Run new script in arm server to build kernel, then find a minor
typo. An extra "/" in the end of default_kernel_config_dir will
cause error:
ERROR: failed to find default config
../src/github.com/kata-containers/packaging/kernel/configs//aarch64_kata_kvm_4.14.x
Signed-off-by: Wei Chen <wei.chen@arm.com>
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
As we had dicussed in issue#140:
https://github.com/kata-containers/documentation/issues/140
We have normalized output for x86_64, arm64 and ppc64. And
James had implemented a kata-arch.sh in tests/.ci :
https://github.com/kata-containers/tests/blob/master/.ci/kata-arch.sh
But in build-kernel.sh the setup-kernel function had used the
"uname -m" output as target-arch directly, this will cause the
following scripts can't find kernel config files.
Fixed#111
Signed-off-by: Wei Chen <wei.chen@arm.com>
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
shift $((OPTIND-1)) can be unsafe.To prevent unwanted
word-splitting all parameter expansions should be
double-quoted. Use the safe form for the command:
shift "$((OPTIND-1))"
Fixes: #109
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
After upgrading the kernel to latest 4.14.x kernel, there are new
kconfig options that need users to select in install-kata-kernel.sh.
the prompt will block the script. We update this config file to give
user a good defined default config.
The new kconfig options are about, “Meltdown” and “Spectre”. So I
selected them to yes by default in this config file:
CONFIG_ARM64_ERRATUM_1024718=y
CONFIG_QCOM_FALKOR_ERRATUM_E1041=y
CONFIG_UNMAP_KERNEL_AT_EL0=y
CONFIG_HARDEN_BRANCH_PREDICTOR=y
CONFIG_ARM64_SSBD=y
Fixed#106
Signed-off-by: Wei Chen <wei.chen@arm.com>
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Build image with agent and osbuilder with master by default.
If want to build a release tag just use -v <version> and
will use that osbuilder and agent tag.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
a few qemu options generated by configure-hypervisor.sh were only
suitable for amd64, leading compilation err in aarch64.
Fixes: #92
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Wei Chen <Wei.Chen@arm.com>
Make sure kernel config version is validated on test.
Also, increse Kata Kernel config version.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Today we have instructions to build the kernel
but there are a lot of manual steps to get one kernel.
This tries to automate the process to setup a kernel
for kata.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Now that initial files for kata-deploy have merged, we
have an initial image on dockerhub. s/egernst/katadocker
Fixes: #100
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
A Dockerfile is created and reference daemonsets are also
provided for deploying Kata Containers onto a running Kubernetes
cluster. A few daemonsets are introduced:
1) runtime-labeler: This daemonset will create a label on each node in
the cluster identifying the CRI shim in use. For example,
container-runtime=crio or container-runtime=containerd.
2) crio and containerd kata installer: Assuming either CRIO or
containerd is the CRI runtime on the node (determined based on label
from (1),, either the crio or containerd variant will execute. These daemonsets
will install the VM artifacts and host binaries required for using
Kata Containers. Once installed, it will add a node label kata-runtime=true
and reconfigure either crio or containerd to make use of Kata for untrusted workloads.
As a final step it will restart the CRI shim and kubelet. Upon deletion,
the daemonset will remove the kata binaries and VM artifacts and update
the label to kata-runtime=cleanup.
3) crio and containerd cleanup: Either of these two daemonsets will run,
pending the container-runtime label value and if the node has label
kata-runtime=cleanup. This daemonset simply restarts crio/containerd as
well as kubelet. This was not feasible in a preStepHook, hence the
seperate cleanup step.
An RBAC is created to allow the daemonsets to modify labels on the node.
To deploy kata:
kubectl apply -f kata-rbac.yaml
kubectl apply -f kata-deploy.yaml
To remove kata:
kubectl delete -f kata-deploy.yaml
kubectl apply -f kata-cleanup.yaml
kubectl delete -f kata-cleanup.yaml
kubectl delete -f kata-rbac.yaml
This initial commit is based on contributions by a few folks on
github.com/egernst/kata-deploy
Also-by: Saikrishna Edupuganti <saikrishna.edupuganti@intel.com>
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Signed-off-by: Jon Olson <jonolson@google.com>
Signed-off-by: Ricardo Aravena <raravena@branch.io>
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Add script that will help to bump versions for all the projects.
Fixes: #49
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
the yaml file is the recipe to build a snap image
with all Kata Containers components inside.
fixes#81
Signed-off-by: Julio Montes <julio.montes@intel.com>
We populate all the conent of a OBS project.
Lets remove after we checkout to the OBS project.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Packaging scripts search for patches in a directory
called 'patches'. We store the kernel patches in a diferent place
to make easy to mantain them.
Lets do a symlink to allow the automation find the patches.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
We dont have commit when we build the pkg.
Lets define the COMMIT variable to kwnow the commit from each project.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
