mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-09-16 22:39:01 +00:00
d8a333b935
[ port from runtime commit 17d265af6fc1f0913545bfa64e3e1a497f3e44c0 ] Major new functionalities added in clh v0.8.0 include Experimental Snapshot and Restore Support, Experimental ARM64 Support, 5-level guest paging support, etc. Also, there are quite some bug fixings and CLI/API changes for cleanup. More details can be found in the release note: https://github.com/cloud-hypervisor/cloud-hypervisor/releases/tag/v0.8.0. Changes: 52b83969 build, release-notes: Document 0.8.0 release 776f8fc5 build: Update Cargo.lock 3f18f93f docs: Add a guide for testing on AArch64 97a1e5e1 vmm: Exit VMM event loop after guest shutdown for AArch64 5cd1730b vmm: Configure VM on AArch64 917219fa vmm: Enable VCPU for AArch64 b5f1c912 vmm: Enable memory manager for AArch64 eeeb45bb vmm: Enable device manager for AArch64 e9488846 vm-allocator: Enable vm-allocator for AArch64 5343b0ac net_util: Fix usage of deprecated mac_address method bf37ebdc arch: x86_64: Add 5th level of paging when needed abd6204d source: Fix file permissions 02ac1820 scripts: Ensure musl-gcc is used by musl build cc85d896 tests: Extend test_*_reboot with checks on fd leaking 2ae547cf build(deps): bump vmm-sys-util from 0.6.0 to 0.6.1 f3556279 build(deps): bump serde_json from 1.0.54 to 1.0.55 dc034eb3 scripts: Only use musl for the Rust components 176d6716 build: Run musl builds in parallel to glibc builds 083189e5 build(deps): bump vcpkg from 0.2.9 to 0.2.10 2334b521 build(deps): bump syn from 1.0.30 to 1.0.31 99c99c24 build(deps): bump serde_json from 1.0.53 to 1.0.54 96a5e22b resources: kernel: Enable 5 levels of page table 653087d7 vmm: Reduce MMIO address space by 4KiB 5f0b6201 arch: x86_64: Enable CR4 LA57 feature 09fd3259 build: Use fork of vm-memory with less performance impact 5f9e079a device: Add AArch64 RTC PL031 implementation 625bab69 vmm: api: Allow to delete non-booted VMs 313883f6 remove duplicated structure InitrdConfig afe60808 build(deps): bump synstructure from 0.12.3 to 0.12.4 aa79a92c tests: Add integration test for unprivileged network 9b71ba20 vmm, vm-virtio: Stop always autogenerating a host MAC address 1f8b6fa9 net_util: Allow retrieving the MAC address from the TAP device 929d70bc net_util: Only try and enable the TAP device if it not already enabled eda9bfc7 vhost_user_fs: Replace the '--sock' parameter with '--socket' a8cdf2f0 tests,vm-virtio,vmm: Use 'socket' for all CLI/API parameters 90e7accf ch-remote: Show response body from error e436bbf3 build: Install libfdt in github cross-build workflow 2d13751d aarch64: Porting fdt related files from Firecracker 5a18dd36 aarch64: Porting AArch64 register implementation from Firecracker d605fda3 aarch64: Porting GIC source files from Firecracker ce624a6d aarch64: Add memory layout for AArch64 c7d44b88 build(deps): bump quote from 1.0.6 to 1.0.7 7c91dfae build(deps): bump proc-macro-nested from 0.1.4 to 0.1.5 17c16e5c build(deps): bump pin-project from 0.4.19 to 0.4.20 a2398742 build(deps): bump arc-swap from 0.4.6 to 0.4.7 b31fe72e build(deps): bump openssl-sys from 0.9.57 to 0.9.58 96497004 build(deps): bump dirs-sys from 0.3.4 to 0.3.5 eabf43fb Revert "tests: Extend test_*_reboot with checks on fd leaking" 7dc4e913 tests: Extend test_*_reboot with checks on fd leaking 601d898f build(deps): bump pin-project from 0.4.17 to 0.4.19 6ff107af vm-device: Switch to use get_host_address_range in vfio-ioctls 3336e801 vfio: Switch to the vfio-ioctls crate ch branch d24aa72d vfio: Rename to vfio-ioctls 53ce5298 vfio: Move the PCI implementation to the PCI crate 8f7dc735 vmm: Move Vcpu::configure() to arch crate 969e5e0b vmm: Split configure_system() from load_kernel() for x86_64 20cf21cd vmm: Change booting process to cover AArch64 requirements 61aa4615 vhost_user_net: Implement VIRTIO_RING_F_EVENT_IDX a4d377a0 vm-virtio: net: Implement VIRTIO_RING_F_EVENT_IDX f0697073 vm-virtio: net: Handle lost interrupts on restore a5596020 vm-virtio: Add some info! level debugging interrupt generation cc51fdb8 vhost_user_net: Use NetQueuePair from vm-virtio fcc62efc vm-virtio: net: Prepare NetQueuePair for use in vhost-user-net 2dbd1186 vm-virtio: net: Split network handling 237cb184 vm-virtio: net: Add further missing error reporting 36d072e6 vm-virtio: Add error propagation for TAP listener (un)registration 3151b5d8 vm-virtio: net: Refactor to support code reuse 22be88d3 build(deps): bump vfio-bindings from `887b3cf` to `f08cbcb` 6121f462 build(deps): bump vfio-bindings from `46ef9d4` to `887b3cf` b731e63a build(deps): bump ryu from 1.0.4 to 1.0.5 d2d5ccb1 build(deps): bump proc-macro2 from 1.0.17 to 1.0.18 a1b9131b build(deps): bump syn from 1.0.29 to 1.0.30 2571b279 build(deps): bump vcpkg from 0.2.8 to 0.2.9 57f477ef build(deps): bump syn from 1.0.28 to 1.0.29 8a08ea46 build(deps): bump serde_derive from 1.0.110 to 1.0.111 b8ae30d4 build(deps): bump serde from 1.0.110 to 1.0.111 0a0fb246 build(deps): bump syn from 1.0.27 to 1.0.28 bc2921b2 build(deps): bump regex from 1.3.8 to 1.3.9 917ad530 build(deps): bump regex from 1.3.7 to 1.3.8 aac87196 build(deps): bump vm-memory from 0.2.0 to 0.2.1 4c2e6054 build: Update to latest version of container c471ae94 Dockerfile: Update to latest Rust toolchain: 1.43.0 c31ad72e build: Address issues found by 1.43.0 clippy fbd1a6c5 vmm: api: Return complete error responses in handle_http_request() 0728bece vmm: seccomp: Ensure that umask() can be reprogrammed 3497eeff main: Set the umask to 0077 c1d15de7 build(deps): bump syn from 1.0.25 to 1.0.27 a4bb96d4 build(deps): bump libc from 0.2.70 to 0.2.71 bfd52ad8 build(deps): bump linux-loader from `bd01b6d` to `1af92d2` 8f1f9d9e devices: Implement InterruptController on AArch64 b32d3025 devices: Refactor IOAPIC to cover other architectures d5884180 build(deps): bump syn from 1.0.24 to 1.0.25 83c18de5 build(deps): bump proc-macro-hack from 0.5.15 to 0.5.16 7708b95e build(deps): bump syn from 1.0.23 to 1.0.24 749f2f03 build(deps): bump proc-macro2 from 1.0.15 to 1.0.17 c98d6fd0 build(deps): bump openssl-sys from 0.9.56 to 0.9.57 a9ca493b build(deps): bump proc-macro2 from 1.0.14 to 1.0.15 974c7138 build(deps): bump thiserror from 1.0.18 to 1.0.19 321c479b build(deps): bump proc-macro2 from 1.0.13 to 1.0.14 4f5c8be3 build: Added a workflow to cross-build targetting AArch64 1befae87 build: Fixed build errors and warnings on AArch64 0090ec2d build: Updated development utilities for AArch64 af8292b6 vmm, config, vhost_user_blk: remove "wce" parameter 9101bdd7 vm-virtio: block: Ensure backing file consistency dc66eee8 vhost_user_block: Ensure backing file consistency 10db2131 vm-virtio: block: Add "writeback" control to Request b94d9a30 vhost_user_backend: Allow backends to know features that can be used 9d88ba7a vhost_user_block: Use VirtioBlockConfig from vm-virtio 1fac2632 vm-virtio: Use config name as per spec 077a5c36 build(deps): bump syn from 1.0.22 to 1.0.23 a813b57f vm-virtio, vhost_user_{fs,block,backend}: Move EVENT_IDX handling 8ae7a38d build: Use same virtio-bindings version 3947809c vm-virtio: block: Ensure that VIRTIO_BLK_T_FLUSH requests actually sync ca6edafb build(deps): bump cc from 1.0.53 to 1.0.54 a7f236b8 ci: Extend snapshot/restore to validate virtio-vsock f442c62b vm-virtio: Implement Snapshottable trait for Vsock f9759988 ci: Extend snapshot/restore test with virtio-iommu 646d33fe vm-virtio: Set queue fields explicitely during restore 02cbea54 vm-virtio: Implement Snapshottable trait for Iommu 4f89cb05 build(deps): bump linux-loader from `43d1c51` to `bd01b6d` 14db7b0a build(deps): bump addr2line from 0.12.0 to 0.12.1 9f2eddd9 ci: Fix test_serial_off 7c3e19c6 vhost_user_backend, vmm: Close leaked file descriptors 35782bd9 vm-virtio: Close file descriptors created by epoll::create() 039accc1 vhost_user_net, vm-virtio: Interrupt guest when TX queue is updated c8a081e4 build(deps): bump pin-project from 0.4.16 to 0.4.17 b80a7d01 build(deps): bump vmm-sys-util from 0.5.0 to 0.6.0 e6fd6d63 vhost_user_block: Implement VIRTIO_BLK_F_FLUSH 95e3edda build(deps): bump quote from 1.0.5 to 1.0.6 d760010c build(deps): bump ppv-lite86 from 0.2.6 to 0.2.8 0cde08a7 build(deps): bump hermit-abi from 0.1.12 to 0.1.13 3adfe3fb build(deps): bump syn from 1.0.21 to 1.0.22 85aadd15 build(deps): bump proc-macro2 from 1.0.12 to 1.0.13 c764c212 build(deps): bump thiserror from 1.0.17 to 1.0.18 4366dd92 vm-virtio: block: Add support for VIRTIO_RING_F_EVENT_IDX 5a55fc07 vhost_user_fs: Fix seccomp filter for musl 391508f0 tests: Add tests checking for host MAC address setting 1b8b5ac1 vhost-user_net, vm-virtio, vmm: Permit host MAC address setting 11049401 vmm: seccomp: Add ioctl() commands interface hardware address 59e1361f net_util: tap: Add support for setting tap MAC address 68fc4329 vmm: Update seccomp filters with clock_nanosleep badf8261 build(deps): bump anyhow from 1.0.30 to 1.0.31 7b10f732 build(deps): bump cc from 1.0.52 to 1.0.53 4120a7de vhost_user_fs: Add seccomp 6aa29bdb vmm: api: Use a common handler for data actions too 0fe223f0 vmm: api: Extend VmAction to reduce code duplication 6ec605a7 vmm: api: Refactor generic action handler c652625b vmm: api: Add a default implementation for simple PUT requests a3e8bea0 vmm: api: Move HttpError enum to http module 6aab0a54 vhost_user_fs: Implement support for optional sandboxing c4bf383f vhost_user_*: Create a vhost::Listener in advance fa844865 vhost_user_fs: Allow callers to provide a fd for /proc/self/fd 831cff3f vhost_user_fs: Use a fd for /proc/self/fd instead of /proc ba4ec7fc ci: Extend snapshot_restore_test with hotplug 9e165c2c ci: Enable snapshot/restore integration test c566f1f0 build(deps): bump once_cell from 1.3.1 to 1.4.0 7ffde295 build(deps): bump backtrace from 0.3.47 to 0.3.48 e9c2dbc8 build(deps): bump anyhow from 1.0.29 to 1.0.30 9ccc7daa build, vmm: Update to latest kvm-ioctls 80aa0a75 tests: Test unplugging virtio-fs 88ec93d0 vmm: config: Add missing "id" from FsConfig parsing 0f89f5ec build(deps): bump anyhow from 1.0.28 to 1.0.29 ab3d374a build(deps): bump syn from 1.0.20 to 1.0.21 35b8992e build(deps): bump thiserror from 1.0.16 to 1.0.17 3415b11d build(deps): bump quote from 1.0.4 to 1.0.5 6989bf05 build(deps): bump backtrace from 0.3.46 to 0.3.47 2991fd2a build(deps): bump libc from 0.2.69 to 0.2.70 c37da600 vmm: Update DeviceTree upon PCI BAR reprogramming d0ae9d7c vmm: Share the DeviceTree across threads 5e9d2545 vmm: Store and restore virtio-pci BAR resources 02bd50f6 vm-virtio: Add helper to set the configuration BAR value 8a826ae2 vmm: Store and restore virtio-pci device on right PCI slot 98dac352 vmm: Add optional PCI b/d/f to each DeviceNode 1e0ebb76 pci: Allow specific PCI b/d/f to be reserved e577b64a build(deps): bump syn from 1.0.19 to 1.0.20 36bffff2 tests: Expand the test_large_memory() test to cover lots of vCPUs b9ba81c3 arch, vmm: Don't build mptable when using ACPI 16ac24d8 tests: Only test "noacpi" test when we don't build with ACPI bb8d19bb arch: Check RSDP address does not go past memory 1c44e917 build(deps): bump clap from 2.33.0 to 2.33.1 4cd2eccf build(deps): bump signal-hook from 0.1.14 to 0.1.15 308b790c vm-virtio: Implement Snapshottable trait for VirtioPciDevice 6d594286 vm-virtio: Implement Snapshottable trait for VirtioPciCommonConfig e1701f11 pci: Implement Snapshottable trait for PciConfiguration 376db311 pci: Implement Snapshottable trait for MsixConfig 52ac3779 tests: Remove network interface from test_memory_overhead b57eeb96 vhost_user_block: Add "queue_size" to --block-backend 5016fcf8 vhost_user_block: Use config::OptionParser to simplify block backend parsing 592de97f vhost_user_net: Use config::OptionParser to simplify net backend parsing f3f398eb vhost_user_block: Consolidate the vhost-user-block backend syntax 3220292d vhost_user_net: Consolidate the vhost-user-net backend syntax 0d2be3b6 build(deps): bump serde from 1.0.107 to 1.0.110 9d8754c6 build(deps): bump pin-project from 0.4.13 to 0.4.16 9bac13de build(deps): bump serde_json from 1.0.52 to 1.0.53 e8d4a13e build(deps): bump serde_derive from 1.0.107 to 1.0.110 d8f181c5 build(deps): bump futures from 0.3.4 to 0.3.5 1e44ac51 build(deps): bump serde_derive from 1.0.106 to 1.0.107 c197bd6f build(deps): bump serde from 1.0.106 to 1.0.107 475040b2 vm-virtio: Correctly reset the virtqueues d809f2fe vm-virtio: Add virtio reset() support to MmioDevice 0d720cc3 bin: ch-remote: Ensure ch-remote supports syntax it advertises 74d88c4c build(deps): bump openssl-sys from 0.9.55 to 0.9.56 9adc32a0 tests: Print out details for smaps in test_memory_overhead 250f825f tests: Check that requesting tap name for virtio-net succeeds 006da040 tests: Check tap name provided is used for vhost_user_net tests 54b3329f tests: Add tests that use (non-existing) named tap 6fde2d18 build: Strip the binaries before using/releasing them a4d23c3c build(deps): bump syn from 1.0.18 to 1.0.19 12e00c0f vmm: cpu: Retry sending signals if necessary 31bde4f5 vmm: Unpark the DeviceManager threads in shutdown 801e72ac vmm: cpu: Unpause vCPU threads 91a4a258 vmm: cpu: When coming out of the pause event check for a kill signal cd60de8f Revert "vmm: vm: Unpark the threads before shutdown when the current state is paused" 797cd13d build(deps): bump vec_map from 0.8.1 to 0.8.2 f6a71bec vmm: Add unit tests for DeviceTree 64e01684 vmm: Create new module device_tree 3b77be90 vmm: Add device_node!() macro to improve code readability 83ec716e vmm: Create breadth-first search iterator for the DeviceTree b91ab1e3 vmm: Remove the list of migratable devices 1be70372 vmm: Don't use migratable_devices for restore bc608439 vmm: Add migratable field to the DeviceNode 7fec020f vmm: Create a dedicated DeviceTree structure 14b379de vmm: Add an identifier field to DeviceNode structure 0805d458 vmm: Add support for multiple children per DeviceNode daaeba51 vmm: Change Node into DeviceNode 5c7df03e vmm: Store and restore virtio-pmem resources 2e6895d9 vmm: Store and restore virtio-fs resources 987f8215 vmm: Store and restore virtio-mmio resources 9cb1e1cc vmm: Perform MMIO allocation from virtio-mmio device creation adf29706 vmm: Create devices in different path if restoring the VM d39f91de vmm: Reorganize DeviceManager creation 89c2a586 vmm: Restore devices following the device tree 52c80cfc vmm: Snapshot and restore DeviceManager state 5b408eec vmm: Create a device tree a6fde0bb vm-device: Define a Resource b8841d7a tests: Validate vsock functionality works across a reboot fec97e05 vm-virtio, vmm: Delete unix socket on shutdown 5109f914 vmm: config: Reject attempts to use VFIO or IOMMU without PCI cb220ae1 tests: Add some debugging to test_memory_overhead eb3d9d15 build(deps): bump ssh2 from 0.8.0 to 0.8.1 59b73034 build(deps): bump failure from 0.1.7 to 0.1.8 dd0791d7 build(deps): bump pnet from 0.25.0 to 0.26.0 7660a104 build(deps): bump failure_derive from 0.1.7 to 0.1.8 327d67fa virtio-mem: Return reize error in MemEpollHandler.run bc318b64 build(deps): bump proc-macro2 from 1.0.10 to 1.0.12 5571c6af build(deps): bump signal-hook from 0.1.13 to 0.1.14 af3d0802 build(deps): bump pnet_macros from 0.25.0 to 0.26.0 678855e8 build(deps): bump term_size from 0.3.1 to 0.3.2 2a16ce7e build(deps): bump quote from 1.0.3 to 1.0.4 99e3a150 build(deps): bump backtrace-sys from 0.1.36 to 0.1.37 Signed-off-by: Bo Chen <chen.bo@intel.com> Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Kata Containers
Welcome to Kata Containers!
The purpose of this repository is to act as a "top level" site for the project. Specifically it is used:
-
To provide a list of the various other Kata Containers repositories, along with a brief explanation of their purpose.
-
To provide a general area for Raising Issues.
Raising issues
This repository is used for raising issues:
-
That might affect multiple code repositories.
-
Where the raiser is unsure which repositories are affected.
Note:
- If an issue affects only a single component, it should be raised in that components repository.
Kata Containers repositories
CI
The CI repository stores the Continuous Integration (CI) system configuration information.
Community
The Community repository is the first place to go if you want to use or contribute to the project.
Code Repositories
Kata Containers-developed components
Agent
The kata-agent runs inside the
virtual machine and sets up the container environment.
KSM throttler
The kata-ksm-throttler
is an optional utility that monitors containers and deduplicates memory to
maximize container density on a host.
Proxy
The kata-proxy is a process that
runs on the host and co-ordinates access to the agent running inside the
virtual machine.
Runtime
The kata-runtime is usually
invoked by a container manager and provides high-level verbs to manage
containers.
Shim
The kata-shim is a process that
runs on the host. It acts as though it is the workload (which actually runs
inside the virtual machine). This shim is required to be compliant with the
expectations of the OCI runtime
specification.
Trace forwarder
The kata-trace-forwarder is a component only used
when tracing the agent process.
Additional
Hypervisor
The qemu hypervisor is used to
create virtual machines for hosting the containers.
Kernel
The hypervisor uses a Linux* kernel to boot the guest image.
Documentation
The docs directory holds documentation common to all code components.
Packaging
We use the packaging to create packages for the system components including rootfs and kernel images.
Test code
The tests repository hosts all test code except the unit testing code (which is kept in the same repository as the component it tests).
Utilities
OS builder
The osbuilder tool can create a rootfs and a "mini O/S" image. This image is used by the hypervisor to setup the environment before switching to the workload.
kata-agent-ctl
kata-agent-ctl is a low-level test tool for
interacting with the agent.
Web content
The www.katacontainers.io repository contains all sources for the https://www.katacontainers.io site.
Credits
Kata Containers uses packagecloud for package hosting.