We don't really need to unplug it from guest because we have
already stopped it. Just detach it and clean it up.
Fixes: #1968
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
This reverts commit 794e08e243.
It breaks vfio device passthru as we need to bind the device
back to host when removing the endpoint. And that is not possible
when qemu is still running (thus holding reference to the device).
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Upgrade openSUSE Leap version from 42.3 to the latest 15.1, since 42.3
version is now discontinued.
Fixes: #637
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
If guest is malfunctioning, we need a way to bail out. Add
a default timeout for most of the grpc requests so that the
runtime does not wait indefinitely.
Fixes: #1952
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
We might need to call hypervisor hotunplug to really remove
a network device. We cannot do it after stopping the VM.
Fixes: #1956
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Since the image rootfs is readonly, we
create an empty /etc/resolv.conf which
the agent would later bind-remount as
read-write.
Fixes: #345
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
Drop the bits for bridged networking in ACRN and change the default
to macvtap. We should eventually change this to tcfilter with additional
testing.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Support for loading kernel modules got merged. kmod package is needed for
loading kernel modules in the guest.
fixes#341
Signed-off-by: Julio Montes <julio.montes@intel.com>
Don't install chrony, iptables-bin and util-linux-bin when AGENT_INIT=yes,
these packages are only needed when the init process is systemd.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Fix `arch` assignment and define `Dockerfile` variable to avoid
usage of unbound variables.
fixes#671
Signed-off-by: Julio Montes <julio.montes@intel.com>
Allow to override build date with SOURCE_DATE_EPOCH
in order to make builds reproducible.
See https://reproducible-builds.org/ for why this is good
and https://reproducible-builds.org/specs/source-date-epoch/
for the definition of this variable.
Also use UTC to be independent of timezone.
This date call only works with GNU date.
Without this patch, kata-containers-initrd.img contained
varying var/lib/osbuilder/osbuilder.yaml with
version: "1.9.0-alpha0"
-rootfs-creation-time: "2019-08-06T18:40:27.402493939+0000Z"
+rootfs-creation-time: "2034-09-08T07:57:34.386990704+0000Z"
Fixes#340
Signed-off-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
Routes with proto "kernel" are routes that are automatically added
by the kernel.
It is a route added automatically when you assign an address to an
interface which is not /32.
With this commit, these routes are ignored. The guest kernel
would add these routes on the guest side. A corresponding commit on the
agent side would no longer delete these routes while updating them.
Without this commit, netlink gives an error complaining that a route
already exists when you try to add a route with the same dest subnet.
Something like:
dest: 192.168.1.0/24 device:net1 source:192.168.1.217 scope:253
dest: 192.168.1.0/24 device:net2 source:192.168.1.218 scope:253
Depends-on: github.com/kata-containers/agent#624
Fixes: #1811
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
The list of kernel modules can be passed to the runtime through the
configuration file or using OCI annotations. In both cases, a list paramentes
can be specified for each module.
fixes#1925
Signed-off-by: Julio Montes <julio.montes@intel.com>
Bring support for loading kernel modules
shortlog:
72a50ef revert: agent: sandbox_pause should get arguments from proc
ad72fe8 agent: add support for loading kernel modules
4ab32a9 vendor: dep check fixes
b8b8dac s390x: add virtio-blk-ccw support
cf20c9b ci: Allow travis to use go install script
5ffb2a6 agent: make NoPivotRoot config depend on `/` fs type
a1c9d50 make: install depends on $(TARGET)
7c97a0a agent: delete element of sandbox.deviceWatchers with right key
d0117bf release: Kata Containers 1.9.0-alpha0
4354b24 tests: Add lots of new unit tests
d4a22d1 device: Allow uevent handler to be stopped
8eb2134 config: Add parseCmdlineOption test
d4f205d device: Add extra checks
faa6cb0 mount: Fix incorrect error return
2d95c36 mount: Add test for parseMountFlagsAndOptions
5163bab console: Add debug console test
d167490 sandbox: Remove redundant check
72fc0ad mount: Improve error message
c92715f tests: Add test for getMemory
cd2f994 memory: Add extra check for memory file
458b4aa vendor: Move to a previous version for runtime-spec vendor
3cce728 vendor: Update the vendoring for github.com/opencontainers/runtime-spec
7ae6030 release: Kata Containers 1.8.0-rc0
32428bc vendor: update dependency opencontainers/runc
cfbd8c9 agent: sandbox_pause should get arguments from proc
47476d4 agent: lock subreaper agent thread
3548e65 release: Kata Containers 1.8.0-alpha2
0ead592 docs: Fix capitalization
9b59925 mount: Virtio-blk container rootfs mount for ACRN hypervisor
cf50209 release: Kata Containers 1.8.0-alpha1
0666ef0 release: Kata Containers 1.8.0-alpha0
ca2f724 grpc: add unit test for onlineResources function
06a0743 tmp: Add tmp.mount to kata-containers.target
353263d docs: Fix typos and formatting
5064045 docs: Add missing document link
c66349b mount: Add a proper rollback path to addStorages()
5583acd release: Kata Containers 1.7.0
5f9df74 updateInterface: enable hot-add nic on arm64
86ca8e0 vendor: update gogo/protobuf to v1.2.1
c9343fb release: Kata Containers 1.7.0-rc1
560dc87 vendor: update vsock package version
0af7173 agent: support debug console
d9aa453 proto: add network stats
3169c9b docs: Fix markdown in TRACING.md
8aa2880 release: Kata Containers 1.7.0-alpha1
2ada1d1 agent: Display trace details
cb32d28 test: Fix mockContainer
3e12793 agent: Fix container creation
6e558f7 vendor: Update libcontainer vendoring
7fbd860 agent: send SIGKILL instead of SIGTERM to container init process
8847998 agent: Add support for local storage
8b34aaf make: Add build option STATIC=1 to statically link
01b1cb2 travis: Use xenial
d815c97 lint: Update code to handle lint issues
828b417 ci: Update travis go version from 1.10 to 1.11
f61ca8a release: Kata Containers 1.7.0-alpha0
bdf2290 ci: travis: checkout test repo to correct branch
209aa2f agent: Fix "agent grpc server quits" show wrong error
2af3599 channel: Check for channel type in kernel cmdline options
8187461 vendor: use latest github.com/mdlayher/vsock
39696c0 vendor: Revert "vendor: Update libcontainer vendoring"
7866668 agent: Revert "agent: Fix container creation"
8f893b9 test: Revert "test: Fix mockContainer"
49e5847 systemd-target: Add chronyd.service to kata-containers.target
0bf9d1e make: Install systemd targets in systemd unit dir
85e0942 docs: Explain shutdown behaviour with tracing
99d6118 docs: Define "VM" in tracing doc
353ec2d service: Fix user initiated shutdown with static tracing
Signed-off-by: Julio Montes <julio.montes@intel.com>
Currently kata sets the init process to systemd even when it isn't installed,
the criteria to determinate whether systemd is used as init or not
is very odd, since kata only checks whether the `image` option is set in the
configuration file, unfortunately not all images have systemd installed.
Instead kata should rely on the guest kernel and `osbuilder` to use the right
init process. `osbuilder` creates a symbolic link to `systemd` or `kata-agent`
depending on the `AGENT_INIT` environment variable.
fixes#1937
Signed-off-by: Julio Montes <julio.montes@intel.com>
The job to wait for packages are built is failing randomly.
Seems that sometimes the command is not returning and expected
out out and may be mask by the
`while osc pr | grep; done`
This probably can fail at osc pr but because it failed at
osc and not grep we consider is working.
- We check for more states that we consider not ready,
like excluded or blocked.
First query the result, if fail the script will stop,
if not then try to find the string `state=building`.
Additionally, check for failed jobs in the same query to
stop the job earlier.
Fixes: #665
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Fixes: #1929
in containerd-kata-v2, container can only be deleted in Delete
interface, or other shim operates(like kill/delete) all fails
since can not get container info.
Signed-off-by: Ace-Tang <aceapril@126.com>
We start virtiofsd in foreground (-f option), so we should wait for it
to reclaim its resources to avoid zombie process when qemu or virtiofsd
got killed unexpectedly.
Fixes: #1934
Signed-off-by: Eryu Guan <eguan@linux.alibaba.com>
OBS fails because of a syntax error in debian.rules
```
/bin/sh: 1: Syntax error: end of file unexpected (expecting "fi")
```
Signed-off-by: Julio Montes <julio.montes@intel.com>
