Re-implement image builder script to generate an image with a double MBR +
a DAX metadata. The DAX metadata is read by the NVDIMM driver to know the
beginning of the data in the pmem device.
This new image format is required to enable DAX in the kernels and hypervisors
that support NVDIMM, without breaking the compatibility with the kernels and
hypervisors that don't support it.
Following diagram shows how the resulting image will look like
```
.-----------.----------.---------------.-----------.
| 0 - 512 B | 4 - 8 Kb | 2M - 2M+512B | 3M |
|-----------+----------+---------------+-----------+
| MBR #1 | DAX | MBR #2 | Rootfs |
'-----------'----------'---------------'-----------+
| | ^ | ^
| '-data-' '--------'
| |
'--------rootfs-partition---------'
```
MBR: Master boot record.
DAX: Metadata required by the NVDIMM driver to enable DAX in the guest [1][2]
(struct nd_pfn_sb).
Rootfs: partition that contains the root filesystem (/usr, /bin, etc).
Kernels and hypervisors that support DAX/NVDIMM read the MBR #2,
otherwise MBR #1 is read.
[1] - https://github.com/kata-containers/osbuilder/blob/master/image-builder/\
nsdax.gpl.c
[2] - https://github.com/torvalds/linux/blob/master/drivers/nvdimm/pfn.hfixes#263
Signed-off-by: Julio Montes <julio.montes@intel.com>
KVM virtual PTP in linux kernel allows guest to sync its
clock to the host clock with high precision. kvm-ptp has been
enabled in our kernel. Add this as a source for `chrony` so that
it can be used to sync the guest system clock.
`chrony` needs to be started in the guest for time sync.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
With the old code it was possible to see odd messages like:
"INFO: Create root disk image. Attempt 6 out of 5."
Move the attempt number print to after we check against the max
Fixes#251
Signed-off-by: Matt Fischer <matt@mattfischer.com>
debian config seems to be missing PACKAGE variable altogether.
Add it along with appending chrony to the list.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
chrony will be used to schronize guest clock with host
using kvm_ptp kernel driver.
This does add another active component to the rootfs
but keeping time scychorized is crucial.
Fixes#255
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
We need to modify this test in order to handle firecracker.
Fixes#248
Depends-on:github.com/kata-containers/osbuilder#247
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
- image-builder: fill out device namespace information into kata image
- tests: install kata components from master
- tests: skip euleros
- arch: Remove calls to arch command
- pullapprove: remove it
- memory_hotplug: MEM_BOUNDARY_MB should be arch-dependent
726f798 image-builder: fill out device namespace information into kata image
cbe5642 image-builder: add gcc as dependecy to generate the image
7620066 image-builder: sync rootfs data after copying it into the image
dc5bc07 image-builder: fix mem boundary recalculation
71ccc0a mage-builder: remove -s option and IMG_SIZE envar
8065bb6 rootfs-builder: delete dnf and rmp data
35588dd tests: install kata containers components from master
519bbe8 tests: remove docker before installing the newer version
b4de168 tests: skip euleros
f38c67d arch: Remove calls to arch command
8963b8e pullapprove: remove it
e4d5c1b memory_hotplug: MEM_BOUNDARY_MB should be arch-dependent
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Not all hypervisor support NVDIMM hence DAX support MUST BE enabled explicitly
setting the DAX environment variable to 'yes'
fixes#246
Signed-off-by: Julio Montes <julio.montes@intel.com>
The new NVDIMM driver implementation (kernel >= 4.16) needs to know the device
namespace information to map pages, this metadata is read from the nvdimm
namespace at 4k offset.
fixes#235
Signed-off-by: Julio Montes <julio.montes@intel.com>
gcc is required to build the binary in charge to fill out the device
namespace information (matadata) into the kata containers image.
Signed-off-by: Julio Montes <julio.montes@intel.com>
guest kernel needs 64 bytes of DRAM per 4K page of emulated PMEM, hence the
image size should be as small as possible to reduce the container's memory
footprint. The image size is recalculated automatically if it's too small
to contain the rootfs.
Signed-off-by: Julio Montes <julio.montes@intel.com>
In some distros docker is already installed and the CI fails because the newer
version can't be installed because it conflicts with the old version. Remove
old version before installing the newer version of docker.
fixes#241
Signed-off-by: Julio Montes <julio.montes@intel.com>
euleros mirrors are down almost all time, don't fail if euleros rootfs
or image can't be generated.
fixes#238
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Signed-off-by: Julio Montes <julio.montes@intel.com>
The `arch(1)` command is not available on some systems so use the
`uname(1)` command for the equivalent functionality.
Fixes#150.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
- docs: update compatibility matrix with s390
- setup: Add make and gcc as dependencies
- suse: fix port URL detection for aarch64
- s390x: set CC for fedora
- Add 'install' target to makefile
- rootfs: Bump golang version to 1.11.1
- tests: skip docker,kata install with KATA_DEV_MODE
c3d77ae docs: add s390 to the compatibility matrix
be97380 setup: Add make and gcc as dependencies
de7fe19 s390x: set CC for fedora
3366a32 README: add ARM architecture to openSUSE
804286f suse: fix port URL detection for aarch64
434fff8 rootfs_builder: Dont fail if GOPATH not defined.
1bbf1e4 rootfs: Allow use host repositories.
f994560 rootfs: Bump golang version to 1.11.1
06c8d88 makefile: Add make install
9c0773a test: avoid errors in exit_handler
eb92306 tests: skip docker,kata install with KATA_DEV_MODE
Signed-off-by: Peng Tao <bergwolf@gmail.com>
