89836cd31a
[ Port from runtime commit 0dcbbd8dc113878c2aa8c78b5300e4853a7e64be ]
Highlights for cloud-hypervisor version 0.9.0 include:
virtiofs updates to new dax implementation based in qemu 5.0
Fixed random issues caused due to seccomp filters
io_uring Based Block Device Support
If the io_uring feature is enabled and the host kernel supports it then io_uring will be used for block devices. This results a very significant performance improvement.
Block and Network Device Statistics
Statistics for activity of the virtio network and block devices is now exposed through a new vm.counters HTTP API entry point. These take the form of simple counters which can be used to observe the activity of the VM.
HTTP API Responses
The HTTP API for adding devices now responds with the name that was assigned to the device as well the PCI BDF.
CPU Topology
A topology parameter has been added to --cpus which allows the configuration of the guest CPU topology allowing the user to specify the numbers of sockets, packages per socket, cores per package and threads per core.
Release Build Optimization
Our release build is now built with LTO (Link Time Optimization) which results in a ~20% reduction in the binary size.
Hypervisor Abstraction
A new abstraction has been introduced, in the form of a hypervisor crate so as to enable the support of additional hypervisors beyond KVM.
Snapshot/Restore Improvements
Multiple improvements have been made to the VM snapshot/restore support that was added in the last release. This includes persisting more vCPU state and in particular preserving the guest paravirtualized clock in order to avoid vCPU hangs inside the guest when running with multiple vCPUs.
Virtio Memory Ballooning Support
A virtio-balloon device has been added, controlled through the resize control, which allows the reclamation of host memory by resizing a memory balloon inside the guest.
Enhancements to ARM64 Support
The ARM64 support introduced in the last release has been further enhanced with support for using PCI for exposing devices into the guest as well as multiple bug fixes. It also now supports using an initramfs when booting.
Intel SGX Support
The guest can now use Intel SGX if the host supports it. Details can be found in the dedicated SGX documentation.
Seccomp Sandbox Improvements
The most frequently used virtio devices are now isolated with their own seccomp filters. It is also now possible to pass --seccomp=log which result in the logging of requests that would have otherwise been denied to further aid development.
Notable Bug Fixes
Our virtio-vsock implementation has been resynced with the implementation from Firecracker and includes multiple bug fixes.
CPU hotplug has been fixed so that it is now possible to add, remove, and re-add vCPUs (#1338)
A workaround is now in place for when KVM reports MSRs available MSRs that are in fact unreadable preventing snapshot/restore from working correctly (#1543).
virtio-mmio based devices are now more widely tested (#275).
Multiple issues have been fixed with virtio device configuration (#1217)
Console input was wrongly consumed by both virtio-console and the serial. (#1521)
Fixes: #461
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Signed-off-by: Bo Chen <chen.bo@intel.com>
|
||
|---|---|---|
| .github | ||
| ci | ||
| docs | ||
| pkg/logging | ||
| src | ||
| tools | ||
| .gitignore | ||
| .travis.yml | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| Makefile | ||
| README.md | ||
| utils.mk | ||
| VERSION | ||
| versions.yaml | ||
Kata Containers
Welcome to Kata Containers!
The purpose of this repository is to act as a "top level" site for the project. Specifically it is used:
-
To provide a list of the various other Kata Containers repositories, along with a brief explanation of their purpose.
-
To provide a general area for Raising Issues.
Raising issues
This repository is used for raising issues:
-
That might affect multiple code repositories.
-
Where the raiser is unsure which repositories are affected.
Note:
- If an issue affects only a single component, it should be raised in that components repository.
Kata Containers repositories
CI
The CI repository stores the Continuous Integration (CI) system configuration information.
Community
The Community repository is the first place to go if you want to use or contribute to the project.
Code Repositories
Kata Containers-developed components
Agent
The kata-agent runs inside the
virtual machine and sets up the container environment.
KSM throttler
The kata-ksm-throttler
is an optional utility that monitors containers and deduplicates memory to
maximize container density on a host.
Runtime
The kata-runtime is usually
invoked by a container manager and provides high-level verbs to manage
containers.
Trace forwarder
The kata-trace-forwarder is a component only used
when tracing the agent process.
Additional
Hypervisor
The qemu hypervisor is used to
create virtual machines for hosting the containers.
Kernel
The hypervisor uses a Linux* kernel to boot the guest image.
Documentation
The docs directory holds documentation common to all code components.
Packaging
We use the packaging to create packages for the system components including rootfs and kernel images.
Test code
The tests repository hosts all test code except the unit testing code (which is kept in the same repository as the component it tests).
Utilities
OS builder
The osbuilder tool can create a rootfs and a "mini O/S" image. This image is used by the hypervisor to setup the environment before switching to the workload.
kata-agent-ctl
kata-agent-ctl is a low-level test tool for
interacting with the agent.
Web content
The www.katacontainers.io repository contains all sources for the https://www.katacontainers.io site.
Credits
Kata Containers uses packagecloud for package hosting.