Let's keep all design documents in the same logical location. Updating
the file to be called 'cpu-constraints', though we may want to expand to
resource constraints going forward.
Fixes: #417
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Add a note to the developer guide explaining that the debug console
requires systemd support (hence nominally you cannot use alpine linux
for example as that doesn't use systemd).
Fixes#412.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Kata does support privileged flag but within the guest,
so explain how this works in the Limitations docs.
Fixes#362
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Change the debug console systemd job to specify the path to bash as
`/bin/bash`, *not* `/usr/bin/bash`. This unbreaks the debug console for
Ubuntu and Debian and also works for all other distros.
Fixes#410.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Don't force Docker to be kept at version 18.06 (to ensure devicemapper
is available). This feature won't be re-added by Docker and remaining on
an old version of Docker is not good from a security perspective.
Replace the pinning with a note pointing users at an issue which
provides details of alternatives to devicemapper.
Fixes#407.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Kata supports multiple configuration file locations, so update the dev
guide to tweak config settings in
`/etc/kata-containers/configuration.toml` rather than the pristine
`/usr/share/defaults/kata-containers/configuration.toml` file. The
former is read first meaning the system can be reset to a vanilla Kata
configuration by simply deleting
`/etc/kata-containers/configuration.toml`.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
The debug console systemd job needs to specify `PrivateDevices=no` to
ensure the job can access the *real* console. Without this, connecting
to the socket does not provide access to the main guest root context.
Fixes#403.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Update the how-to containerd-kata doc to support runtime option, by which
we can specify kata configure file for different kata runtime.
Fixes:#390
Signed-off-by: fupan <lifupan@gmail.com>
Unfortunately, at present we have no way of testing Kata packages for
Red Hat Enterprise Linux (RHEL) or SUSE Linux Enterprise (SLES).
Add warnings to the RHEL and SLES install guides explaining this and
advising users to exercise caution. Hopefully, we will be able to drop
this warning soon (either when we have the ability to test on RHEL/SLES
or when Kata packages are available in RHEL/SLES).
Fixes#396.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add a CODEOWNERS file so we get auto-review requests from github
for any .md file changes.
Fixes: #394
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Docker 18.09 removed devicemapper support but did not provide an
alternative. This can cause problems for users so update the install
docs to install Docker at version 18.06 (the last version that supports
devicemapper).
This is a temporary solution until either docker provide an alternative
or we find a way to work around the Docker feature being removed.
Note the extra logic required for Fedora since 18.06 is not available
for that release.
Fixes#373.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
