mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-08-31 16:36:38 +00:00
6648c8c7fc
- backport 2.0-dev commits to stable-2.0.0dbfe85esnap: install libseccomp-dev0c3b6a9package: drop qemu-virtiofs shimf751c98packaging: install virtiofsd for normal qemu build as well08361c5runtime: enable virtiofs by defaultda9bfb2runtime: Pass `--thread-pool-size=1` to virtiofsd7347d43packaging: Apply virtiofs performance related fixes to 5.xc7bb1e2tools: Improve agent-ctl READMEe6f7dddtools: Make agent-ctl support more APIs46cfed5tools: Remove commented out code in agent-ctl81fb2c9tools: Log request in agent-ctl tool if debug enabled0c43215tools: Rename agent-ctl command to GetGuestDetails6511ffetools: Fix comment in agent-ctlee59378kernel: update to 5.4.71ef11213config: make virtio-fs part of standard kernel1fb6730agent: remove `unwrap()` for `e.as_errno()`05e9fe0agent: Use `?` instead of `match` when the error returns directlyd658129kata-monitor: use regexp to check if runtime is kata containersae2d89eagent: use anyhow `context` to attach context to `Error` instead of `match`095d4adagent: remove useless matchbd816dfagent: Use `ok_or_else` instead of match for Option -> Resultd413bf7agent: Fix crasher if AddARPNeighbors request empty76408c0agent: Fix crasher if UpdateRoutes request empty6e4da19agent: Fix crasher if UpdateInterface request empty8f8061dagent: replace `match Result` with `or_else`64e4b2fagent: replace unnecessary `match Result` with `map_err`7c0d68fagent: replace check! with map_err for readability82ed34aagent: remove `check!` in child process because we cant' see logs.9def624agent: replace `if let Err` with `or_else`6926914agent: refactor namespace::setup to optimize error handlinge733c13agent: replace `if let Err` with `map_err`ba069f9rustjail: add length check for uid_mappings in rootless euid mappingcc8ec7bversions: Update Kubernetes, containerd, cri-o and cri-tools8a364d2annotations: Correct unit tests to validate new protections0cc6297annotations: Split addHypervisorOverrides to reduce complexityb6059f3annotations: Add unit test for checkPathIsInGlobsc6afad2annotations: Add unit test for regexpContains function451608fmakefile: Add missing generated vars to `USER_VARS`8328136makefile: Improve names of config entries for annotation checksa92a630annotations: Give better names to local variabes in search functions997f7c4annotations: Rename checkPathIsInGlobList with checkPathIsInGlobs74d4065config: Add better comments in the template files73bb3fdconfig: Whitelist hypervisor annotations by name5a587baconfig: Use glob instead of regexp to match paths in annotations29f5decannotations: Fix typo in commentd71f9e1config: Add makefile variables for path lists28c386cconfig: Protect file_mem_backend against annotation attacksc2a186bconfig: Protect vhost_user_store_path against annotation attacks8cd094cconfig: Add security warning on configuration examplesb5f2a1econfig: Protect ctlpath from annotation attack2d65b3bconfig: Protect jailer_path annotationfe5e1cfconfig: Add examples for path_list configuration3f7bcf5annotations: Simplify negative logic80144fcconfig: Add hypervisor path override through annotations2f5f356config: Fix typo in function name2faafbdconfig: Protect virtio_fs_daemon annotation9e5ed41config: Add 'List' alternates for hypervisor configuration pathsb33d4feagent: fix panic on malformed device resource in container update1838233cpuset: add cpuset pkgbfbbe8bcpuset: don't set cpuset.mems in the guest5c21ec2sandbox: consider cpusets if quota is not enforced9bb0d48cpuset: support setting mems for sandbox64a2ef6virtcontainers: add method for calculating cpuset for sandboxa441f21cpuset: add cpuset pkgce54090docs: Update upgrading guidee884fefdocs: update the build kata containers kernel document9c16643agent/device: Check type as well as major:minor when looking up devices4978c90agent/device: Index all devices in spec before updating thema7ba362agent/device: Forward port update_spec_device_list() unit test230a983agent/device: update_spec_device_list() should error if dev not founda6d9fd4sandbox: don't constrain cpus, mem only cpuset, devices8f0cb2fcgroups: add ability to update CPUSetcbdae44agent: fix errorneous parsing for guest block size97acaa8docs: Add containerd install guide2324666agent: use ok_or/map_err instead of matchebe5ad1rustjail: use Iterator to manipulate vector elementsc9497c8rustjail: delete codes commented outd5d9928rustjail: delete unused test codef70892aagent: use chain of Result to avoid early returnab64780agent: update not accurate comments9e064baagent: use macro to simplify parse_cmdline function in config.rs42c48f5agent: add blank lines between methodsd3a36faagent: delete unused field in agentServicefa54660agent: use no-named closure to reduce codesefddcb4agent: use a local fn to reduce duplicated codes7bb3e56packaging: fix cloud-hypervisor binary path7b53041packaging: fix missing cloud_hypervisor_repo38212bapackaging: apply qemu v5.1 stable fixesfb7e9b4agent: fix aarch64 build0cfcbf7docs: add namespace key to pod/container config files997f1f6docs: Add crictl example json filesf60f43aruntime: Clear the VCMock 1.x API Methods from 2.01789527ci: snap: add event filtering999f67dagent: do not follow link when mounting container proc and sysfscb2255fagent: set init process non-dumpable2a6c9eeagent-ctl: include cargo lock updateseaff5deversions: add plugins section4f1d23bvirtiofs: Disable DAX6d80df9snap: specify python versiona116ce0osbuilder: Create target directory for agent4dc3bc0rust-agent: Treat warnings as error8f7a484rust-agent: Identify unused results in testsce54e5drust-agent: Log returned errors rather than ignore them9adb7b7rust-agent: Remove unused imports73ab9b1rust-agent: Report errors to caller if possible4db3f9erust-agent: Ignore write errors while writing to the logs19cb657rust-agent: Remove unused code that has undefined behavior86bc151rust-agent: Remove 'mut' where not needed8d8adb6rust-agent: Remove uses of deprecated functions76298c1rust-agent: Remove or rename unused parameters7d303ecrust-agent: Remove or rename unused variablese0b79ebrust-agent: Remove unused functions8ed61b1rust-agent: Remove useless bracescc4f02erust-agent: Remove unused macrosace6f1eclh: Support VFIO device unplug47cfeaaclh: Remove unnecessary VmmPing63c4757versions: cloud-hypervisor: Bump to version 6d30fe05059b89cdocs: Change kata_tap0 to tap0_kata4ff3ed5docs: update networking descriptionde8dcb1dev-guide: update kata-agent install detailsc488cc4docs: Update docs for enabling agent debug consolee5acb12docs: update dev guide for agent build1bddde7ci: add github action to test the snap9517b0aversions: cloud-hypervisor: bump versionf5a7175runtime: cloud-hypervisor: tag openapi-generator-cli container Signed-off-by: Ubuntu <ubuntu@ip-172-31-19-197.ap-southeast-1.compute.internal>
Kata Containers
Welcome to Kata Containers!
The purpose of this repository is to act as a "top level" site for the project. Specifically it is used:
-
To provide a list of the various other Kata Containers repositories, along with a brief explanation of their purpose.
-
To provide a general area for Raising Issues.
Raising issues
This repository is used for raising issues:
-
That might affect multiple code repositories.
-
Where the raiser is unsure which repositories are affected.
Note:
- If an issue affects only a single component, it should be raised in that components repository.
Kata Containers repositories
CI
The CI repository stores the Continuous Integration (CI) system configuration information.
Community
The Community repository is the first place to go if you want to use or contribute to the project.
Code Repositories
Kata Containers-developed components
Agent
The kata-agent runs inside the
virtual machine and sets up the container environment.
KSM throttler
The kata-ksm-throttler
is an optional utility that monitors containers and deduplicates memory to
maximize container density on a host.
Runtime
The kata-runtime is usually
invoked by a container manager and provides high-level verbs to manage
containers.
Trace forwarder
The kata-trace-forwarder is a component only used
when tracing the agent process.
Additional
Hypervisor
The qemu hypervisor is used to
create virtual machines for hosting the containers.
Kernel
The hypervisor uses a Linux* kernel to boot the guest image.
Documentation
The docs directory holds documentation common to all code components.
Packaging
We use the packaging to create packages for the system components including rootfs and kernel images.
Test code
The tests repository hosts all test code except the unit testing code (which is kept in the same repository as the component it tests).
Utilities
OS builder
The osbuilder tool can create a rootfs and a "mini O/S" image. This image is used by the hypervisor to setup the environment before switching to the workload.
kata-agent-ctl
kata-agent-ctl is a low-level test tool for
interacting with the agent.
Web content
The www.katacontainers.io repository contains all sources for the https://www.katacontainers.io site.
Credits
Kata Containers uses packagecloud for package hosting.