specifies the address of the Unix socket.
This commit just includes the core and the client of VMCache.
Currently, VM cache still cannot work with VM templating and vsock.
And just support qemu.
Fixes: #52
Signed-off-by: Hui Zhu <teawater@hyper.sh>
If enter to vircontainers directory and do make check-go-test, the makefile
does not found the kata .ci directory use relative path to makefile.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Simplify empty string proxy type handling and cast invalid proxy type to
ProxyType.
Fixes: #1312
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
kata builtin proxy has always watched the qemu's console
whether proxy's debug is set or not, this is not aligned
with kata cli. This patch will change it and watch the
qemu's console only when proxy's debug is set in kata config.
Fixes: #1318
Signed-off-by: fupan <lifupan@gmail.com>
Got aarch64 fail in No GO command or GOPATH not set mode:
Makefile:38: arch/aarch64-options.mk: No such file or directory
Makefile:237: *** "ERROR: No hypervisors known for architecture aarch64 (looked for: firecracker qemu)". Stop.
The cause is the machine hardware name of aarch64 is aarch64 but
runtime's arch make file's name is arm64-options.mk.
This commit convert aarch64 to arm64 to fix the issue.
Fixes: #1320
Signed-off-by: Hui Zhu <teawater@hyper.sh>
The store refactor (#1066) inadvertently broke runtime tracing as it
created new contexts containing trace spans.
Reworking the store changes to re-use the existing context resolves the
problem since runtime tracing assumes a single context.
Fixes#1277.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Check the "builtIn" first when updating the shim/proxy/agent,
thus can avoid checking the shim/proxy's binary files path which
is needless for "builtIn" type.
Fixes: #1314
Signed-off-by: fupan <lifupan@gmail.com>
reason: When excutes ExecuteNetCCWDeviceAdd, the DevID is always "virtio-".
If add-iface multy times, qemu may report "dumplicated id:virtio-".
Fixes: #1305
Signed-off-by: xueshaojia <xueshaojia@huawei.com>
- doc: Fix invalid URLs
- virtcontainers: fix vCPU calculation errors
- Network: add ipvlan unmarshal
- store: Add SetLogger API
- versions: Bump to kernel 4.19.24
- cgroups: fix failed to remove sandbox cgroup
- devices: fix attach count for vhost-user-blk
- qemu: Cleanup Vm paths irrespective of Sandbox stop pass/fail
- virtcontainers: reimplement sandbox cgroup
- delete: force: Do not fail on non exiting container
- vendor: add missing comma to Gopkg.lock
- Unit test: fix bugs on a few unit tests on aarch64
- versions: update k8s, cri-o and containerd
- versions: Update qemu-lite hash
- virtcontainers: Improve debug messages when deleting files
- versions: use clear linux latest rootfs.
- shimv2: Send async task events to containerd/cri
- Makefile: Set ARCH in GOPATH not set mode
- Virtcontainers store
- runtime: Do not error if only initrd/rootfs image installed
- pullapprove: remove it
- Reduce virtcontainers unit test noise
- snap: add snapcraft store banner
- kata-env: kata-env error out when there is no VERSION_ID.
- ppc64le: Fix hotplug issue
- Network interface removal and decoupling
- Makefile: Provide default hypervisor CMD settings
- ci: Add a CODEOWNERS file for github ack checks
- shimv2: use the runtime config file passed from containerd/cri
- cli: set config options before showing config paths
- makefile: honor DESDIR on install
- factory: do not destroy vm factory when checking status
- runtime: Fix TestCCCheckCLIFunction on P9 system
dc26508 virtcontainers: fix vCPU calculation errors
f540a80 store: Add SetLogger API
4357e85 doc: Fix invalid URLs
36141d2 Network: add ipvlan unmarshal
454775f cgroups: fix failed to remove sandbox cgroup
768658f versions: Update kernel version to 4.19.24
46e2f88 devices: fix attach count for vhost-user-blk
6daefdb qemu: Cleanup Vm paths irrespective of Sandbox stop pass/fail
58d2785 virtcontainers: don't try to talk with the proxy when it's not running
62c393c virtcontainers: change container's state to stop asap
5201860 virtcontainers: reimplement sandbox cgroup
9758cdb virtcontainers: move cpu cgroup implementation
c78d6b0 delete: force: Do not fail on non exiting container
a136999 vendor: Add missing comma to Gopkg.lock and dep ensure
409a8a5 versions: update k8s, cri-o and containerd
23c554e unit-test: refine func TestGetCPUDetails
1b967a4 unit-test: add nolint comment to avoid unused warning
3ec56ea runtime: add appendBridges for arm64
e93fb0b unit-test: test func for RunningOnVMM should be arch-dependent
0679f6f unit-test: refine qemu_arm64_test.go
44e2b9a unit-test: struct TestDataa should be included in arch-indenpedent .go file
a1c8590 virtcontainers: add method to get hypervisor PID
c17dd11 versions: Update qemu-lite hash
a614273 virtcontainers: Improve debug when create/delete files
84b7165 versions: use clear linux latest rootfs.
81c7a96 Makefile: Set ARCH in GOPATH not set mode
96e524d shimv2: Send task events to containerd/cri
bb99e41 virtcontainers: Fix Store related vm factory leak
7b0376f virtcontainers: Fix container.go cyclomatic complexity
f8e7e30 virtcontainers: Remove the resource storage original implementation
fad23ea virtcontainers: Conversion to Stores
962e1e6 pullapprove: remove it
2ecffda virtcontainers: store: Add a ItemLock API
6e9256f virtcontainers: store: Add a Raw API
c25c608 virtcontainers: store: Add a VC specific Store
ef11bf5 virtcontainers: store: Add a Delete API
f2ab58d virtcontainers: store: Implement the filesystem backend
d22cdf2 virtcontainers: store: Add an internal backend interface
6b87ecf virtcontainers: store: Keep track of newly created Stores
efd50ec virtcontainers: Add a Store manager
4be76e9 virtcontainers: Initial Store implementation
2affa1f virtcontainers: Reduce hyperstart agent test noise
a3eff87 virtcontainers: Make proxy startup sequence less noisy
f0312f6 virtcontainers: Reduce filesystem test noise
e402601 virtcontainers: Reduce sandbox test noise
799ac6e virtcontainers: Reduce qemu test noise
560902c virtcontainers: Reduce kata_agent test noise
2093fe6 virtcontainers: Reduce cc_proxy mock test noise
79ed088 virtcontainers: Reduce hyperstart mock test noise
be0726c runtime: Do not error if only initrd/rootfs image installed
7222f53 snap: add snapcraft store banner
4f51687 kata-env: kata-env error out when there is no VERSION_ID.
a48e614 ci: Add a CODEOWNERS file for github ack checks
b1c6667 vendor: Update govmm vendoring
b0986a5 ppc64le: Fix vCPU hotplug issue
68043b5 cli: set config options before showing config paths
f1a12ce shimv2: use the runtime config file passed from containerd/cri
18dcd2c virtcontainers: Decouple the network API from the sandbox one
b39cb1d virtcontainers: Remove the network interface
a02c39e Makefile: Set arch regardless of GOPATH state
d78a62d factory: do not destroy vm factory when checking status
718488b makefile: honor DESDIR on install
c93aa53 runtime: Check SMT=on/off only for P8 or lesser
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
The cause that make "sudo make install" fail is not "GOPATH not set",
but no go command in path.
But the commit still keep the "GOPATH not set" because
execute "unset GOPATH; make" will fail because "go build" cannot work
without GOPATH.
Fixes: #1285
Signed-off-by: Hui Zhu <teawater@hyper.sh>
Since arch-specific func getExpectedHostDetails holds undefined struct
field SupportVSocks on arm64, unit test TestEnvGetEnvInfoSetsCPUType,
TestEnvGetHostInfo and so on failed.
I'm trying to use generic func genericgetExpectedHostDetails on arm64
to avoid similar issues.
Fixes: #1287
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
We were grabbing a running total of quota and period for each container
and then calculating the number of resulting vCPUs. Summing period
doesn't make sense. To simplify, let's just calculate mCPU per
container, keep a running total of mCPUs requested, and then translate
to sandbox vCPUs after.
Fixes: #1292
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Now that we have been moved the CI to ubuntu 18.04, we need to update the
README.
Fixes#1300
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
Adds uscan key/values for all items with a Version field that are pulled
from a repo with version info (such as github) so we can perform
automated upstream version update checks.
Fixes: #1250
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
We have 7 types of endpoints, but forget ipvlan in unmarshal funciton.
So add it and refactor for cyclomatic complexity reason.
Fixes#1254
Signed-off-by: Ruidong Cao <caoruidong@huawei.com>
sandbox cgroup use V1NoConstraints, this only create memory subsystem,
but when delete, load parent cgroup always use `cgroups.V1`, so other
subsystem path can not be find, sandbox cgroup can not be deleted.
Fixes: #1263
Signed-off-by: Ace-Tang <aceapril@126.com>
We need to bump the kernel version from 4.14.67 to 4.19.24 in order
to follow the recent kernel config bump.
Fixes#618Fixes#1029
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Commit affd6e3216 ("devices: add reference
count for devices.") introduced an attach count for devices. The
vhost-user-blk device increments the counter instead of decrementing it
when detaching.
Fixes: #1259
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Sometimes qemu/qmp commands error out and VM files
get left behind on the host filesystem. Clen them up
irrespective of `stopSandbox` succeeds or fails.
Fixes: #1246
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
container is killed by force, container's state MUST change its state to stop
immediately to avoid leaving it in a bad state.
fixes#1088
Signed-off-by: Julio Montes <julio.montes@intel.com>
All containers run in different cgroups even the sandbox, with this new
implementation the sandbox cpu cgroup wil be equal to the sum of all its
containers and the hypervisor process will be placed there impacting to the
containers running in the sandbox (VM). The default number of vcpus is
used when the sandbox has no constraints. For example, if default_vcpus
is 2, then quota will be 200000 and period 100000.
**c-ray test**
http://www.futuretech.blinkenlights.nl/c-ray.html
```
+=============================================+
| | 6 threads 6cpus | 1 thread 1 cpu |
+=============================================+
| current | 40 seconds | 122 seconds |
+==============================================
| new | 37 seconds | 124 seconds |
+==============================================
```
current = current cgroups implementation
new = new cgroups implementation
**workload**
```yaml
apiVersion: v1
kind: Pod
metadata:
name: c-ray
annotations:
io.kubernetes.cri.untrusted-workload: "true"
spec:
restartPolicy: Never
containers:
- name: c-ray-1
image: docker.io/devimc/c-ray:latest
imagePullPolicy: IfNotPresent
args: ["-t", "6", "-s", "1600x1200", "-r", "8", "-i",
"/c-ray-1.1/sphfract", "-o", "/tmp/output.ppm"]
resources:
limits:
cpu: 6
- name: c-ray-2
image: docker.io/devimc/c-ray:latest
imagePullPolicy: IfNotPresent
args: ["-t", "1", "-s", "1600x1200", "-r", "8", "-i",
"/c-ray-1.1/sphfract", "-o", "/tmp/output.ppm"]
resources:
limits:
cpu: 1
```
fixes#1153
Signed-off-by: Julio Montes <julio.montes@intel.com>
cpu cgroups are container's specific hence all containers even the sandbox
should be able o create, delete and update their cgroups. The cgroup crated
matches with the cgroup path passed by the containers manager.
fixes#1117fixes#1118fixes#1021
Signed-off-by: Julio Montes <julio.montes@intel.com>
