We need an entry of `kata-qemu-virtiofs` on the
containerd configuration file.
In addition we need to add `kata-qemu-virtiofs` to the
shim list, so that the wrapper is created for shimv2.
Fixes: #760.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Add requirement for the user to be added to the docker group.
Observed firecracker failing due to this.
Add fixes for typos and missing spaces.
Fixes#754
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Instead of have special cases, just
bump all, bumps are check and more if are automated.
CI probbly not, but we can skip if necesary.
Fixes: #744
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
This is a experimental feature for arm64 as linux kernel has
not enable kvm ptp for arm64.
ptp_kvm need co-work from host and guest, so you need add this
patch both to your guest and host. Host kernel version is better
lower than 5.0 and higher than 4.19.
another version of this patch base on kernel v5.3 is under review in kernel upstream, refer to [1]
to see the full info.
[1] https://lkml.org/lkml/2019/8/29/80Fixes: #692
Signed-off-by: Jianyong Wu jianyong.wu@arm.com
Apply qemu/patches/virtiofsd/0001-add-time-to-seccomp.patch
to be able to build virtiofsd statically.
Fixes: #742.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
time syscall on seccomp is needed to be able to build
virtiofsd successfully.
This patch is currently not availabe upstream, so lets
add it until it becomes available.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Removes `--vsock` flag when building Firecracker since
the flag was removed as vsock is enabled by default.
Also update the path where the binaries are placed.
Fixes: #739.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Serial device was finally fully supported with firecracker on aarch64,
see details here(https://github.com/firecracker-microvm/firecracker/pull/1233).
A set of kernel configs related with 8250 compatible serial ports
should be turn on.
Fixes: #736
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Haibo Xu <haibo.xu@arm.com>
Since kernel version updated to v4.19.73, kernel config file should
also been updated accorindly.
Fixes: #736
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Haibo Xu <haibo.xu@arm.com>
Running for the first time the kata-deploy script can fail if hub
is not installed it, this will avoid this issue.
Fixes#728
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
This will allow to test local changes to the kernel as well it will allow
us to have vmlinuz or vmlinux with virtiofs.
Depends-on: github.com/kata-containers/runtime#2078
Fixes#717
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
x86 has "releases" as the release branch. For
ppc64le, we have "alpha" branch. Update the scripts
for the same.
Fixes: #704
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
Overlay and veth support wasn't included when migrating to fragment
based configs. Re-add to fix DinD use case.
Fixes: #715
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
As per the comments in security.conf, the intention was to
enable STACKPROTECTOR and STACKPROTECTOR_STRONG.
The current config leaves them unset in the final .config
and also prevents other fragments from overriding the setting.
Set both to =y as indicated in the comments.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
This adds the kata deploy for QEMU and kernel with virtio-fs 3.0
Depends-on: github.com/kata-containers/runtime#2052
Fixes#709
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
When we try to run the kata-deploy-binaries.sh script, we have a failure on
the pkglib.sh script that we can not source the versions.txt. In order to
avoid these kind of failures, we introduce to detect if this file exists and
in case that it does not, we fail the script.
Fixes#712
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
kata deploy script setup a new GOPATH to pull
a fresh environment to install kata. This script
was using the local kernel install script and not the
one in the new environment
Fixes: #706
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
