Kubelet would cleanup the pod cgroup resources and kill the processes
in the pod cgroups when it detected all of the containers in a pod exited,
thus shimv2 should close the hypervisor process once the podsandbox container
exited, otherwise, the hypervisor process would be killed by kubelet and
made shimv2 failed to shutdown the sandbox.
Fixes:#1672
Signed-off-by: lifupan <lifupan@gmail.com>
```
//the network namespace created by cni plugin
netns, err = namespaces.NamespaceRequired(ctx)
if err != nil {
return nil, errors.Wrap(err, "create namespace")
}
```
the netns is a containerd namespace concept, it not netns, event a cni
set netns for this, this is a tricky way, so remove the logic.
Fixes: #1692
Signed-off-by: Ace-Tang <aceapril@126.com>
According to CRI specs, kubelet will call StopPodSandbox()
at least once before calling RemovePodSandbox, and this call
is idempotent, and must not return an error if all relevant
resources have already been reclaimed. And in that call it will
send a SIGKILL signal first to try to stop the container, thus
once the container has terminated, here should ignore this signal
and return directly.
Fixes:#1672
Signed-off-by: lifupan <lifupan@gmail.com>
Use `kata-containers.runtime` that is the runtime binary, to
collect the data if the kata-runtime binary is not installed
fixes#1720
Signed-off-by: Julio Montes <julio.montes@intel.com>
Chrony service is not started because it requires a private temporal directory,
these directories can't be created in read-only filesystems. Create a symlink
to /tmp in /var allowing systemd to create private temporal directories.
fixes#280
Signed-off-by: Julio Montes <julio.montes@intel.com>
We need to build kata-runtime to have the correct files
in place to be able to run the static checks script.
Fixes#1716.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Remove the version of alpine used when pulling golang docker images.
This ensures the latest version of alpine is used and resolves the
maintenance issue when old versions of alpine are dropped.
Fixes: #293.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Set qemu major/minor version when
running unit test TestQemuPPC64leMemoryTopology
on ppc64le & execute the unit test accordingly.
Fixes: #1308
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
We should not let shim or proxy read guest console socket if
agent debug console is set. Otherwise when we connect to it with
socat, it reads nothing since all output is read by the shim.
Fixes: #1700
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Use only one version to install cri-contaienrd
- version could be a containerd version or a commit of the cri
repository.
Depends-on: github.com/kata-containers/tests#1400
Fixes: #1464
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
hub tool from github lets you show a particular tag that might exist in
the repostiory. Switching our tag checking logic to use that instead of
listing all tags and grepping for the one we want. For some reason the
existing grep logic always fails to return the right code and always
lands on the portion of the code to generate a new tag.
Fixes: #519
Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
nemu needs to be configured with:
`machine_type = "virt"` by default.
In addition, this commit removes
`machine_accelerators="virt"` which was added instead
of `machine_type` in a previous commit.
Fixes: #1707.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Created a skeletal set of README for the packaging areas that didn't
have them:
- Jenkins
- OBS
- QEMU
- static build tooling
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
GFM doesn't require corresponding heading hashes at the end of line -
start of lines hashes are adequate.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add missing heading names and a table of contents.
Also, folded the long lines to make them easier to edit and diff.
Fixes#501.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Fix the test case TestGetShmSizeBindMounted by
setting the right ShmSize for ppc64le.
Fixes: #1702
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
The systemd units and files that are not needed in Kata Containers,
are removed when the image is created, therefore we don't need to mask
them.
fixes#1704
Signed-off-by: Julio Montes <julio.montes@intel.com>
