diff --git a/ci/install_libseccomp.sh b/ci/install_libseccomp.sh index 5cbf8f079..b387f8255 100755 --- a/ci/install_libseccomp.sh +++ b/ci/install_libseccomp.sh @@ -28,7 +28,7 @@ workdir="$(mktemp -d --tmpdir build-libseccomp.XXXXX)" # After solving the issue, replace this code by using the `versions.yaml`. # libseccomp_version=$(get_version "externals.libseccomp.version") # libseccomp_url=$(get_version "externals.libseccomp.url") -libseccomp_version="2.5.1" +libseccomp_version="2.5.4" libseccomp_url="https://github.com/seccomp/libseccomp" libseccomp_tarball="libseccomp-${libseccomp_version}.tar.gz" libseccomp_tarball_url="${libseccomp_url}/releases/download/v${libseccomp_version}/${libseccomp_tarball}" diff --git a/docs/install/minikube-installation-guide.md b/docs/install/minikube-installation-guide.md index 7bc80b4b8..299e5fa59 100644 --- a/docs/install/minikube-installation-guide.md +++ b/docs/install/minikube-installation-guide.md @@ -55,11 +55,11 @@ Here are the features to set up a CRI-O based Minikube, and why you need them: | what | why | | ---- | --- | -| `--bootstrapper=kubeadm` | As recommended for [minikube CRI-o](https://kubernetes.io/docs/setup/minikube/#cri-o) | +| `--bootstrapper=kubeadm` | As recommended for [minikube CRI-O](https://minikube.sigs.k8s.io/docs/handbook/config/#runtime-configuration) | | `--container-runtime=cri-o` | Using CRI-O for Kata | -| `--enable-default-cni` | As recommended for [minikube CRI-o](https://kubernetes.io/docs/setup/minikube/#cri-o) | +| `--enable-default-cni` | As recommended for [minikube CRI-O](https://minikube.sigs.k8s.io/docs/handbook/config/#runtime-configuration) | | `--memory 6144` | Allocate sufficient memory, as Kata Containers default to 1 or 2Gb | -| `--network-plugin=cni` | As recommended for [minikube CRI-o](https://kubernetes.io/docs/setup/minikube/#cri-o) | +| `--network-plugin=cni` | As recommended for [minikube CRI-O](https://minikube.sigs.k8s.io/docs/handbook/config/#runtime-configuration) | | `--vm-driver kvm2` | The host VM driver | To use containerd, modify the `--container-runtime` argument: diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index b46275508..b6ac1338d 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -206,7 +206,7 @@ parts: # Install raw kernel vmlinux_path="vmlinux" - [ "${arch}" = "s390x" ] && vmlinux_path="arch/s390/boot/compressed/vmlinux" + [ "${arch}" = "s390x" ] && vmlinux_path="arch/s390/boot/vmlinux" vmlinux_name="vmlinux-${kernel_suffix}" cp "${vmlinux_path}" "${kata_kernel_dir}/${vmlinux_name}" ln -sf "${vmlinux_name}" "${kata_kernel_dir}/vmlinux.container" diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index 984e2f9a5..891e5df2d 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -1836,21 +1836,20 @@ checksum = "292a948cd991e376cf75541fe5b97a1081d713c618b4f1b9500f8844e49eb565" [[package]] name = "libseccomp" -version = "0.1.3" +version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "36ad71a5b66ceef3acfe6a3178b29b4da063f8bcb2c36dab666d52a7a9cfdb86" +checksum = "49bda1fbf25c42ac8942ff7df1eb6172a3bc36299e84be0dba8c888a7db68c80" dependencies = [ "libc", "libseccomp-sys", - "nix 0.17.0", "pkg-config", ] [[package]] name = "libseccomp-sys" -version = "0.1.1" +version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "539912de229a4fc16e507e8df12a394038a524a5b5b6c92045ad344472aac475" +checksum = "9a7cbbd4ad467251987c6e5b47d53b11a5a05add08f2447a9e2d70aef1e0d138" [[package]] name = "libz-sys" @@ -2100,19 +2099,6 @@ version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e4a24736216ec316047a1fc4252e27dabb04218aa4a3f37c6e7ddbf1f9782b54" -[[package]] -name = "nix" -version = "0.17.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50e4785f2c3b7589a0d0c1dd60285e1188adac4006e8abd6dd578e1567027363" -dependencies = [ - "bitflags", - "cc", - "cfg-if 0.1.10", - "libc", - "void", -] - [[package]] name = "nix" version = "0.23.1" @@ -3119,6 +3105,7 @@ dependencies = [ "slog", "slog-scope", "tempfile", + "test-utils", "tokio", ] @@ -4304,12 +4291,6 @@ version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" -[[package]] -name = "void" -version = "1.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a02e4885ed3bc0f2de90ea6dd45ebcbb66dacffe03547fadbb0eeae2770887d" - [[package]] name = "vsock" version = "0.2.6" @@ -4328,7 +4309,7 @@ dependencies = [ "bincode", "byteorder", "libc", - "nix 0.23.1", + "nix 0.24.2", "opentelemetry", "serde", "slog", diff --git a/src/agent/Cargo.toml b/src/agent/Cargo.toml index 3c99cb933..b55dda8a7 100644 --- a/src/agent/Cargo.toml +++ b/src/agent/Cargo.toml @@ -12,7 +12,7 @@ lazy_static = "1.3.0" ttrpc = { version = "0.6.0", features = ["async"], default-features = false } protobuf = "2.27.0" libc = "0.2.58" -nix = "0.24.1" +nix = "0.24.2" capctl = "0.2.0" serde_json = "1.0.39" scan_fmt = "0.2.3" @@ -51,7 +51,7 @@ log = "0.4.11" prometheus = { version = "0.13.0", features = ["process"] } procfs = "0.12.0" anyhow = "1.0.32" -cgroups = { package = "cgroups-rs", version = "0.2.8" } +cgroups = { package = "cgroups-rs", version = "0.2.10" } # Tracing tracing = "0.1.26" diff --git a/src/agent/rustjail/Cargo.toml b/src/agent/rustjail/Cargo.toml index 375591c9f..34f91421a 100644 --- a/src/agent/rustjail/Cargo.toml +++ b/src/agent/rustjail/Cargo.toml @@ -23,7 +23,7 @@ scan_fmt = "0.2.6" regex = "1.5.5" path-absolutize = "1.2.0" anyhow = "1.0.32" -cgroups = { package = "cgroups-rs", version = "0.2.8" } +cgroups = { package = "cgroups-rs", version = "0.2.10" } rlimit = "0.5.3" cfg-if = "0.1.0" @@ -31,11 +31,12 @@ tokio = { version = "1.2.0", features = ["sync", "io-util", "process", "time", " futures = "0.3.17" async-trait = "0.1.31" inotify = "0.9.2" -libseccomp = { version = "0.1.3", optional = true } +libseccomp = { version = "0.2.3", optional = true } [dev-dependencies] serial_test = "0.5.0" tempfile = "3.1.0" +test-utils = { path = "../../libs/test-utils" } [features] seccomp = ["libseccomp"] diff --git a/src/agent/rustjail/src/container.rs b/src/agent/rustjail/src/container.rs index 2c360cf16..5a6a456ac 100644 --- a/src/agent/rustjail/src/container.rs +++ b/src/agent/rustjail/src/container.rs @@ -1457,7 +1457,12 @@ impl LinuxContainer { linux.cgroups_path.clone() }; - let cgroup_manager = FsManager::new(cpath.as_str())?; + let cgroup_manager = FsManager::new(cpath.as_str()).map_err(|e| { + anyhow!(format!( + "fail to create cgroup manager with path {}: {:}", + cpath, e + )) + })?; info!(logger, "new cgroup_manager {:?}", &cgroup_manager); Ok(LinuxContainer { @@ -1656,12 +1661,12 @@ fn valid_env(e: &str) -> Option<(&str, &str)> { mod tests { use super::*; use crate::process::Process; - use crate::skip_if_not_root; use nix::unistd::Uid; use std::fs; use std::os::unix::fs::MetadataExt; use std::os::unix::io::AsRawFd; use tempfile::tempdir; + use test_utils::skip_if_not_root; use tokio::process::Command; macro_rules! sl { diff --git a/src/agent/rustjail/src/lib.rs b/src/agent/rustjail/src/lib.rs index aa8be08f1..c633cad2b 100644 --- a/src/agent/rustjail/src/lib.rs +++ b/src/agent/rustjail/src/lib.rs @@ -520,15 +520,6 @@ pub fn grpc_to_oci(grpc: &grpc::Spec) -> oci::Spec { #[cfg(test)] mod tests { use super::*; - #[macro_export] - macro_rules! skip_if_not_root { - () => { - if !nix::unistd::Uid::effective().is_root() { - println!("INFO: skipping {} which needs root", module_path!()); - return; - } - }; - } // Parameters: // diff --git a/src/agent/rustjail/src/mount.rs b/src/agent/rustjail/src/mount.rs index dd980530d..4670301b2 100644 --- a/src/agent/rustjail/src/mount.rs +++ b/src/agent/rustjail/src/mount.rs @@ -1072,7 +1072,6 @@ fn readonly_path(path: &str) -> Result<()> { mod tests { use super::*; use crate::assert_result; - use crate::skip_if_not_root; use std::fs::create_dir; use std::fs::create_dir_all; use std::fs::remove_dir_all; @@ -1080,6 +1079,7 @@ mod tests { use std::os::unix::fs; use std::os::unix::io::AsRawFd; use tempfile::tempdir; + use test_utils::skip_if_not_root; #[test] #[serial(chdir)] diff --git a/src/agent/rustjail/src/seccomp.rs b/src/agent/rustjail/src/seccomp.rs index 3496a45d8..d8edbcd00 100644 --- a/src/agent/rustjail/src/seccomp.rs +++ b/src/agent/rustjail/src/seccomp.rs @@ -26,12 +26,15 @@ fn get_rule_conditions(args: &[LinuxSeccompArg]) -> Result> return Err(anyhow!("seccomp opreator is required")); } - let cond = ScmpArgCompare::new( - arg.index, - ScmpCompareOp::from_str(&arg.op)?, - arg.value, - Some(arg.value_two), - ); + let mut op = ScmpCompareOp::from_str(&arg.op)?; + let mut value = arg.value; + // For SCMP_CMP_MASKED_EQ, arg.value is the mask and arg.value_two is the value + if op == ScmpCompareOp::MaskedEqual(u64::default()) { + op = ScmpCompareOp::MaskedEqual(arg.value); + value = arg.value_two; + } + + let cond = ScmpArgCompare::new(arg.index, op, value); conditions.push(cond); } @@ -44,7 +47,7 @@ pub fn get_unknown_syscalls(scmp: &LinuxSeccomp) -> Option> { for syscall in &scmp.syscalls { for name in &syscall.names { - if get_syscall_from_name(name, None).is_err() { + if ScmpSyscall::from_name(name).is_err() { unknown_syscalls.push(name.to_string()); } } @@ -60,7 +63,7 @@ pub fn get_unknown_syscalls(scmp: &LinuxSeccomp) -> Option> { // init_seccomp creates a seccomp filter and loads it for the current process // including all the child processes. pub fn init_seccomp(scmp: &LinuxSeccomp) -> Result<()> { - let def_action = ScmpAction::from_str(scmp.default_action.as_str(), Some(libc::EPERM as u32))?; + let def_action = ScmpAction::from_str(scmp.default_action.as_str(), Some(libc::EPERM as i32))?; // Create a new filter context let mut filter = ScmpFilterContext::new_filter(def_action)?; @@ -72,7 +75,7 @@ pub fn init_seccomp(scmp: &LinuxSeccomp) -> Result<()> { } // Unset no new privileges bit - filter.set_no_new_privs_bit(false)?; + filter.set_ctl_nnp(false)?; // Add a rule for each system call for syscall in &scmp.syscalls { @@ -80,13 +83,13 @@ pub fn init_seccomp(scmp: &LinuxSeccomp) -> Result<()> { return Err(anyhow!("syscall name is required")); } - let action = ScmpAction::from_str(&syscall.action, Some(syscall.errno_ret))?; + let action = ScmpAction::from_str(&syscall.action, Some(syscall.errno_ret as i32))?; if action == def_action { continue; } for name in &syscall.names { - let syscall_num = match get_syscall_from_name(name, None) { + let syscall_num = match ScmpSyscall::from_name(name) { Ok(num) => num, Err(_) => { // If we cannot resolve the given system call, we assume it is not supported @@ -96,10 +99,10 @@ pub fn init_seccomp(scmp: &LinuxSeccomp) -> Result<()> { }; if syscall.args.is_empty() { - filter.add_rule(action, syscall_num, None)?; + filter.add_rule(action, syscall_num)?; } else { let conditions = get_rule_conditions(&syscall.args)?; - filter.add_rule(action, syscall_num, Some(&conditions))?; + filter.add_rule_conditional(action, syscall_num, &conditions)?; } } } @@ -119,10 +122,10 @@ pub fn init_seccomp(scmp: &LinuxSeccomp) -> Result<()> { #[cfg(test)] mod tests { use super::*; - use crate::skip_if_not_root; use libc::{dup3, process_vm_readv, EPERM, O_CLOEXEC}; use std::io::Error; use std::ptr::null; + use test_utils::skip_if_not_root; macro_rules! syscall_assert { ($e1: expr, $e2: expr) => { diff --git a/src/agent/src/mount.rs b/src/agent/src/mount.rs index a94cf9ce9..32eaeb3aa 100644 --- a/src/agent/src/mount.rs +++ b/src/agent/src/mount.rs @@ -840,7 +840,8 @@ pub fn get_mount_fs_type_from_file(mount_file: &str, mount_point: &str) -> Resul return Err(anyhow!("Invalid mount point {}", mount_point)); } - let content = fs::read_to_string(mount_file)?; + let content = fs::read_to_string(mount_file) + .map_err(|e| anyhow!("read mount file {}: {}", mount_file, e))?; let re = Regex::new(format!("device .+ mounted on {} with fstype (.+)", mount_point).as_str())?; diff --git a/src/agent/src/rpc.rs b/src/agent/src/rpc.rs index 57cb7cf8a..17d64c3a9 100644 --- a/src/agent/src/rpc.rs +++ b/src/agent/src/rpc.rs @@ -298,7 +298,20 @@ impl AgentService { info!(sl!(), "no process configurations!"); return Err(anyhow!(nix::Error::EINVAL)); }; - ctr.start(p).await?; + + // if starting container failed, we will do some rollback work + // to ensure no resources are leaked. + if let Err(err) = ctr.start(p).await { + error!(sl!(), "failed to start container: {:?}", err); + if let Err(e) = ctr.destroy().await { + error!(sl!(), "failed to destroy container: {:?}", e); + } + if let Err(e) = remove_container_resources(&mut s, &cid) { + error!(sl!(), "failed to remove container resources: {:?}", e); + } + return Err(err); + } + s.update_shared_pidns(&ctr)?; s.add_container(ctr); info!(sl!(), "created container!"); @@ -344,27 +357,6 @@ impl AgentService { req: protocols::agent::RemoveContainerRequest, ) -> Result<()> { let cid = req.container_id.clone(); - let mut cmounts: Vec = vec![]; - - let mut remove_container_resources = |sandbox: &mut Sandbox| -> Result<()> { - // Find the sandbox storage used by this container - let mounts = sandbox.container_mounts.get(&cid); - if let Some(mounts) = mounts { - for m in mounts.iter() { - if sandbox.storages.get(m).is_some() { - cmounts.push(m.to_string()); - } - } - } - - for m in cmounts.iter() { - sandbox.unset_and_remove_sandbox_storage(m)?; - } - - sandbox.container_mounts.remove(cid.as_str()); - sandbox.containers.remove(cid.as_str()); - Ok(()) - }; if req.timeout == 0 { let s = Arc::clone(&self.sandbox); @@ -378,7 +370,7 @@ impl AgentService { .destroy() .await?; - remove_container_resources(&mut sandbox)?; + remove_container_resources(&mut sandbox, &cid)?; return Ok(()); } @@ -410,8 +402,7 @@ impl AgentService { let s = self.sandbox.clone(); let mut sandbox = s.lock().await; - - remove_container_resources(&mut sandbox)?; + remove_container_resources(&mut sandbox, &cid)?; Ok(()) } @@ -1853,6 +1844,35 @@ fn update_container_namespaces( Ok(()) } +fn remove_container_resources(sandbox: &mut Sandbox, cid: &str) -> Result<()> { + let mut cmounts: Vec = vec![]; + + // Find the sandbox storage used by this container + let mounts = sandbox.container_mounts.get(cid); + if let Some(mounts) = mounts { + for m in mounts.iter() { + if sandbox.storages.get(m).is_some() { + cmounts.push(m.to_string()); + } + } + } + + for m in cmounts.iter() { + if let Err(err) = sandbox.unset_and_remove_sandbox_storage(m) { + error!( + sl!(), + "failed to unset_and_remove_sandbox_storage for container {}, error: {:?}", + cid, + err + ); + } + } + + sandbox.container_mounts.remove(cid); + sandbox.containers.remove(cid); + Ok(()) +} + fn append_guest_hooks(s: &Sandbox, oci: &mut Spec) -> Result<()> { if let Some(ref guest_hooks) = s.hooks { let mut hooks = oci.hooks.take().unwrap_or_default(); @@ -2191,6 +2211,7 @@ mod tests { let result = load_kernel_module(&m); assert!(result.is_err(), "load module should failed"); + skip_if_not_root!(); // case 3: normal module. // normally this module should eixsts... m.name = "bridge".to_string(); diff --git a/src/agent/vsock-exporter/Cargo.toml b/src/agent/vsock-exporter/Cargo.toml index 87e66ed99..f9f63b5c4 100644 --- a/src/agent/vsock-exporter/Cargo.toml +++ b/src/agent/vsock-exporter/Cargo.toml @@ -7,7 +7,7 @@ edition = "2018" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] -nix = "0.23.0" +nix = "0.24.2" libc = "0.2.94" thiserror = "1.0.26" opentelemetry = { version = "0.14.0", features=["serialize"] } diff --git a/src/dragonball/Cargo.toml b/src/dragonball/Cargo.toml index 0f4aa582f..df8286bfe 100644 --- a/src/dragonball/Cargo.toml +++ b/src/dragonball/Cargo.toml @@ -28,7 +28,7 @@ lazy_static = "1.2" libc = "0.2.39" linux-loader = "0.4.0" log = "0.4.14" -nix = "0.23.1" +nix = "0.24.2" seccompiler = "0.2.0" serde = "1.0.27" serde_derive = "1.0.27" diff --git a/src/libs/Cargo.lock b/src/libs/Cargo.lock index 22109c31c..380f02513 100644 --- a/src/libs/Cargo.lock +++ b/src/libs/Cargo.lock @@ -404,6 +404,7 @@ dependencies = [ "serde_json", "slog", "slog-scope", + "tempfile", "thiserror", "toml", ] diff --git a/src/libs/kata-sys-util/Cargo.toml b/src/libs/kata-sys-util/Cargo.toml index eb8759e6f..fffaa676e 100644 --- a/src/libs/kata-sys-util/Cargo.toml +++ b/src/libs/kata-sys-util/Cargo.toml @@ -18,7 +18,7 @@ common-path = "=1.0.0" fail = "0.5.0" lazy_static = "1.4.0" libc = "0.2.100" -nix = "0.24.1" +nix = "0.24.2" once_cell = "1.9.0" serde_json = "1.0.73" slog = "2.5.2" diff --git a/src/libs/kata-types/Cargo.toml b/src/libs/kata-types/Cargo.toml index ce7dcaf06..24652d3ea 100644 --- a/src/libs/kata-types/Cargo.toml +++ b/src/libs/kata-types/Cargo.toml @@ -26,6 +26,8 @@ toml = "0.5.8" oci = { path = "../oci" } [dev-dependencies] +tempfile = "3" + [features] default = [] enable-vendor = [] diff --git a/src/libs/kata-types/src/config/drop_in.rs b/src/libs/kata-types/src/config/drop_in.rs new file mode 100644 index 000000000..015e284b6 --- /dev/null +++ b/src/libs/kata-types/src/config/drop_in.rs @@ -0,0 +1,384 @@ +// Copyright Red Hat +// +// SPDX-License-Identifier: Apache-2.0 +// + +pub use drop_in_directory_handling::load; + +mod toml_tree_ops { + // The following pair of functions implement toml::Value tree merging, with + // the second argument being merged into the first one and consumed in the + // process. The toml parser crate in use here doesn't support parsing into + // a pre-existing (possibly pre-filled) TomlConfig instance but can parse + // into a toml::Value tree so we use that instead. All files (base and + // drop-ins) are initially parsed into toml::Value trees which are + // subsequently merged. Only when the fully merged tree is computed it is + // converted to a TomlConfig instance. + + fn merge_tables(base_table: &mut toml::value::Table, dropin_table: toml::value::Table) { + for (key, val) in dropin_table.into_iter() { + match base_table.get_mut(&key) { + Some(base_val) => merge(base_val, val), + None => { + base_table.insert(key, val); + } + } + } + } + + pub fn merge(base: &mut toml::Value, dropin: toml::Value) { + match dropin { + toml::Value::Table(dropin_table) => { + if let toml::Value::Table(base_table) = base { + merge_tables(base_table, dropin_table); + } else { + *base = toml::Value::Table(dropin_table); + } + } + + _ => *base = dropin, + } + } + + #[cfg(test)] + mod tests { + use super::*; + + // Mock config structure to stand in for TomlConfig for low-level + // toml::Value trees merging. + #[derive(Deserialize, Debug, Default, PartialEq)] + struct SubConfig { + #[serde(default)] + another_string: String, + #[serde(default)] + yet_another_number: i32, + #[serde(default)] + sub_array: Vec, + } + + #[derive(Deserialize, Debug, Default, PartialEq)] + struct Config { + #[serde(default)] + number: i32, + #[serde(default)] + string: String, + #[serde(default)] + another_number: u8, + #[serde(default)] + array: Vec, + + #[serde(default)] + sub: SubConfig, + } + + #[test] + fn dropin_does_not_interfere_with_base() { + let mut base: toml::Value = toml::from_str( + r#" + number = 42 + "#, + ) + .unwrap(); + + let dropin: toml::Value = toml::from_str( + r#" + string = "foo" + "#, + ) + .unwrap(); + + merge(&mut base, dropin); + + assert_eq!( + base.try_into(), + Ok(Config { + number: 42, + string: "foo".into(), + sub: Default::default(), + ..Default::default() + }) + ); + } + + #[test] + fn dropin_overrides_base() { + let mut base: toml::Value = toml::from_str( + r#" + number = 42 + [sub] + another_string = "foo" + "#, + ) + .unwrap(); + + let dropin: toml::Value = toml::from_str( + r#" + number = 43 + [sub] + another_string = "bar" + "#, + ) + .unwrap(); + + merge(&mut base, dropin); + + assert_eq!( + base.try_into(), + Ok(Config { + number: 43, + sub: SubConfig { + another_string: "bar".into(), + ..Default::default() + }, + ..Default::default() + }) + ); + } + + #[test] + fn dropin_extends_base() { + let mut base: toml::Value = toml::from_str( + r#" + number = 42 + [sub] + another_string = "foo" + "#, + ) + .unwrap(); + + let dropin: toml::Value = toml::from_str( + r#" + string = "hello" + [sub] + yet_another_number = 13 + "#, + ) + .unwrap(); + + merge(&mut base, dropin); + + assert_eq!( + base.try_into(), + Ok(Config { + number: 42, + string: "hello".into(), + sub: SubConfig { + another_string: "foo".into(), + yet_another_number: 13, + ..Default::default() + }, + ..Default::default() + }) + ); + } + + // Drop-ins can change the type of a value. This might look weird but at + // this level we have no idea about semantics so we just do what the + // .toml's tell us. The final type check is only performed by try_into(). + // Also, we don't necessarily test this because it's a desired feature. + // It's just something that seems to follow from the way Value tree + // merging is implemented so why not acknowledge and verify it. + #[test] + fn dropin_overrides_base_type() { + let mut base: toml::Value = toml::from_str( + r#" + number = "foo" + [sub] + another_string = 42 + "#, + ) + .unwrap(); + + let dropin: toml::Value = toml::from_str( + r#" + number = 42 + [sub] + another_string = "foo" + "#, + ) + .unwrap(); + + merge(&mut base, dropin); + + assert_eq!( + base.try_into(), + Ok(Config { + number: 42, + sub: SubConfig { + another_string: "foo".into(), + ..Default::default() + }, + ..Default::default() + }) + ); + } + } +} + +mod drop_in_directory_handling { + use crate::config::TomlConfig; + use std::fs; + use std::io::{self, Result}; + use std::path::{Path, PathBuf}; + + fn get_dropin_dir_path(base_cfg_file_path: &Path) -> Result { + let mut dropin_dir = base_cfg_file_path.to_path_buf(); + if !dropin_dir.pop() { + return Err(io::Error::new( + io::ErrorKind::InvalidInput, + "base cfg file path too short", + )); + } + dropin_dir.push("config.d"); + Ok(dropin_dir) + } + + fn update_from_dropin(base_config: &mut toml::Value, dropin_file: &fs::DirEntry) -> Result<()> { + if !dropin_file.file_type()?.is_file() { + return Err(io::Error::new( + io::ErrorKind::Other, + "drop-in cfg file can only be a regular file or a symlink", + )); + } + let dropin_contents = fs::read_to_string(&dropin_file.path())?; + let dropin_config: toml::Value = toml::from_str(&dropin_contents)?; + super::toml_tree_ops::merge(base_config, dropin_config); + Ok(()) + } + + fn update_from_dropins(base_config: &mut toml::Value, dropin_dir: &Path) -> Result<()> { + let dropin_files_iter = match fs::read_dir(dropin_dir) { + Ok(iter) => iter, + Err(err) => { + if err.kind() == io::ErrorKind::NotFound { + return Ok(()); + } else { + return Err(err); + } + } + }; + + let mut dropin_files = dropin_files_iter.collect::>>()?; + dropin_files.sort_by_key(|direntry| direntry.file_name()); + for dropin_file in &dropin_files { + update_from_dropin(base_config, dropin_file)?; + } + Ok(()) + } + + pub fn load(base_cfg_file_path: &Path) -> Result { + let base_toml_str = fs::read_to_string(&base_cfg_file_path)?; + let mut base_config: toml::Value = toml::from_str(&base_toml_str)?; + let dropin_dir = get_dropin_dir_path(base_cfg_file_path)?; + + update_from_dropins(&mut base_config, &dropin_dir)?; + + let config: TomlConfig = base_config.try_into()?; + Ok(config) + } + + #[cfg(test)] + mod tests { + use super::*; + use std::io::Write; + + const BASE_CONFIG_DATA: &str = r#" + [hypervisor.qemu] + path = "/usr/bin/qemu-kvm" + default_bridges = 3 + [runtime] + enable_debug = true + internetworking_model="tcfilter" + "#; + + fn check_base_config(config: &TomlConfig) { + assert_eq!( + config.hypervisor["qemu"].path, + "/usr/bin/qemu-kvm".to_string() + ); + assert_eq!(config.hypervisor["qemu"].device_info.default_bridges, 3); + assert!(config.runtime.debug); + assert_eq!(config.runtime.internetworking_model, "tcfilter".to_string()); + } + + fn create_file(path: &Path, contents: &[u8]) -> Result<()> { + fs::File::create(path)?.write_all(contents) + } + + #[test] + fn test_no_dropins_dir() { + let tmpdir = tempfile::tempdir().unwrap(); + + let config_path = tmpdir.path().join("runtime.toml"); + create_file(&config_path, BASE_CONFIG_DATA.as_bytes()).unwrap(); + + let config = load(&config_path).unwrap(); + check_base_config(&config); + } + + #[test] + fn test_no_dropins() { + let tmpdir = tempfile::tempdir().unwrap(); + + let config_path = tmpdir.path().join("runtime.toml"); + create_file(&config_path, BASE_CONFIG_DATA.as_bytes()).unwrap(); + + let dropin_dir = tmpdir.path().join("config.d"); + fs::create_dir(&dropin_dir).unwrap(); + + let config = load(&config_path).unwrap(); + check_base_config(&config); + } + + #[test] + fn test_dropins() { + let tmpdir = tempfile::tempdir().unwrap(); + + let dropin_data = r#" + [hypervisor.qemu] + default_vcpus = 2 + default_bridges = 4 + shared_fs = "virtio-fs" + [runtime] + sandbox_cgroup_only=true + internetworking_model="macvtap" + vfio_mode="guest-kernel" + "#; + + let dropin_override_data = r#" + [hypervisor.qemu] + shared_fs = "virtio-9p" + [runtime] + vfio_mode="vfio" + "#; + + let config_path = tmpdir.path().join("runtime.toml"); + create_file(&config_path, BASE_CONFIG_DATA.as_bytes()).unwrap(); + + let dropin_dir = tmpdir.path().join("config.d"); + fs::create_dir(&dropin_dir).unwrap(); + + let dropin_path = dropin_dir.join("10-base"); + create_file(&dropin_path, dropin_data.as_bytes()).unwrap(); + + let dropin_override_path = dropin_dir.join("20-override"); + create_file(&dropin_override_path, dropin_override_data.as_bytes()).unwrap(); + + let config = load(&config_path).unwrap(); + assert_eq!( + config.hypervisor["qemu"].path, + "/usr/bin/qemu-kvm".to_string() + ); + assert_eq!(config.hypervisor["qemu"].cpu_info.default_vcpus, 2); + assert_eq!(config.hypervisor["qemu"].device_info.default_bridges, 4); + assert_eq!( + config.hypervisor["qemu"].shared_fs.shared_fs.as_deref(), + Some("virtio-9p") + ); + assert!(config.runtime.debug); + assert!(config.runtime.sandbox_cgroup_only); + assert_eq!(config.runtime.internetworking_model, "macvtap".to_string()); + assert_eq!(config.runtime.vfio_mode, "vfio".to_string()); + } + } +} diff --git a/src/libs/kata-types/src/config/mod.rs b/src/libs/kata-types/src/config/mod.rs index 52c9a0e3c..204adf034 100644 --- a/src/libs/kata-types/src/config/mod.rs +++ b/src/libs/kata-types/src/config/mod.rs @@ -19,6 +19,7 @@ use crate::{eother, sl}; pub mod default; mod agent; +mod drop_in; pub mod hypervisor; pub use self::agent::Agent; @@ -94,21 +95,15 @@ impl TomlConfig { /// If `config_file` is valid, it will used, otherwise a built-in default path list will be /// scanned. pub fn load_from_file>(config_file: P) -> Result<(TomlConfig, PathBuf)> { - let file_path = if !config_file.as_ref().as_os_str().is_empty() { - fs::canonicalize(config_file)? - } else { - Self::get_default_config_file()? - }; + let mut result = Self::load_raw_from_file(config_file); + if let Ok((ref mut config, _)) = result { + Hypervisor::adjust_config(config)?; + Runtime::adjust_config(config)?; + Agent::adjust_config(config)?; + info!(sl!(), "get kata config: {:?}", config); + } - info!( - sl!(), - "load configuration from: {}", - file_path.to_string_lossy() - ); - let content = fs::read_to_string(&file_path)?; - let config = Self::load(&content)?; - - Ok((config, file_path)) + result } /// Load raw Kata configuration information from configuration files. @@ -127,13 +122,15 @@ impl TomlConfig { "load configuration from: {}", file_path.to_string_lossy() ); - let content = fs::read_to_string(&file_path)?; - let config: TomlConfig = toml::from_str(&content)?; + let config = drop_in::load(&file_path)?; Ok((config, file_path)) } /// Load Kata configuration information from string. + /// + /// This function only works with `configuration.toml` and does not handle + /// drop-in config file fragments in config.d/. pub fn load(content: &str) -> Result { let mut config: TomlConfig = toml::from_str(content)?; Hypervisor::adjust_config(&mut config)?; diff --git a/src/runtime-rs/Cargo.lock b/src/runtime-rs/Cargo.lock index e0ba83826..cff1dd223 100644 --- a/src/runtime-rs/Cargo.lock +++ b/src/runtime-rs/Cargo.lock @@ -99,6 +99,52 @@ version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8da52d66c7071e2e3fa2a1e5c6d088fec47b593032b254f5e980de8ea54454d6" +[[package]] +name = "async-macros" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e421d59b24c1feea2496e409b3e0a8de23e5fc130a2ddc0b012e551f3b272bba" +dependencies = [ + "futures-core-preview", + "pin-utils", +] + +[[package]] +name = "async-std" +version = "0.99.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44501a9f7961bb539b67be0c428b3694e26557046a52759ca7eaf790030a64cc" +dependencies = [ + "async-macros", + "async-task", + "crossbeam-channel 0.3.9", + "crossbeam-deque", + "crossbeam-utils 0.6.6", + "futures-core", + "futures-io", + "futures-timer 1.0.3", + "kv-log-macro", + "log", + "memchr", + "mio 0.6.23", + "mio-uds", + "num_cpus", + "once_cell", + "pin-project-lite 0.1.12", + "pin-utils", + "slab", +] + +[[package]] +name = "async-task" +version = "1.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ac2c016b079e771204030951c366db398864f5026f84a44dafb0ff20f02085d" +dependencies = [ + "libc", + "winapi 0.3.9", +] + [[package]] name = "async-trait" version = "0.1.56" @@ -280,7 +326,7 @@ dependencies = [ "num-integer", "num-traits", "time 0.1.43", - "winapi", + "winapi 0.3.9", ] [[package]] @@ -294,8 +340,9 @@ dependencies = [ "kata-sys-util", "kata-types", "lazy_static", - "nix 0.24.1", + "nix 0.24.2", "oci", + "persist", "protobuf", "serde_json", "slog", @@ -353,6 +400,15 @@ dependencies = [ "cfg-if 1.0.0", ] +[[package]] +name = "crossbeam-channel" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8ec7fcd21571dc78f96cc96243cab8d8f035247c3efd16c687be154c3fa9efa" +dependencies = [ + "crossbeam-utils 0.6.6", +] + [[package]] name = "crossbeam-channel" version = "0.5.4" @@ -360,7 +416,54 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5aaa7bd5fb665c6864b5f963dd9097905c54125909c7aa94c9e18507cdbe6c53" dependencies = [ "cfg-if 1.0.0", - "crossbeam-utils", + "crossbeam-utils 0.8.8", +] + +[[package]] +name = "crossbeam-deque" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c20ff29ded3204c5106278a81a38f4b482636ed4fa1e6cfbeef193291beb29ed" +dependencies = [ + "crossbeam-epoch", + "crossbeam-utils 0.7.2", + "maybe-uninit", +] + +[[package]] +name = "crossbeam-epoch" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "058ed274caafc1f60c4997b5fc07bf7dc7cca454af7c6e81edffe5f33f70dace" +dependencies = [ + "autocfg", + "cfg-if 0.1.10", + "crossbeam-utils 0.7.2", + "lazy_static", + "maybe-uninit", + "memoffset 0.5.6", + "scopeguard", +] + +[[package]] +name = "crossbeam-utils" +version = "0.6.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04973fa96e96579258a5091af6003abde64af786b860f18622b82e026cca60e6" +dependencies = [ + "cfg-if 0.1.10", + "lazy_static", +] + +[[package]] +name = "crossbeam-utils" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3c7c73a2d1e9fc0886a08b93e98eb643461230d5f1925e4036204d5f2e261a8" +dependencies = [ + "autocfg", + "cfg-if 0.1.10", + "lazy_static", ] [[package]] @@ -383,6 +486,16 @@ dependencies = [ "typenum", ] +[[package]] +name = "ctor" +version = "0.1.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f877be4f7c9f246b183111634f75baa039715e3f46ce860677d3b19a69fb229c" +dependencies = [ + "quote", + "syn", +] + [[package]] name = "darling" version = "0.13.4" @@ -460,7 +573,7 @@ dependencies = [ "kvm-bindings", "kvm-ioctls", "libc", - "memoffset", + "memoffset 0.6.5", "vm-memory", "vmm-sys-util", ] @@ -520,7 +633,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b773f7f1b9088438e9746890c7c0836b133b07935812867a33e06e81c92c0cdc" dependencies = [ "libc", - "mio", + "mio 0.8.3", ] [[package]] @@ -631,7 +744,7 @@ dependencies = [ "libc", "linux-loader", "log", - "nix 0.23.1", + "nix 0.24.2", "seccompiler", "serde", "serde_derive", @@ -668,7 +781,7 @@ checksum = "f639046355ee4f37944e44f60642c6f3a7efa3cf6b78c78a0d989a8ce6c396a1" dependencies = [ "errno-dragonfly", "libc", - "winapi", + "winapi 0.3.9", ] [[package]] @@ -749,6 +862,22 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a06f77d526c1a601b7c4cdd98f54b5eaabffc14d5f2f0296febdc7f357c6d3ba" +[[package]] +name = "fuchsia-zircon" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e9763c69ebaae630ba35f74888db465e49e259ba1bc0eda7d06f4a067615d82" +dependencies = [ + "bitflags", + "fuchsia-zircon-sys", +] + +[[package]] +name = "fuchsia-zircon-sys" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3dcaa9ae7725d12cdb85b3ad99a434db70b468c09ded17e012d86b5c1010f7a7" + [[package]] name = "fuse-backend-rs" version = "0.9.0" @@ -763,7 +892,7 @@ dependencies = [ "lazy_static", "libc", "log", - "mio", + "mio 0.8.3", "nix 0.23.1", "virtio-queue", "vm-memory", @@ -807,6 +936,12 @@ version = "0.3.21" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0c09fd04b7e4073ac7156a9539b57a484a8ea920f79c7c675d05d289ab6110d3" +[[package]] +name = "futures-core-preview" +version = "0.3.0-alpha.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b35b6263fb1ef523c3056565fa67b1d16f0a8604ff12b11b08c25f28a734c60a" + [[package]] name = "futures-executor" version = "0.3.21" @@ -847,6 +982,16 @@ version = "0.3.21" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "57c66a976bf5909d801bbef33416c41372779507e7a6b3a5e25e4749c58f776a" +[[package]] +name = "futures-timer" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7946248e9429ff093345d3e8fdf4eb0f9b2d79091611c9c14f744971a6f8be45" +dependencies = [ + "futures-core-preview", + "pin-utils", +] + [[package]] name = "futures-timer" version = "3.0.2" @@ -866,7 +1011,7 @@ dependencies = [ "futures-sink", "futures-task", "memchr", - "pin-project-lite", + "pin-project-lite 0.2.9", "pin-utils", "slab", ] @@ -932,7 +1077,7 @@ checksum = "19775995ee20209163239355bc3ad2f33f83da35d9ef72dea26e5af753552c87" dependencies = [ "dashmap", "futures 0.3.21", - "futures-timer", + "futures-timer 3.0.2", "no-std-compat", "nonzero_ext", "parking_lot 0.12.1", @@ -990,8 +1135,10 @@ dependencies = [ "kata-types", "libc", "logging", - "nix 0.24.1", + "nix 0.24.2", + "persist", "seccompiler", + "serde", "serde_json", "slog", "slog-scope", @@ -1106,7 +1253,7 @@ dependencies = [ "kata-types", "lazy_static", "libc", - "nix 0.24.1", + "nix 0.24.2", "oci", "once_cell", "rand 0.7.3", @@ -1135,6 +1282,25 @@ dependencies = [ "toml 0.5.9", ] +[[package]] +name = "kernel32-sys" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7507624b29483431c0ba2d82aece8ca6cdba9382bff4ddd0f7490560c056098d" +dependencies = [ + "winapi 0.2.8", + "winapi-build", +] + +[[package]] +name = "kv-log-macro" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0de8b303297635ad57c9f5059fd9cee7a47f8e8daa09df0fcd07dd39fb22977f" +dependencies = [ + "log", +] + [[package]] name = "kvm-bindings" version = "0.5.0" @@ -1210,6 +1376,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" dependencies = [ "cfg-if 1.0.0", + "value-bag", ] [[package]] @@ -1248,12 +1415,27 @@ version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a3e378b66a060d48947b590737b30a1be76706c8dd7b8ba0f2fe3989c68a853f" +[[package]] +name = "maybe-uninit" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "60302e4db3a61da70c0cb7991976248362f30319e88850c487b9b95bbf059e00" + [[package]] name = "memchr" version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" +[[package]] +name = "memoffset" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "043175f069eda7b85febe4a74abbaeff828d9f8b448515d3151a14a3542811aa" +dependencies = [ + "autocfg", +] + [[package]] name = "memoffset" version = "0.6.5" @@ -1272,6 +1454,25 @@ dependencies = [ "adler", ] +[[package]] +name = "mio" +version = "0.6.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4afd66f5b91bf2a3bc13fad0e21caedac168ca4c707504e75585648ae80e4cc4" +dependencies = [ + "cfg-if 0.1.10", + "fuchsia-zircon", + "fuchsia-zircon-sys", + "iovec", + "kernel32-sys", + "libc", + "log", + "miow", + "net2", + "slab", + "winapi 0.2.8", +] + [[package]] name = "mio" version = "0.8.3" @@ -1284,12 +1485,46 @@ dependencies = [ "windows-sys", ] +[[package]] +name = "mio-uds" +version = "0.6.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "afcb699eb26d4332647cc848492bbc15eafb26f08d0304550d5aa1f612e066f0" +dependencies = [ + "iovec", + "libc", + "mio 0.6.23", +] + +[[package]] +name = "miow" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebd808424166322d4a38da87083bfddd3ac4c131334ed55856112eb06d46944d" +dependencies = [ + "kernel32-sys", + "net2", + "winapi 0.2.8", + "ws2_32-sys", +] + [[package]] name = "multimap" version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e5ce46fe64a9d73be07dcbe690a38ce1b293be448fd8ce1e6c1b8062c9f72c6a" +[[package]] +name = "net2" +version = "0.2.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "391630d12b68002ae1e25e8f974306474966550ad82dac6886fb8910c19568ae" +dependencies = [ + "cfg-if 0.1.10", + "libc", + "winapi 0.3.9", +] + [[package]] name = "netlink-packet-core" version = "0.4.2" @@ -1356,19 +1591,6 @@ dependencies = [ "tokio", ] -[[package]] -name = "nix" -version = "0.16.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd0eaf8df8bab402257e0a5c17a254e4cc1f72a93588a1ddfb5d356c801aa7cb" -dependencies = [ - "bitflags", - "cc", - "cfg-if 0.1.10", - "libc", - "void", -] - [[package]] name = "nix" version = "0.23.1" @@ -1379,19 +1601,19 @@ dependencies = [ "cc", "cfg-if 1.0.0", "libc", - "memoffset", + "memoffset 0.6.5", ] [[package]] name = "nix" -version = "0.24.1" +version = "0.24.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f17df307904acd05aa8e32e97bb20f2a0df1728bbc2d771ae8f9a90463441e9" +checksum = "195cdbc1741b8134346d515b3a56a1c94b0912758009cfd53f99ea0f57b065fc" dependencies = [ "bitflags", "cfg-if 1.0.0", "libc", - "memoffset", + "memoffset 0.6.5", ] [[package]] @@ -1539,7 +1761,7 @@ dependencies = [ "libc", "redox_syscall", "smallvec", - "winapi", + "winapi 0.3.9", ] [[package]] @@ -1567,6 +1789,21 @@ version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e" +[[package]] +name = "persist" +version = "0.1.0" +dependencies = [ + "anyhow", + "async-trait", + "kata-sys-util", + "kata-types", + "libc", + "rustc-serialize", + "safe-path", + "serde", + "serde_json", +] + [[package]] name = "petgraph" version = "0.5.1" @@ -1577,6 +1814,12 @@ dependencies = [ "indexmap", ] +[[package]] +name = "pin-project-lite" +version = "0.1.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "257b64915a082f7811703966789728173279bdebb956b143dbcd23f6f970a777" + [[package]] name = "pin-project-lite" version = "0.2.9" @@ -1701,14 +1944,14 @@ version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "20afe714292d5e879d8b12740aa223c6a88f118af41870e8b6196e39a02238a8" dependencies = [ - "crossbeam-utils", + "crossbeam-utils 0.8.8", "libc", "mach", "once_cell", "raw-cpuid", "wasi 0.10.2+wasi-snapshot-preview1", "web-sys", - "winapi", + "winapi 0.3.9", ] [[package]] @@ -1768,7 +2011,7 @@ dependencies = [ "libc", "rand_core 0.3.1", "rdrand", - "winapi", + "winapi 0.3.9", ] [[package]] @@ -1907,7 +2150,7 @@ version = "0.5.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3acd125665422973a33ac9d3dd2df85edad0f4ae9b00dafb1a05e43a9f5ef8e7" dependencies = [ - "winapi", + "winapi 0.3.9", ] [[package]] @@ -1929,11 +2172,13 @@ dependencies = [ "logging", "netlink-packet-route", "netlink-sys", - "nix 0.24.1", + "nix 0.24.2", "oci", + "persist", "rand 0.7.3", "rtnetlink", "scopeguard", + "serde", "slog", "slog-scope", "tokio", @@ -1959,7 +2204,7 @@ dependencies = [ "log", "netlink-packet-route", "netlink-proto", - "nix 0.24.1", + "nix 0.24.2", "thiserror", "tokio", ] @@ -1975,6 +2220,7 @@ dependencies = [ "linux_container", "logging", "oci", + "persist", "slog", "slog-scope", "tokio", @@ -1988,6 +2234,12 @@ version = "0.1.21" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7ef03e0a2b150c7a90d01faf6254c9c48a41e95fb2a8c2ac1c6f0d2b9aefc342" +[[package]] +name = "rustc-serialize" +version = "0.3.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dcf128d1287d2ea9d80910b5f1120d0b8eede3fbf1abe91c40d39ea7d51e6fda" + [[package]] name = "rustix" version = "0.34.8" @@ -1999,7 +2251,7 @@ dependencies = [ "io-lifetimes", "libc", "linux-raw-sys", - "winapi", + "winapi 0.3.9", ] [[package]] @@ -2014,6 +2266,13 @@ version = "1.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f3f6f92acf49d1b98f7a81226834412ada05458b7364277387724a237f062695" +[[package]] +name = "safe-path" +version = "0.1.0" +dependencies = [ + "libc", +] + [[package]] name = "scopeguard" version = "1.1.0" @@ -2031,18 +2290,18 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.137" +version = "1.0.143" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61ea8d54c77f8315140a05f4c7237403bf38b72704d031543aa1d16abbf517d1" +checksum = "53e8e5d5b70924f74ff5c6d64d9a5acd91422117c60f48c4e07855238a254553" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.137" +version = "1.0.143" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1f26faba0c3959972377d3b2d306ee9f71faee9714294e41bb777f83f88578be" +checksum = "d3d8e8de557aee63c26b85b947f5e59b690d0454c753f3adeb5cd7835ab88391" dependencies = [ "proc-macro2", "quote", @@ -2051,9 +2310,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.81" +version = "1.0.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9b7ce2b32a1aed03c558dc61a5cd328f15aff2dbc17daad8fb8af04d2100e15c" +checksum = "38dd04e3c8279e75b31ef29dbdceebfe5ad89f4d0937213c53f7d49d01b3d5a7" dependencies = [ "itoa", "ryu", @@ -2113,6 +2372,7 @@ dependencies = [ "common", "containerd-shim-protos", "logging", + "persist", "runtimes", "slog", "slog-scope", @@ -2146,7 +2406,7 @@ dependencies = [ "libc", "log", "logging", - "nix 0.24.1", + "nix 0.24.2", "oci", "protobuf", "rand 0.8.5", @@ -2191,7 +2451,7 @@ version = "2.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "766c59b252e62a34651412870ff55d8c4e6d04df19b43eecb2703e417b097ffe" dependencies = [ - "crossbeam-channel", + "crossbeam-channel 0.5.4", "slog", "take_mut", "thread_local", @@ -2244,7 +2504,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "66d72b759436ae32898a2af0a14218dbf55efde3feeb170eb623637db85ee1e0" dependencies = [ "libc", - "winapi", + "winapi 0.3.9", ] [[package]] @@ -2316,7 +2576,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0c2e86926081dda636c546d8c5e641661049d7562a68f5488be4a1f7f66f6086" dependencies = [ "libc", - "winapi", + "winapi 0.3.9", ] [[package]] @@ -2353,7 +2613,7 @@ dependencies = [ "libc", "redox_syscall", "remove_dir_all", - "winapi", + "winapi 0.3.9", ] [[package]] @@ -2408,7 +2668,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ca8a50ef2360fbd1eeb0ecd46795a87a19024eb4b53c5dc916ca1fd95fe62438" dependencies = [ "libc", - "winapi", + "winapi 0.3.9", ] [[package]] @@ -2455,15 +2715,15 @@ dependencies = [ "bytes 1.1.0", "libc", "memchr", - "mio", + "mio 0.8.3", "num_cpus", "once_cell", "parking_lot 0.12.1", - "pin-project-lite", + "pin-project-lite 0.2.9", "signal-hook-registry", "socket2", "tokio-macros", - "winapi", + "winapi 0.3.9", ] [[package]] @@ -2617,6 +2877,16 @@ dependencies = [ "rand 0.3.23", ] +[[package]] +name = "value-bag" +version = "1.0.0-alpha.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2209b78d1249f7e6f3293657c9779fe31ced465df091bbd433a1cf88e916ec55" +dependencies = [ + "ctor", + "version_check", +] + [[package]] name = "version_check" version = "0.9.4" @@ -2629,6 +2899,7 @@ version = "0.1.0" dependencies = [ "agent", "anyhow", + "async-std", "async-trait", "awaitgroup", "common", @@ -2640,8 +2911,9 @@ dependencies = [ "lazy_static", "libc", "logging", - "nix 0.16.1", + "nix 0.24.2", "oci", + "persist", "protobuf", "resource", "serde", @@ -2685,7 +2957,7 @@ checksum = "339d4349c126fdcd87e034631d7274370cf19eb0e87b33166bcd956589fc72c5" dependencies = [ "arc-swap 1.5.0", "libc", - "winapi", + "winapi 0.3.9", ] [[package]] @@ -2704,12 +2976,6 @@ dependencies = [ "libc", ] -[[package]] -name = "void" -version = "1.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a02e4885ed3bc0f2de90ea6dd45ebcbb66dacffe03547fadbb0eeae2770887d" - [[package]] name = "vsock" version = "0.2.6" @@ -2824,6 +3090,12 @@ dependencies = [ "libc", ] +[[package]] +name = "winapi" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "167dc9d6949a9b857f3451275e911c3f44255842c1f7a76f33c55103a909087a" + [[package]] name = "winapi" version = "0.3.9" @@ -2834,6 +3106,12 @@ dependencies = [ "winapi-x86_64-pc-windows-gnu", ] +[[package]] +name = "winapi-build" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2d315eee3b34aca4797b2da6b13ed88266e6d612562a0c46390af8299fc699bc" + [[package]] name = "winapi-i686-pc-windows-gnu" version = "0.4.0" @@ -2889,6 +3167,16 @@ version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" +[[package]] +name = "ws2_32-sys" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d59cefebd0c892fa2dd6de581e937301d8552cb44489cdff035c6187cb63fa5e" +dependencies = [ + "winapi 0.2.8", + "winapi-build", +] + [[package]] name = "zstd" version = "0.11.2+zstd.1.5.2" diff --git a/src/runtime-rs/crates/hypervisor/Cargo.toml b/src/runtime-rs/crates/hypervisor/Cargo.toml index 782f13fb8..4227de663 100644 --- a/src/runtime-rs/crates/hypervisor/Cargo.toml +++ b/src/runtime-rs/crates/hypervisor/Cargo.toml @@ -12,7 +12,7 @@ async-trait = "0.1.48" dbs-utils = "0.1.0" go-flag = "0.1.0" libc = ">=0.2.39" -nix = "0.24.1" +nix = "0.24.2" persist = { path = "../persist" } seccompiler = "0.2.0" serde = { version = "1.0.138", features = ["derive"] } diff --git a/src/runtime-rs/crates/resource/Cargo.toml b/src/runtime-rs/crates/resource/Cargo.toml index 9945873ff..408baf522 100644 --- a/src/runtime-rs/crates/resource/Cargo.toml +++ b/src/runtime-rs/crates/resource/Cargo.toml @@ -14,7 +14,7 @@ lazy_static = "1.4.0" libc = ">=0.2.39" netlink-sys = "0.8.3" netlink-packet-route = "0.13.0" -nix = "0.24.1" +nix = "0.24.2" rand = "^0.7.2" rtnetlink = "0.11.0" scopeguard = "1.0.0" diff --git a/src/runtime-rs/crates/runtimes/common/Cargo.toml b/src/runtime-rs/crates/runtimes/common/Cargo.toml index 9d541b38e..ce52f5b77 100644 --- a/src/runtime-rs/crates/runtimes/common/Cargo.toml +++ b/src/runtime-rs/crates/runtimes/common/Cargo.toml @@ -11,7 +11,7 @@ anyhow = "^1.0" async-trait = "0.1.48" containerd-shim-protos = { version = "0.2.0", features = ["async"]} lazy_static = "1.4.0" -nix = "0.24.1" +nix = "0.24.2" protobuf = "2.27.0" serde_json = "1.0.39" slog = "2.5.2" diff --git a/src/runtime-rs/crates/runtimes/virt_container/Cargo.toml b/src/runtime-rs/crates/runtimes/virt_container/Cargo.toml index ba3493279..b116ea333 100644 --- a/src/runtime-rs/crates/runtimes/virt_container/Cargo.toml +++ b/src/runtime-rs/crates/runtimes/virt_container/Cargo.toml @@ -12,7 +12,7 @@ containerd-shim-protos = { version = "0.2.0", features = ["async"]} futures = "0.3.19" lazy_static = "1.4.0" libc = ">=0.2.39" -nix = "0.16.0" +nix = "0.24.2" protobuf = "2.27.0" serde = { version = "1.0.100", features = ["derive"] } serde_derive = "1.0.27" diff --git a/src/runtime-rs/crates/shim/Cargo.toml b/src/runtime-rs/crates/shim/Cargo.toml index 71f56ac71..76abe1e9f 100644 --- a/src/runtime-rs/crates/shim/Cargo.toml +++ b/src/runtime-rs/crates/shim/Cargo.toml @@ -19,7 +19,7 @@ containerd-shim-protos = { version = "0.2.0", features = ["async"]} go-flag = "0.1.0" libc = "0.2.108" log = "0.4.14" -nix = "0.24.1" +nix = "0.24.2" protobuf = "2.27.0" sha2 = "=0.9.3" slog = {version = "2.5.2", features = ["std", "release_max_level_trace", "max_level_trace"]} diff --git a/src/runtime/pkg/containerd-shim-v2/create.go b/src/runtime/pkg/containerd-shim-v2/create.go index f26f2f372..c13f4ab4b 100644 --- a/src/runtime/pkg/containerd-shim-v2/create.go +++ b/src/runtime/pkg/containerd-shim-v2/create.go @@ -97,9 +97,10 @@ func create(ctx context.Context, s *service, r *taskAPI.CreateTaskRequest) (*con } // create root span + // rootSpan will be ended when the entire trace is ended rootSpan, newCtx := katatrace.Trace(s.ctx, shimLog, "rootSpan", shimTracingTags) s.rootCtx = newCtx - defer rootSpan.End() + s.rootSpan = rootSpan // create span span, newCtx := katatrace.Trace(s.rootCtx, shimLog, "create", shimTracingTags) diff --git a/src/runtime/pkg/containerd-shim-v2/service.go b/src/runtime/pkg/containerd-shim-v2/service.go index 9e703c9e2..b9e8460fb 100644 --- a/src/runtime/pkg/containerd-shim-v2/service.go +++ b/src/runtime/pkg/containerd-shim-v2/service.go @@ -28,6 +28,7 @@ import ( "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" "github.com/sirupsen/logrus" + otelTrace "go.opentelemetry.io/otel/trace" "golang.org/x/sys/unix" "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils" @@ -122,8 +123,9 @@ type exit struct { type service struct { sandbox vc.VCSandbox - ctx context.Context - rootCtx context.Context // root context for tracing + ctx context.Context + rootCtx context.Context // root context for tracing + rootSpan otelTrace.Span containers map[string]*container @@ -946,6 +948,7 @@ func (s *service) Shutdown(ctx context.Context, r *taskAPI.ShutdownRequest) (_ * s.mu.Unlock() span.End() + s.rootSpan.End() katatrace.StopTracing(s.rootCtx) return empty, nil diff --git a/src/runtime/virtcontainers/clh.go b/src/runtime/virtcontainers/clh.go index f3ef290e0..28730b415 100644 --- a/src/runtime/virtcontainers/clh.go +++ b/src/runtime/virtcontainers/clh.go @@ -459,13 +459,15 @@ func (clh *cloudHypervisor) CreateVM(ctx context.Context, id string, network Net // to fetch if this is the first time the hypervisor is created. clh.Logger().WithField("function", "CreateVM").Info("Sandbox not found creating") + // Create the VM config via the constructor to ensure default values are properly assigned + clh.vmconfig = *chclient.NewVmConfig(*chclient.NewPayloadConfig()) + // Make sure the kernel path is valid kernelPath, err := clh.config.KernelAssetPath() if err != nil { return err } - // Create the VM config via the constructor to ensure default values are properly assigned - clh.vmconfig = *chclient.NewVmConfig(*chclient.NewKernelConfig(kernelPath)) + clh.vmconfig.Payload.SetKernel(kernelPath) if clh.config.ConfidentialGuest { if err := clh.enableProtection(); err != nil { @@ -505,7 +507,7 @@ func (clh *cloudHypervisor) CreateVM(ctx context.Context, id string, network Net // Followed by extra kernel parameters defined in the configuration file params = append(params, clh.config.KernelParams...) - clh.vmconfig.Cmdline = chclient.NewCmdLineConfig(kernelParamsToString(params)) + clh.vmconfig.Payload.SetCmdline(kernelParamsToString(params)) // set random device generator to hypervisor clh.vmconfig.Rng = chclient.NewRngConfig(clh.config.EntropySource) @@ -547,9 +549,7 @@ func (clh *cloudHypervisor) CreateVM(ctx context.Context, id string, network Net return err } - initrd := chclient.NewInitramfsConfig(initrdPath) - - clh.vmconfig.SetInitramfs(*initrd) + clh.vmconfig.Payload.SetInitramfs(initrdPath) } // Use serial port as the guest console only in debug mode, diff --git a/src/runtime/virtcontainers/clh_test.go b/src/runtime/virtcontainers/clh_test.go index bb4a04925..58b1b7fe9 100644 --- a/src/runtime/virtcontainers/clh_test.go +++ b/src/runtime/virtcontainers/clh_test.go @@ -557,7 +557,7 @@ func TestCloudHypervisorResizeMemory(t *testing.T) { clh := cloudHypervisor{} mockClient := &clhClientMock{} - mockClient.vmInfo.Config = *chclient.NewVmConfig(*chclient.NewKernelConfig("")) + mockClient.vmInfo.Config = *chclient.NewVmConfig(*chclient.NewPayloadConfig()) mockClient.vmInfo.Config.Memory = chclient.NewMemoryConfig(int64(utils.MemUnit(clhConfig.MemorySize) * utils.MiB)) mockClient.vmInfo.Config.Memory.HotplugSize = func(i int64) *int64 { return &i }(int64(40 * utils.GiB.ToBytes())) diff --git a/src/runtime/virtcontainers/network_linux.go b/src/runtime/virtcontainers/network_linux.go index f3356bb1c..cd2157ece 100644 --- a/src/runtime/virtcontainers/network_linux.go +++ b/src/runtime/virtcontainers/network_linux.go @@ -708,8 +708,8 @@ func tapNetworkPair(ctx context.Context, endpoint Endpoint, queues int, disableV } if err := netHandle.LinkSetHardwareAddr(tapLink, tapHardAddr); err != nil { - return fmt.Errorf("Could not set MAC address %s for veth interface %s: %s", - netPair.VirtIface.HardAddr, netPair.VirtIface.Name, err) + return fmt.Errorf("Could not set MAC address %s for TAP interface %s: %s", + netPair.TAPIface.HardAddr, netPair.TAPIface.Name, err) } if err := netHandle.LinkSetUp(tapLink); err != nil { diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/.openapi-generator/FILES b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/.openapi-generator/FILES index 0208bab30..7618fe3ab 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/.openapi-generator/FILES +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/.openapi-generator/FILES @@ -7,7 +7,6 @@ api_default.go client.go configuration.go docs/BalloonConfig.md -docs/CmdLineConfig.md docs/ConsoleConfig.md docs/CpuAffinity.md docs/CpuFeatures.md @@ -18,13 +17,12 @@ docs/DeviceConfig.md docs/DeviceNode.md docs/DiskConfig.md docs/FsConfig.md -docs/InitramfsConfig.md -docs/KernelConfig.md docs/MemoryConfig.md docs/MemoryZoneConfig.md docs/NetConfig.md docs/NumaConfig.md docs/NumaDistance.md +docs/PayloadConfig.md docs/PciDeviceInfo.md docs/PlatformConfig.md docs/PmemConfig.md @@ -51,7 +49,6 @@ git_push.sh go.mod go.sum model_balloon_config.go -model_cmd_line_config.go model_console_config.go model_cpu_affinity.go model_cpu_features.go @@ -61,13 +58,12 @@ model_device_config.go model_device_node.go model_disk_config.go model_fs_config.go -model_initramfs_config.go -model_kernel_config.go model_memory_config.go model_memory_zone_config.go model_net_config.go model_numa_config.go model_numa_distance.go +model_payload_config.go model_pci_device_info.go model_platform_config.go model_pmem_config.go diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/README.md b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/README.md index ad0b5ec5c..5839299b6 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/README.md +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/README.md @@ -110,7 +110,6 @@ Class | Method | HTTP request | Description ## Documentation For Models - [BalloonConfig](docs/BalloonConfig.md) - - [CmdLineConfig](docs/CmdLineConfig.md) - [ConsoleConfig](docs/ConsoleConfig.md) - [CpuAffinity](docs/CpuAffinity.md) - [CpuFeatures](docs/CpuFeatures.md) @@ -120,13 +119,12 @@ Class | Method | HTTP request | Description - [DeviceNode](docs/DeviceNode.md) - [DiskConfig](docs/DiskConfig.md) - [FsConfig](docs/FsConfig.md) - - [InitramfsConfig](docs/InitramfsConfig.md) - - [KernelConfig](docs/KernelConfig.md) - [MemoryConfig](docs/MemoryConfig.md) - [MemoryZoneConfig](docs/MemoryZoneConfig.md) - [NetConfig](docs/NetConfig.md) - [NumaConfig](docs/NumaConfig.md) - [NumaDistance](docs/NumaDistance.md) + - [PayloadConfig](docs/PayloadConfig.md) - [PciDeviceInfo](docs/PciDeviceInfo.md) - [PlatformConfig](docs/PlatformConfig.md) - [PmemConfig](docs/PmemConfig.md) diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api/openapi.yaml b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api/openapi.yaml index a99e14a74..96a0498a4 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api/openapi.yaml +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api/openapi.yaml @@ -479,7 +479,6 @@ components: vhost_socket: vhost_socket vhost_user: false direct: false - poll_queue: true rate_limiter_config: ops: size: 0 @@ -499,7 +498,6 @@ components: vhost_socket: vhost_socket vhost_user: false direct: false - poll_queue: true rate_limiter_config: ops: size: 0 @@ -540,8 +538,6 @@ components: path: path iommu: false id: id - kernel: - path: path vdpa: - pci_segment: 3 path: path @@ -620,7 +616,11 @@ components: - 3 - 3 num_pci_segments: 7 + oem_strings: + - oem_strings + - oem_strings serial_number: serial_number + uuid: uuid pmem: - pci_segment: 5 file: file @@ -634,16 +634,16 @@ components: iommu: false id: id discard_writes: false - cmdline: - args: args watchdog: false iommu: false + payload: + cmdline: cmdline + kernel: kernel + initramfs: initramfs serial: mode: "false" file: file iommu: false - initramfs: - path: path net: - tap: tap num_queues: 9 @@ -763,6 +763,20 @@ components: - bdf - id type: object + PayloadConfig: + description: Payloads to boot in guest + example: + cmdline: cmdline + kernel: kernel + initramfs: initramfs + properties: + kernel: + type: string + cmdline: + type: string + initramfs: + type: string + type: object VmConfig: description: Virtual machine configuration example: @@ -817,7 +831,6 @@ components: vhost_socket: vhost_socket vhost_user: false direct: false - poll_queue: true rate_limiter_config: ops: size: 0 @@ -837,7 +850,6 @@ components: vhost_socket: vhost_socket vhost_user: false direct: false - poll_queue: true rate_limiter_config: ops: size: 0 @@ -878,8 +890,6 @@ components: path: path iommu: false id: id - kernel: - path: path vdpa: - pci_segment: 3 path: path @@ -958,7 +968,11 @@ components: - 3 - 3 num_pci_segments: 7 + oem_strings: + - oem_strings + - oem_strings serial_number: serial_number + uuid: uuid pmem: - pci_segment: 5 file: file @@ -972,16 +986,16 @@ components: iommu: false id: id discard_writes: false - cmdline: - args: args watchdog: false iommu: false + payload: + cmdline: cmdline + kernel: kernel + initramfs: initramfs serial: mode: "false" file: file iommu: false - initramfs: - path: path net: - tap: tap num_queues: 9 @@ -1030,12 +1044,8 @@ components: $ref: '#/components/schemas/CpusConfig' memory: $ref: '#/components/schemas/MemoryConfig' - kernel: - $ref: '#/components/schemas/KernelConfig' - initramfs: - $ref: '#/components/schemas/InitramfsConfig' - cmdline: - $ref: '#/components/schemas/CmdLineConfig' + payload: + $ref: '#/components/schemas/PayloadConfig' disks: items: $ref: '#/components/schemas/DiskConfig' @@ -1089,7 +1099,7 @@ components: platform: $ref: '#/components/schemas/PlatformConfig' required: - - kernel + - payload type: object CpuAffinity: example: @@ -1182,7 +1192,11 @@ components: - 3 - 3 num_pci_segments: 7 + oem_strings: + - oem_strings + - oem_strings serial_number: serial_number + uuid: uuid properties: num_pci_segments: format: int16 @@ -1194,6 +1208,12 @@ components: type: array serial_number: type: string + uuid: + type: string + oem_strings: + items: + type: string + type: array type: object MemoryZoneConfig: example: @@ -1313,34 +1333,6 @@ components: required: - size type: object - KernelConfig: - example: - path: path - properties: - path: - type: string - required: - - path - type: object - InitramfsConfig: - example: - path: path - nullable: true - properties: - path: - type: string - required: - - path - type: object - CmdLineConfig: - example: - args: args - properties: - args: - type: string - required: - - args - type: object TokenBucket: description: Defines a token bucket with a maximum capacity (_size_), an initial burst size (_one_time_burst_) and an interval for refilling purposes (_refill_time_). @@ -1404,7 +1396,6 @@ components: vhost_socket: vhost_socket vhost_user: false direct: false - poll_queue: true rate_limiter_config: ops: size: 0 @@ -1438,9 +1429,6 @@ components: type: boolean vhost_socket: type: string - poll_queue: - default: true - type: boolean rate_limiter_config: $ref: '#/components/schemas/RateLimiterConfig' pci_segment: diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api_default.go b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api_default.go index ad96f6b42..cf97c19dd 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api_default.go +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api_default.go @@ -38,8 +38,8 @@ func (r ApiBootVMRequest) Execute() (*_nethttp.Response, error) { /* BootVM Boot the previously created VM instance. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiBootVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiBootVMRequest */ func (a *DefaultApiService) BootVM(ctx _context.Context) ApiBootVMRequest { return ApiBootVMRequest{ @@ -133,8 +133,8 @@ func (r ApiCreateVMRequest) Execute() (*_nethttp.Response, error) { /* CreateVM Create the cloud-hypervisor Virtual Machine (VM) instance. The instance is not booted, only created. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiCreateVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiCreateVMRequest */ func (a *DefaultApiService) CreateVM(ctx _context.Context) ApiCreateVMRequest { return ApiCreateVMRequest{ @@ -226,8 +226,8 @@ func (r ApiDeleteVMRequest) Execute() (*_nethttp.Response, error) { /* DeleteVM Delete the cloud-hypervisor Virtual Machine (VM) instance. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiDeleteVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiDeleteVMRequest */ func (a *DefaultApiService) DeleteVM(ctx _context.Context) ApiDeleteVMRequest { return ApiDeleteVMRequest{ @@ -314,8 +314,8 @@ func (r ApiPauseVMRequest) Execute() (*_nethttp.Response, error) { /* PauseVM Pause a previously booted VM instance. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiPauseVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiPauseVMRequest */ func (a *DefaultApiService) PauseVM(ctx _context.Context) ApiPauseVMRequest { return ApiPauseVMRequest{ @@ -402,8 +402,8 @@ func (r ApiPowerButtonVMRequest) Execute() (*_nethttp.Response, error) { /* PowerButtonVM Trigger a power button in the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiPowerButtonVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiPowerButtonVMRequest */ func (a *DefaultApiService) PowerButtonVM(ctx _context.Context) ApiPowerButtonVMRequest { return ApiPowerButtonVMRequest{ @@ -490,8 +490,8 @@ func (r ApiRebootVMRequest) Execute() (*_nethttp.Response, error) { /* RebootVM Reboot the VM instance. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiRebootVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiRebootVMRequest */ func (a *DefaultApiService) RebootVM(ctx _context.Context) ApiRebootVMRequest { return ApiRebootVMRequest{ @@ -578,8 +578,8 @@ func (r ApiResumeVMRequest) Execute() (*_nethttp.Response, error) { /* ResumeVM Resume a previously paused VM instance. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiResumeVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiResumeVMRequest */ func (a *DefaultApiService) ResumeVM(ctx _context.Context) ApiResumeVMRequest { return ApiResumeVMRequest{ @@ -666,8 +666,8 @@ func (r ApiShutdownVMRequest) Execute() (*_nethttp.Response, error) { /* ShutdownVM Shut the VM instance down. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiShutdownVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiShutdownVMRequest */ func (a *DefaultApiService) ShutdownVM(ctx _context.Context) ApiShutdownVMRequest { return ApiShutdownVMRequest{ @@ -754,8 +754,8 @@ func (r ApiShutdownVMMRequest) Execute() (*_nethttp.Response, error) { /* ShutdownVMM Shuts the cloud-hypervisor VMM. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiShutdownVMMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiShutdownVMMRequest */ func (a *DefaultApiService) ShutdownVMM(ctx _context.Context) ApiShutdownVMMRequest { return ApiShutdownVMMRequest{ @@ -849,8 +849,8 @@ func (r ApiVmAddDevicePutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, /* VmAddDevicePut Add a new device to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddDevicePutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddDevicePutRequest */ func (a *DefaultApiService) VmAddDevicePut(ctx _context.Context) ApiVmAddDevicePutRequest { return ApiVmAddDevicePutRequest{ @@ -860,7 +860,8 @@ func (a *DefaultApiService) VmAddDevicePut(ctx _context.Context) ApiVmAddDeviceP } // Execute executes the request -// @return PciDeviceInfo +// +// @return PciDeviceInfo func (a *DefaultApiService) VmAddDevicePutExecute(r ApiVmAddDevicePutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -960,8 +961,8 @@ func (r ApiVmAddDiskPutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, er /* VmAddDiskPut Add a new disk to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddDiskPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddDiskPutRequest */ func (a *DefaultApiService) VmAddDiskPut(ctx _context.Context) ApiVmAddDiskPutRequest { return ApiVmAddDiskPutRequest{ @@ -971,7 +972,8 @@ func (a *DefaultApiService) VmAddDiskPut(ctx _context.Context) ApiVmAddDiskPutRe } // Execute executes the request -// @return PciDeviceInfo +// +// @return PciDeviceInfo func (a *DefaultApiService) VmAddDiskPutExecute(r ApiVmAddDiskPutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -1071,8 +1073,8 @@ func (r ApiVmAddFsPutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, erro /* VmAddFsPut Add a new virtio-fs device to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddFsPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddFsPutRequest */ func (a *DefaultApiService) VmAddFsPut(ctx _context.Context) ApiVmAddFsPutRequest { return ApiVmAddFsPutRequest{ @@ -1082,7 +1084,8 @@ func (a *DefaultApiService) VmAddFsPut(ctx _context.Context) ApiVmAddFsPutReques } // Execute executes the request -// @return PciDeviceInfo +// +// @return PciDeviceInfo func (a *DefaultApiService) VmAddFsPutExecute(r ApiVmAddFsPutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -1182,8 +1185,8 @@ func (r ApiVmAddNetPutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, err /* VmAddNetPut Add a new network device to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddNetPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddNetPutRequest */ func (a *DefaultApiService) VmAddNetPut(ctx _context.Context) ApiVmAddNetPutRequest { return ApiVmAddNetPutRequest{ @@ -1193,7 +1196,8 @@ func (a *DefaultApiService) VmAddNetPut(ctx _context.Context) ApiVmAddNetPutRequ } // Execute executes the request -// @return PciDeviceInfo +// +// @return PciDeviceInfo func (a *DefaultApiService) VmAddNetPutExecute(r ApiVmAddNetPutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -1293,8 +1297,8 @@ func (r ApiVmAddPmemPutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, er /* VmAddPmemPut Add a new pmem device to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddPmemPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddPmemPutRequest */ func (a *DefaultApiService) VmAddPmemPut(ctx _context.Context) ApiVmAddPmemPutRequest { return ApiVmAddPmemPutRequest{ @@ -1304,7 +1308,8 @@ func (a *DefaultApiService) VmAddPmemPut(ctx _context.Context) ApiVmAddPmemPutRe } // Execute executes the request -// @return PciDeviceInfo +// +// @return PciDeviceInfo func (a *DefaultApiService) VmAddPmemPutExecute(r ApiVmAddPmemPutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -1404,8 +1409,8 @@ func (r ApiVmAddVdpaPutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, er /* VmAddVdpaPut Add a new vDPA device to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddVdpaPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddVdpaPutRequest */ func (a *DefaultApiService) VmAddVdpaPut(ctx _context.Context) ApiVmAddVdpaPutRequest { return ApiVmAddVdpaPutRequest{ @@ -1415,7 +1420,8 @@ func (a *DefaultApiService) VmAddVdpaPut(ctx _context.Context) ApiVmAddVdpaPutRe } // Execute executes the request -// @return PciDeviceInfo +// +// @return PciDeviceInfo func (a *DefaultApiService) VmAddVdpaPutExecute(r ApiVmAddVdpaPutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -1515,8 +1521,8 @@ func (r ApiVmAddVsockPutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, e /* VmAddVsockPut Add a new vsock device to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddVsockPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddVsockPutRequest */ func (a *DefaultApiService) VmAddVsockPut(ctx _context.Context) ApiVmAddVsockPutRequest { return ApiVmAddVsockPutRequest{ @@ -1526,7 +1532,8 @@ func (a *DefaultApiService) VmAddVsockPut(ctx _context.Context) ApiVmAddVsockPut } // Execute executes the request -// @return PciDeviceInfo +// +// @return PciDeviceInfo func (a *DefaultApiService) VmAddVsockPutExecute(r ApiVmAddVsockPutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -1626,8 +1633,8 @@ func (r ApiVmCoredumpPutRequest) Execute() (*_nethttp.Response, error) { /* VmCoredumpPut Takes a VM coredump. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmCoredumpPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmCoredumpPutRequest */ func (a *DefaultApiService) VmCoredumpPut(ctx _context.Context) ApiVmCoredumpPutRequest { return ApiVmCoredumpPutRequest{ @@ -1719,8 +1726,8 @@ func (r ApiVmCountersGetRequest) Execute() (map[string]map[string]int64, *_netht /* VmCountersGet Get counters from the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmCountersGetRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmCountersGetRequest */ func (a *DefaultApiService) VmCountersGet(ctx _context.Context) ApiVmCountersGetRequest { return ApiVmCountersGetRequest{ @@ -1730,7 +1737,8 @@ func (a *DefaultApiService) VmCountersGet(ctx _context.Context) ApiVmCountersGet } // Execute executes the request -// @return map[string]map[string]int64 +// +// @return map[string]map[string]int64 func (a *DefaultApiService) VmCountersGetExecute(r ApiVmCountersGetRequest) (map[string]map[string]int64, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodGet @@ -1818,8 +1826,8 @@ func (r ApiVmInfoGetRequest) Execute() (VmInfo, *_nethttp.Response, error) { /* VmInfoGet Returns general information about the cloud-hypervisor Virtual Machine (VM) instance. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmInfoGetRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmInfoGetRequest */ func (a *DefaultApiService) VmInfoGet(ctx _context.Context) ApiVmInfoGetRequest { return ApiVmInfoGetRequest{ @@ -1829,7 +1837,8 @@ func (a *DefaultApiService) VmInfoGet(ctx _context.Context) ApiVmInfoGetRequest } // Execute executes the request -// @return VmInfo +// +// @return VmInfo func (a *DefaultApiService) VmInfoGetExecute(r ApiVmInfoGetRequest) (VmInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodGet @@ -1924,8 +1933,8 @@ func (r ApiVmReceiveMigrationPutRequest) Execute() (*_nethttp.Response, error) { /* VmReceiveMigrationPut Receive a VM migration from URL - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmReceiveMigrationPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmReceiveMigrationPutRequest */ func (a *DefaultApiService) VmReceiveMigrationPut(ctx _context.Context) ApiVmReceiveMigrationPutRequest { return ApiVmReceiveMigrationPutRequest{ @@ -2024,8 +2033,8 @@ func (r ApiVmRemoveDevicePutRequest) Execute() (*_nethttp.Response, error) { /* VmRemoveDevicePut Remove a device from the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmRemoveDevicePutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmRemoveDevicePutRequest */ func (a *DefaultApiService) VmRemoveDevicePut(ctx _context.Context) ApiVmRemoveDevicePutRequest { return ApiVmRemoveDevicePutRequest{ @@ -2124,8 +2133,8 @@ func (r ApiVmResizePutRequest) Execute() (*_nethttp.Response, error) { /* VmResizePut Resize the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmResizePutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmResizePutRequest */ func (a *DefaultApiService) VmResizePut(ctx _context.Context) ApiVmResizePutRequest { return ApiVmResizePutRequest{ @@ -2224,8 +2233,8 @@ func (r ApiVmResizeZonePutRequest) Execute() (*_nethttp.Response, error) { /* VmResizeZonePut Resize a memory zone - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmResizeZonePutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmResizeZonePutRequest */ func (a *DefaultApiService) VmResizeZonePut(ctx _context.Context) ApiVmResizeZonePutRequest { return ApiVmResizeZonePutRequest{ @@ -2324,8 +2333,8 @@ func (r ApiVmRestorePutRequest) Execute() (*_nethttp.Response, error) { /* VmRestorePut Restore a VM from a snapshot. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmRestorePutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmRestorePutRequest */ func (a *DefaultApiService) VmRestorePut(ctx _context.Context) ApiVmRestorePutRequest { return ApiVmRestorePutRequest{ @@ -2424,8 +2433,8 @@ func (r ApiVmSendMigrationPutRequest) Execute() (*_nethttp.Response, error) { /* VmSendMigrationPut Send a VM migration to URL - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmSendMigrationPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmSendMigrationPutRequest */ func (a *DefaultApiService) VmSendMigrationPut(ctx _context.Context) ApiVmSendMigrationPutRequest { return ApiVmSendMigrationPutRequest{ @@ -2524,8 +2533,8 @@ func (r ApiVmSnapshotPutRequest) Execute() (*_nethttp.Response, error) { /* VmSnapshotPut Returns a VM snapshot. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmSnapshotPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmSnapshotPutRequest */ func (a *DefaultApiService) VmSnapshotPut(ctx _context.Context) ApiVmSnapshotPutRequest { return ApiVmSnapshotPutRequest{ @@ -2617,8 +2626,8 @@ func (r ApiVmmPingGetRequest) Execute() (VmmPingResponse, *_nethttp.Response, er /* VmmPingGet Ping the VMM to check for API server availability - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmmPingGetRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmmPingGetRequest */ func (a *DefaultApiService) VmmPingGet(ctx _context.Context) ApiVmmPingGetRequest { return ApiVmmPingGetRequest{ @@ -2628,7 +2637,8 @@ func (a *DefaultApiService) VmmPingGet(ctx _context.Context) ApiVmmPingGetReques } // Execute executes the request -// @return VmmPingResponse +// +// @return VmmPingResponse func (a *DefaultApiService) VmmPingGetExecute(r ApiVmmPingGetRequest) (VmmPingResponse, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodGet diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/CmdLineConfig.md b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/CmdLineConfig.md deleted file mode 100644 index 406ba1cd6..000000000 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/CmdLineConfig.md +++ /dev/null @@ -1,51 +0,0 @@ -# CmdLineConfig - -## Properties - -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**Args** | **string** | | - -## Methods - -### NewCmdLineConfig - -`func NewCmdLineConfig(args string, ) *CmdLineConfig` - -NewCmdLineConfig instantiates a new CmdLineConfig object -This constructor will assign default values to properties that have it defined, -and makes sure properties required by API are set, but the set of arguments -will change when the set of required properties is changed - -### NewCmdLineConfigWithDefaults - -`func NewCmdLineConfigWithDefaults() *CmdLineConfig` - -NewCmdLineConfigWithDefaults instantiates a new CmdLineConfig object -This constructor will only assign default values to properties that have it defined, -but it doesn't guarantee that properties required by API are set - -### GetArgs - -`func (o *CmdLineConfig) GetArgs() string` - -GetArgs returns the Args field if non-nil, zero value otherwise. - -### GetArgsOk - -`func (o *CmdLineConfig) GetArgsOk() (*string, bool)` - -GetArgsOk returns a tuple with the Args field if it's non-nil, zero value otherwise -and a boolean to check if the value has been set. - -### SetArgs - -`func (o *CmdLineConfig) SetArgs(v string)` - -SetArgs sets Args field to given value. - - - -[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) - - diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/DefaultApi.md b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/DefaultApi.md index 8f5b8e76d..1391a0b27 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/DefaultApi.md +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/DefaultApi.md @@ -110,7 +110,7 @@ import ( ) func main() { - vmConfig := *openapiclient.NewVmConfig(*openapiclient.NewKernelConfig("Path_example")) // VmConfig | The VM configuration + vmConfig := *openapiclient.NewVmConfig(*openapiclient.NewPayloadConfig()) // VmConfig | The VM configuration configuration := openapiclient.NewConfiguration() api_client := openapiclient.NewAPIClient(configuration) diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/DiskConfig.md b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/DiskConfig.md index f4e4a6cbd..6c51686c7 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/DiskConfig.md +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/DiskConfig.md @@ -12,7 +12,6 @@ Name | Type | Description | Notes **QueueSize** | Pointer to **int32** | | [optional] [default to 128] **VhostUser** | Pointer to **bool** | | [optional] [default to false] **VhostSocket** | Pointer to **string** | | [optional] -**PollQueue** | Pointer to **bool** | | [optional] [default to true] **RateLimiterConfig** | Pointer to [**RateLimiterConfig**](RateLimiterConfig.md) | | [optional] **PciSegment** | Pointer to **int32** | | [optional] **Id** | Pointer to **string** | | [optional] @@ -231,31 +230,6 @@ SetVhostSocket sets VhostSocket field to given value. HasVhostSocket returns a boolean if a field has been set. -### GetPollQueue - -`func (o *DiskConfig) GetPollQueue() bool` - -GetPollQueue returns the PollQueue field if non-nil, zero value otherwise. - -### GetPollQueueOk - -`func (o *DiskConfig) GetPollQueueOk() (*bool, bool)` - -GetPollQueueOk returns a tuple with the PollQueue field if it's non-nil, zero value otherwise -and a boolean to check if the value has been set. - -### SetPollQueue - -`func (o *DiskConfig) SetPollQueue(v bool)` - -SetPollQueue sets PollQueue field to given value. - -### HasPollQueue - -`func (o *DiskConfig) HasPollQueue() bool` - -HasPollQueue returns a boolean if a field has been set. - ### GetRateLimiterConfig `func (o *DiskConfig) GetRateLimiterConfig() RateLimiterConfig` diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/InitramfsConfig.md b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/InitramfsConfig.md deleted file mode 100644 index 7450d9bee..000000000 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/InitramfsConfig.md +++ /dev/null @@ -1,51 +0,0 @@ -# InitramfsConfig - -## Properties - -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**Path** | **string** | | - -## Methods - -### NewInitramfsConfig - -`func NewInitramfsConfig(path string, ) *InitramfsConfig` - -NewInitramfsConfig instantiates a new InitramfsConfig object -This constructor will assign default values to properties that have it defined, -and makes sure properties required by API are set, but the set of arguments -will change when the set of required properties is changed - -### NewInitramfsConfigWithDefaults - -`func NewInitramfsConfigWithDefaults() *InitramfsConfig` - -NewInitramfsConfigWithDefaults instantiates a new InitramfsConfig object -This constructor will only assign default values to properties that have it defined, -but it doesn't guarantee that properties required by API are set - -### GetPath - -`func (o *InitramfsConfig) GetPath() string` - -GetPath returns the Path field if non-nil, zero value otherwise. - -### GetPathOk - -`func (o *InitramfsConfig) GetPathOk() (*string, bool)` - -GetPathOk returns a tuple with the Path field if it's non-nil, zero value otherwise -and a boolean to check if the value has been set. - -### SetPath - -`func (o *InitramfsConfig) SetPath(v string)` - -SetPath sets Path field to given value. - - - -[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) - - diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/KernelConfig.md b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/KernelConfig.md deleted file mode 100644 index d9835715d..000000000 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/KernelConfig.md +++ /dev/null @@ -1,51 +0,0 @@ -# KernelConfig - -## Properties - -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**Path** | **string** | | - -## Methods - -### NewKernelConfig - -`func NewKernelConfig(path string, ) *KernelConfig` - -NewKernelConfig instantiates a new KernelConfig object -This constructor will assign default values to properties that have it defined, -and makes sure properties required by API are set, but the set of arguments -will change when the set of required properties is changed - -### NewKernelConfigWithDefaults - -`func NewKernelConfigWithDefaults() *KernelConfig` - -NewKernelConfigWithDefaults instantiates a new KernelConfig object -This constructor will only assign default values to properties that have it defined, -but it doesn't guarantee that properties required by API are set - -### GetPath - -`func (o *KernelConfig) GetPath() string` - -GetPath returns the Path field if non-nil, zero value otherwise. - -### GetPathOk - -`func (o *KernelConfig) GetPathOk() (*string, bool)` - -GetPathOk returns a tuple with the Path field if it's non-nil, zero value otherwise -and a boolean to check if the value has been set. - -### SetPath - -`func (o *KernelConfig) SetPath(v string)` - -SetPath sets Path field to given value. - - - -[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) - - diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/PayloadConfig.md b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/PayloadConfig.md new file mode 100644 index 000000000..8985796ea --- /dev/null +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/PayloadConfig.md @@ -0,0 +1,108 @@ +# PayloadConfig + +## Properties + +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**Kernel** | Pointer to **string** | | [optional] +**Cmdline** | Pointer to **string** | | [optional] +**Initramfs** | Pointer to **string** | | [optional] + +## Methods + +### NewPayloadConfig + +`func NewPayloadConfig() *PayloadConfig` + +NewPayloadConfig instantiates a new PayloadConfig object +This constructor will assign default values to properties that have it defined, +and makes sure properties required by API are set, but the set of arguments +will change when the set of required properties is changed + +### NewPayloadConfigWithDefaults + +`func NewPayloadConfigWithDefaults() *PayloadConfig` + +NewPayloadConfigWithDefaults instantiates a new PayloadConfig object +This constructor will only assign default values to properties that have it defined, +but it doesn't guarantee that properties required by API are set + +### GetKernel + +`func (o *PayloadConfig) GetKernel() string` + +GetKernel returns the Kernel field if non-nil, zero value otherwise. + +### GetKernelOk + +`func (o *PayloadConfig) GetKernelOk() (*string, bool)` + +GetKernelOk returns a tuple with the Kernel field if it's non-nil, zero value otherwise +and a boolean to check if the value has been set. + +### SetKernel + +`func (o *PayloadConfig) SetKernel(v string)` + +SetKernel sets Kernel field to given value. + +### HasKernel + +`func (o *PayloadConfig) HasKernel() bool` + +HasKernel returns a boolean if a field has been set. + +### GetCmdline + +`func (o *PayloadConfig) GetCmdline() string` + +GetCmdline returns the Cmdline field if non-nil, zero value otherwise. + +### GetCmdlineOk + +`func (o *PayloadConfig) GetCmdlineOk() (*string, bool)` + +GetCmdlineOk returns a tuple with the Cmdline field if it's non-nil, zero value otherwise +and a boolean to check if the value has been set. + +### SetCmdline + +`func (o *PayloadConfig) SetCmdline(v string)` + +SetCmdline sets Cmdline field to given value. + +### HasCmdline + +`func (o *PayloadConfig) HasCmdline() bool` + +HasCmdline returns a boolean if a field has been set. + +### GetInitramfs + +`func (o *PayloadConfig) GetInitramfs() string` + +GetInitramfs returns the Initramfs field if non-nil, zero value otherwise. + +### GetInitramfsOk + +`func (o *PayloadConfig) GetInitramfsOk() (*string, bool)` + +GetInitramfsOk returns a tuple with the Initramfs field if it's non-nil, zero value otherwise +and a boolean to check if the value has been set. + +### SetInitramfs + +`func (o *PayloadConfig) SetInitramfs(v string)` + +SetInitramfs sets Initramfs field to given value. + +### HasInitramfs + +`func (o *PayloadConfig) HasInitramfs() bool` + +HasInitramfs returns a boolean if a field has been set. + + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + + diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/PlatformConfig.md b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/PlatformConfig.md index 832444c1f..eacec0d02 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/PlatformConfig.md +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/PlatformConfig.md @@ -7,6 +7,8 @@ Name | Type | Description | Notes **NumPciSegments** | Pointer to **int32** | | [optional] **IommuSegments** | Pointer to **[]int32** | | [optional] **SerialNumber** | Pointer to **string** | | [optional] +**Uuid** | Pointer to **string** | | [optional] +**OemStrings** | Pointer to **[]string** | | [optional] ## Methods @@ -102,6 +104,56 @@ SetSerialNumber sets SerialNumber field to given value. HasSerialNumber returns a boolean if a field has been set. +### GetUuid + +`func (o *PlatformConfig) GetUuid() string` + +GetUuid returns the Uuid field if non-nil, zero value otherwise. + +### GetUuidOk + +`func (o *PlatformConfig) GetUuidOk() (*string, bool)` + +GetUuidOk returns a tuple with the Uuid field if it's non-nil, zero value otherwise +and a boolean to check if the value has been set. + +### SetUuid + +`func (o *PlatformConfig) SetUuid(v string)` + +SetUuid sets Uuid field to given value. + +### HasUuid + +`func (o *PlatformConfig) HasUuid() bool` + +HasUuid returns a boolean if a field has been set. + +### GetOemStrings + +`func (o *PlatformConfig) GetOemStrings() []string` + +GetOemStrings returns the OemStrings field if non-nil, zero value otherwise. + +### GetOemStringsOk + +`func (o *PlatformConfig) GetOemStringsOk() (*[]string, bool)` + +GetOemStringsOk returns a tuple with the OemStrings field if it's non-nil, zero value otherwise +and a boolean to check if the value has been set. + +### SetOemStrings + +`func (o *PlatformConfig) SetOemStrings(v []string)` + +SetOemStrings sets OemStrings field to given value. + +### HasOemStrings + +`func (o *PlatformConfig) HasOemStrings() bool` + +HasOemStrings returns a boolean if a field has been set. + [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/VmConfig.md b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/VmConfig.md index d6bbae421..717749be6 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/VmConfig.md +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/VmConfig.md @@ -6,9 +6,7 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **Cpus** | Pointer to [**CpusConfig**](CpusConfig.md) | | [optional] **Memory** | Pointer to [**MemoryConfig**](MemoryConfig.md) | | [optional] -**Kernel** | [**KernelConfig**](KernelConfig.md) | | -**Initramfs** | Pointer to [**NullableInitramfsConfig**](InitramfsConfig.md) | | [optional] -**Cmdline** | Pointer to [**CmdLineConfig**](CmdLineConfig.md) | | [optional] +**Payload** | [**PayloadConfig**](PayloadConfig.md) | | **Disks** | Pointer to [**[]DiskConfig**](DiskConfig.md) | | [optional] **Net** | Pointer to [**[]NetConfig**](NetConfig.md) | | [optional] **Rng** | Pointer to [**RngConfig**](RngConfig.md) | | [optional] @@ -31,7 +29,7 @@ Name | Type | Description | Notes ### NewVmConfig -`func NewVmConfig(kernel KernelConfig, ) *VmConfig` +`func NewVmConfig(payload PayloadConfig, ) *VmConfig` NewVmConfig instantiates a new VmConfig object This constructor will assign default values to properties that have it defined, @@ -96,86 +94,26 @@ SetMemory sets Memory field to given value. HasMemory returns a boolean if a field has been set. -### GetKernel +### GetPayload -`func (o *VmConfig) GetKernel() KernelConfig` +`func (o *VmConfig) GetPayload() PayloadConfig` -GetKernel returns the Kernel field if non-nil, zero value otherwise. +GetPayload returns the Payload field if non-nil, zero value otherwise. -### GetKernelOk +### GetPayloadOk -`func (o *VmConfig) GetKernelOk() (*KernelConfig, bool)` +`func (o *VmConfig) GetPayloadOk() (*PayloadConfig, bool)` -GetKernelOk returns a tuple with the Kernel field if it's non-nil, zero value otherwise +GetPayloadOk returns a tuple with the Payload field if it's non-nil, zero value otherwise and a boolean to check if the value has been set. -### SetKernel +### SetPayload -`func (o *VmConfig) SetKernel(v KernelConfig)` +`func (o *VmConfig) SetPayload(v PayloadConfig)` -SetKernel sets Kernel field to given value. +SetPayload sets Payload field to given value. -### GetInitramfs - -`func (o *VmConfig) GetInitramfs() InitramfsConfig` - -GetInitramfs returns the Initramfs field if non-nil, zero value otherwise. - -### GetInitramfsOk - -`func (o *VmConfig) GetInitramfsOk() (*InitramfsConfig, bool)` - -GetInitramfsOk returns a tuple with the Initramfs field if it's non-nil, zero value otherwise -and a boolean to check if the value has been set. - -### SetInitramfs - -`func (o *VmConfig) SetInitramfs(v InitramfsConfig)` - -SetInitramfs sets Initramfs field to given value. - -### HasInitramfs - -`func (o *VmConfig) HasInitramfs() bool` - -HasInitramfs returns a boolean if a field has been set. - -### SetInitramfsNil - -`func (o *VmConfig) SetInitramfsNil(b bool)` - - SetInitramfsNil sets the value for Initramfs to be an explicit nil - -### UnsetInitramfs -`func (o *VmConfig) UnsetInitramfs()` - -UnsetInitramfs ensures that no value is present for Initramfs, not even an explicit nil -### GetCmdline - -`func (o *VmConfig) GetCmdline() CmdLineConfig` - -GetCmdline returns the Cmdline field if non-nil, zero value otherwise. - -### GetCmdlineOk - -`func (o *VmConfig) GetCmdlineOk() (*CmdLineConfig, bool)` - -GetCmdlineOk returns a tuple with the Cmdline field if it's non-nil, zero value otherwise -and a boolean to check if the value has been set. - -### SetCmdline - -`func (o *VmConfig) SetCmdline(v CmdLineConfig)` - -SetCmdline sets Cmdline field to given value. - -### HasCmdline - -`func (o *VmConfig) HasCmdline() bool` - -HasCmdline returns a boolean if a field has been set. - ### GetDisks `func (o *VmConfig) GetDisks() []DiskConfig` diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_cmd_line_config.go b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_cmd_line_config.go deleted file mode 100644 index fb270a138..000000000 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_cmd_line_config.go +++ /dev/null @@ -1,106 +0,0 @@ -/* -Cloud Hypervisor API - -Local HTTP based API for managing and inspecting a cloud-hypervisor virtual machine. - -API version: 0.3.0 -*/ - -// Code generated by OpenAPI Generator (https://openapi-generator.tech); DO NOT EDIT. - -package openapi - -import ( - "encoding/json" -) - -// CmdLineConfig struct for CmdLineConfig -type CmdLineConfig struct { - Args string `json:"args"` -} - -// NewCmdLineConfig instantiates a new CmdLineConfig object -// This constructor will assign default values to properties that have it defined, -// and makes sure properties required by API are set, but the set of arguments -// will change when the set of required properties is changed -func NewCmdLineConfig(args string) *CmdLineConfig { - this := CmdLineConfig{} - this.Args = args - return &this -} - -// NewCmdLineConfigWithDefaults instantiates a new CmdLineConfig object -// This constructor will only assign default values to properties that have it defined, -// but it doesn't guarantee that properties required by API are set -func NewCmdLineConfigWithDefaults() *CmdLineConfig { - this := CmdLineConfig{} - return &this -} - -// GetArgs returns the Args field value -func (o *CmdLineConfig) GetArgs() string { - if o == nil { - var ret string - return ret - } - - return o.Args -} - -// GetArgsOk returns a tuple with the Args field value -// and a boolean to check if the value has been set. -func (o *CmdLineConfig) GetArgsOk() (*string, bool) { - if o == nil { - return nil, false - } - return &o.Args, true -} - -// SetArgs sets field value -func (o *CmdLineConfig) SetArgs(v string) { - o.Args = v -} - -func (o CmdLineConfig) MarshalJSON() ([]byte, error) { - toSerialize := map[string]interface{}{} - if true { - toSerialize["args"] = o.Args - } - return json.Marshal(toSerialize) -} - -type NullableCmdLineConfig struct { - value *CmdLineConfig - isSet bool -} - -func (v NullableCmdLineConfig) Get() *CmdLineConfig { - return v.value -} - -func (v *NullableCmdLineConfig) Set(val *CmdLineConfig) { - v.value = val - v.isSet = true -} - -func (v NullableCmdLineConfig) IsSet() bool { - return v.isSet -} - -func (v *NullableCmdLineConfig) Unset() { - v.value = nil - v.isSet = false -} - -func NewNullableCmdLineConfig(val *CmdLineConfig) *NullableCmdLineConfig { - return &NullableCmdLineConfig{value: val, isSet: true} -} - -func (v NullableCmdLineConfig) MarshalJSON() ([]byte, error) { - return json.Marshal(v.value) -} - -func (v *NullableCmdLineConfig) UnmarshalJSON(src []byte) error { - v.isSet = true - return json.Unmarshal(src, &v.value) -} diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_disk_config.go b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_disk_config.go index eb3a7245e..c8964881b 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_disk_config.go +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_disk_config.go @@ -24,7 +24,6 @@ type DiskConfig struct { QueueSize *int32 `json:"queue_size,omitempty"` VhostUser *bool `json:"vhost_user,omitempty"` VhostSocket *string `json:"vhost_socket,omitempty"` - PollQueue *bool `json:"poll_queue,omitempty"` RateLimiterConfig *RateLimiterConfig `json:"rate_limiter_config,omitempty"` PciSegment *int32 `json:"pci_segment,omitempty"` Id *string `json:"id,omitempty"` @@ -49,8 +48,6 @@ func NewDiskConfig(path string) *DiskConfig { this.QueueSize = &queueSize var vhostUser bool = false this.VhostUser = &vhostUser - var pollQueue bool = true - this.PollQueue = &pollQueue return &this } @@ -71,8 +68,6 @@ func NewDiskConfigWithDefaults() *DiskConfig { this.QueueSize = &queueSize var vhostUser bool = false this.VhostUser = &vhostUser - var pollQueue bool = true - this.PollQueue = &pollQueue return &this } @@ -324,38 +319,6 @@ func (o *DiskConfig) SetVhostSocket(v string) { o.VhostSocket = &v } -// GetPollQueue returns the PollQueue field value if set, zero value otherwise. -func (o *DiskConfig) GetPollQueue() bool { - if o == nil || o.PollQueue == nil { - var ret bool - return ret - } - return *o.PollQueue -} - -// GetPollQueueOk returns a tuple with the PollQueue field value if set, nil otherwise -// and a boolean to check if the value has been set. -func (o *DiskConfig) GetPollQueueOk() (*bool, bool) { - if o == nil || o.PollQueue == nil { - return nil, false - } - return o.PollQueue, true -} - -// HasPollQueue returns a boolean if a field has been set. -func (o *DiskConfig) HasPollQueue() bool { - if o != nil && o.PollQueue != nil { - return true - } - - return false -} - -// SetPollQueue gets a reference to the given bool and assigns it to the PollQueue field. -func (o *DiskConfig) SetPollQueue(v bool) { - o.PollQueue = &v -} - // GetRateLimiterConfig returns the RateLimiterConfig field value if set, zero value otherwise. func (o *DiskConfig) GetRateLimiterConfig() RateLimiterConfig { if o == nil || o.RateLimiterConfig == nil { @@ -478,9 +441,6 @@ func (o DiskConfig) MarshalJSON() ([]byte, error) { if o.VhostSocket != nil { toSerialize["vhost_socket"] = o.VhostSocket } - if o.PollQueue != nil { - toSerialize["poll_queue"] = o.PollQueue - } if o.RateLimiterConfig != nil { toSerialize["rate_limiter_config"] = o.RateLimiterConfig } diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_initramfs_config.go b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_initramfs_config.go deleted file mode 100644 index ac6e2ba9a..000000000 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_initramfs_config.go +++ /dev/null @@ -1,106 +0,0 @@ -/* -Cloud Hypervisor API - -Local HTTP based API for managing and inspecting a cloud-hypervisor virtual machine. - -API version: 0.3.0 -*/ - -// Code generated by OpenAPI Generator (https://openapi-generator.tech); DO NOT EDIT. - -package openapi - -import ( - "encoding/json" -) - -// InitramfsConfig struct for InitramfsConfig -type InitramfsConfig struct { - Path string `json:"path"` -} - -// NewInitramfsConfig instantiates a new InitramfsConfig object -// This constructor will assign default values to properties that have it defined, -// and makes sure properties required by API are set, but the set of arguments -// will change when the set of required properties is changed -func NewInitramfsConfig(path string) *InitramfsConfig { - this := InitramfsConfig{} - this.Path = path - return &this -} - -// NewInitramfsConfigWithDefaults instantiates a new InitramfsConfig object -// This constructor will only assign default values to properties that have it defined, -// but it doesn't guarantee that properties required by API are set -func NewInitramfsConfigWithDefaults() *InitramfsConfig { - this := InitramfsConfig{} - return &this -} - -// GetPath returns the Path field value -func (o *InitramfsConfig) GetPath() string { - if o == nil { - var ret string - return ret - } - - return o.Path -} - -// GetPathOk returns a tuple with the Path field value -// and a boolean to check if the value has been set. -func (o *InitramfsConfig) GetPathOk() (*string, bool) { - if o == nil { - return nil, false - } - return &o.Path, true -} - -// SetPath sets field value -func (o *InitramfsConfig) SetPath(v string) { - o.Path = v -} - -func (o InitramfsConfig) MarshalJSON() ([]byte, error) { - toSerialize := map[string]interface{}{} - if true { - toSerialize["path"] = o.Path - } - return json.Marshal(toSerialize) -} - -type NullableInitramfsConfig struct { - value *InitramfsConfig - isSet bool -} - -func (v NullableInitramfsConfig) Get() *InitramfsConfig { - return v.value -} - -func (v *NullableInitramfsConfig) Set(val *InitramfsConfig) { - v.value = val - v.isSet = true -} - -func (v NullableInitramfsConfig) IsSet() bool { - return v.isSet -} - -func (v *NullableInitramfsConfig) Unset() { - v.value = nil - v.isSet = false -} - -func NewNullableInitramfsConfig(val *InitramfsConfig) *NullableInitramfsConfig { - return &NullableInitramfsConfig{value: val, isSet: true} -} - -func (v NullableInitramfsConfig) MarshalJSON() ([]byte, error) { - return json.Marshal(v.value) -} - -func (v *NullableInitramfsConfig) UnmarshalJSON(src []byte) error { - v.isSet = true - return json.Unmarshal(src, &v.value) -} diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_kernel_config.go b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_kernel_config.go deleted file mode 100644 index 8ef0e5fdf..000000000 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_kernel_config.go +++ /dev/null @@ -1,106 +0,0 @@ -/* -Cloud Hypervisor API - -Local HTTP based API for managing and inspecting a cloud-hypervisor virtual machine. - -API version: 0.3.0 -*/ - -// Code generated by OpenAPI Generator (https://openapi-generator.tech); DO NOT EDIT. - -package openapi - -import ( - "encoding/json" -) - -// KernelConfig struct for KernelConfig -type KernelConfig struct { - Path string `json:"path"` -} - -// NewKernelConfig instantiates a new KernelConfig object -// This constructor will assign default values to properties that have it defined, -// and makes sure properties required by API are set, but the set of arguments -// will change when the set of required properties is changed -func NewKernelConfig(path string) *KernelConfig { - this := KernelConfig{} - this.Path = path - return &this -} - -// NewKernelConfigWithDefaults instantiates a new KernelConfig object -// This constructor will only assign default values to properties that have it defined, -// but it doesn't guarantee that properties required by API are set -func NewKernelConfigWithDefaults() *KernelConfig { - this := KernelConfig{} - return &this -} - -// GetPath returns the Path field value -func (o *KernelConfig) GetPath() string { - if o == nil { - var ret string - return ret - } - - return o.Path -} - -// GetPathOk returns a tuple with the Path field value -// and a boolean to check if the value has been set. -func (o *KernelConfig) GetPathOk() (*string, bool) { - if o == nil { - return nil, false - } - return &o.Path, true -} - -// SetPath sets field value -func (o *KernelConfig) SetPath(v string) { - o.Path = v -} - -func (o KernelConfig) MarshalJSON() ([]byte, error) { - toSerialize := map[string]interface{}{} - if true { - toSerialize["path"] = o.Path - } - return json.Marshal(toSerialize) -} - -type NullableKernelConfig struct { - value *KernelConfig - isSet bool -} - -func (v NullableKernelConfig) Get() *KernelConfig { - return v.value -} - -func (v *NullableKernelConfig) Set(val *KernelConfig) { - v.value = val - v.isSet = true -} - -func (v NullableKernelConfig) IsSet() bool { - return v.isSet -} - -func (v *NullableKernelConfig) Unset() { - v.value = nil - v.isSet = false -} - -func NewNullableKernelConfig(val *KernelConfig) *NullableKernelConfig { - return &NullableKernelConfig{value: val, isSet: true} -} - -func (v NullableKernelConfig) MarshalJSON() ([]byte, error) { - return json.Marshal(v.value) -} - -func (v *NullableKernelConfig) UnmarshalJSON(src []byte) error { - v.isSet = true - return json.Unmarshal(src, &v.value) -} diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_payload_config.go b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_payload_config.go new file mode 100644 index 000000000..04abb6a3e --- /dev/null +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_payload_config.go @@ -0,0 +1,185 @@ +/* +Cloud Hypervisor API + +Local HTTP based API for managing and inspecting a cloud-hypervisor virtual machine. + +API version: 0.3.0 +*/ + +// Code generated by OpenAPI Generator (https://openapi-generator.tech); DO NOT EDIT. + +package openapi + +import ( + "encoding/json" +) + +// PayloadConfig Payloads to boot in guest +type PayloadConfig struct { + Kernel *string `json:"kernel,omitempty"` + Cmdline *string `json:"cmdline,omitempty"` + Initramfs *string `json:"initramfs,omitempty"` +} + +// NewPayloadConfig instantiates a new PayloadConfig object +// This constructor will assign default values to properties that have it defined, +// and makes sure properties required by API are set, but the set of arguments +// will change when the set of required properties is changed +func NewPayloadConfig() *PayloadConfig { + this := PayloadConfig{} + return &this +} + +// NewPayloadConfigWithDefaults instantiates a new PayloadConfig object +// This constructor will only assign default values to properties that have it defined, +// but it doesn't guarantee that properties required by API are set +func NewPayloadConfigWithDefaults() *PayloadConfig { + this := PayloadConfig{} + return &this +} + +// GetKernel returns the Kernel field value if set, zero value otherwise. +func (o *PayloadConfig) GetKernel() string { + if o == nil || o.Kernel == nil { + var ret string + return ret + } + return *o.Kernel +} + +// GetKernelOk returns a tuple with the Kernel field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *PayloadConfig) GetKernelOk() (*string, bool) { + if o == nil || o.Kernel == nil { + return nil, false + } + return o.Kernel, true +} + +// HasKernel returns a boolean if a field has been set. +func (o *PayloadConfig) HasKernel() bool { + if o != nil && o.Kernel != nil { + return true + } + + return false +} + +// SetKernel gets a reference to the given string and assigns it to the Kernel field. +func (o *PayloadConfig) SetKernel(v string) { + o.Kernel = &v +} + +// GetCmdline returns the Cmdline field value if set, zero value otherwise. +func (o *PayloadConfig) GetCmdline() string { + if o == nil || o.Cmdline == nil { + var ret string + return ret + } + return *o.Cmdline +} + +// GetCmdlineOk returns a tuple with the Cmdline field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *PayloadConfig) GetCmdlineOk() (*string, bool) { + if o == nil || o.Cmdline == nil { + return nil, false + } + return o.Cmdline, true +} + +// HasCmdline returns a boolean if a field has been set. +func (o *PayloadConfig) HasCmdline() bool { + if o != nil && o.Cmdline != nil { + return true + } + + return false +} + +// SetCmdline gets a reference to the given string and assigns it to the Cmdline field. +func (o *PayloadConfig) SetCmdline(v string) { + o.Cmdline = &v +} + +// GetInitramfs returns the Initramfs field value if set, zero value otherwise. +func (o *PayloadConfig) GetInitramfs() string { + if o == nil || o.Initramfs == nil { + var ret string + return ret + } + return *o.Initramfs +} + +// GetInitramfsOk returns a tuple with the Initramfs field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *PayloadConfig) GetInitramfsOk() (*string, bool) { + if o == nil || o.Initramfs == nil { + return nil, false + } + return o.Initramfs, true +} + +// HasInitramfs returns a boolean if a field has been set. +func (o *PayloadConfig) HasInitramfs() bool { + if o != nil && o.Initramfs != nil { + return true + } + + return false +} + +// SetInitramfs gets a reference to the given string and assigns it to the Initramfs field. +func (o *PayloadConfig) SetInitramfs(v string) { + o.Initramfs = &v +} + +func (o PayloadConfig) MarshalJSON() ([]byte, error) { + toSerialize := map[string]interface{}{} + if o.Kernel != nil { + toSerialize["kernel"] = o.Kernel + } + if o.Cmdline != nil { + toSerialize["cmdline"] = o.Cmdline + } + if o.Initramfs != nil { + toSerialize["initramfs"] = o.Initramfs + } + return json.Marshal(toSerialize) +} + +type NullablePayloadConfig struct { + value *PayloadConfig + isSet bool +} + +func (v NullablePayloadConfig) Get() *PayloadConfig { + return v.value +} + +func (v *NullablePayloadConfig) Set(val *PayloadConfig) { + v.value = val + v.isSet = true +} + +func (v NullablePayloadConfig) IsSet() bool { + return v.isSet +} + +func (v *NullablePayloadConfig) Unset() { + v.value = nil + v.isSet = false +} + +func NewNullablePayloadConfig(val *PayloadConfig) *NullablePayloadConfig { + return &NullablePayloadConfig{value: val, isSet: true} +} + +func (v NullablePayloadConfig) MarshalJSON() ([]byte, error) { + return json.Marshal(v.value) +} + +func (v *NullablePayloadConfig) UnmarshalJSON(src []byte) error { + v.isSet = true + return json.Unmarshal(src, &v.value) +} diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_platform_config.go b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_platform_config.go index 17e8827f8..250493a6b 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_platform_config.go +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_platform_config.go @@ -16,9 +16,11 @@ import ( // PlatformConfig struct for PlatformConfig type PlatformConfig struct { - NumPciSegments *int32 `json:"num_pci_segments,omitempty"` - IommuSegments *[]int32 `json:"iommu_segments,omitempty"` - SerialNumber *string `json:"serial_number,omitempty"` + NumPciSegments *int32 `json:"num_pci_segments,omitempty"` + IommuSegments *[]int32 `json:"iommu_segments,omitempty"` + SerialNumber *string `json:"serial_number,omitempty"` + Uuid *string `json:"uuid,omitempty"` + OemStrings *[]string `json:"oem_strings,omitempty"` } // NewPlatformConfig instantiates a new PlatformConfig object @@ -134,6 +136,70 @@ func (o *PlatformConfig) SetSerialNumber(v string) { o.SerialNumber = &v } +// GetUuid returns the Uuid field value if set, zero value otherwise. +func (o *PlatformConfig) GetUuid() string { + if o == nil || o.Uuid == nil { + var ret string + return ret + } + return *o.Uuid +} + +// GetUuidOk returns a tuple with the Uuid field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *PlatformConfig) GetUuidOk() (*string, bool) { + if o == nil || o.Uuid == nil { + return nil, false + } + return o.Uuid, true +} + +// HasUuid returns a boolean if a field has been set. +func (o *PlatformConfig) HasUuid() bool { + if o != nil && o.Uuid != nil { + return true + } + + return false +} + +// SetUuid gets a reference to the given string and assigns it to the Uuid field. +func (o *PlatformConfig) SetUuid(v string) { + o.Uuid = &v +} + +// GetOemStrings returns the OemStrings field value if set, zero value otherwise. +func (o *PlatformConfig) GetOemStrings() []string { + if o == nil || o.OemStrings == nil { + var ret []string + return ret + } + return *o.OemStrings +} + +// GetOemStringsOk returns a tuple with the OemStrings field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *PlatformConfig) GetOemStringsOk() (*[]string, bool) { + if o == nil || o.OemStrings == nil { + return nil, false + } + return o.OemStrings, true +} + +// HasOemStrings returns a boolean if a field has been set. +func (o *PlatformConfig) HasOemStrings() bool { + if o != nil && o.OemStrings != nil { + return true + } + + return false +} + +// SetOemStrings gets a reference to the given []string and assigns it to the OemStrings field. +func (o *PlatformConfig) SetOemStrings(v []string) { + o.OemStrings = &v +} + func (o PlatformConfig) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} if o.NumPciSegments != nil { @@ -145,6 +211,12 @@ func (o PlatformConfig) MarshalJSON() ([]byte, error) { if o.SerialNumber != nil { toSerialize["serial_number"] = o.SerialNumber } + if o.Uuid != nil { + toSerialize["uuid"] = o.Uuid + } + if o.OemStrings != nil { + toSerialize["oem_strings"] = o.OemStrings + } return json.Marshal(toSerialize) } diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_vm_config.go b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_vm_config.go index c4ad07fb0..f48f92b3c 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_vm_config.go +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_vm_config.go @@ -16,37 +16,35 @@ import ( // VmConfig Virtual machine configuration type VmConfig struct { - Cpus *CpusConfig `json:"cpus,omitempty"` - Memory *MemoryConfig `json:"memory,omitempty"` - Kernel KernelConfig `json:"kernel"` - Initramfs NullableInitramfsConfig `json:"initramfs,omitempty"` - Cmdline *CmdLineConfig `json:"cmdline,omitempty"` - Disks *[]DiskConfig `json:"disks,omitempty"` - Net *[]NetConfig `json:"net,omitempty"` - Rng *RngConfig `json:"rng,omitempty"` - Balloon *BalloonConfig `json:"balloon,omitempty"` - Fs *[]FsConfig `json:"fs,omitempty"` - Pmem *[]PmemConfig `json:"pmem,omitempty"` - Serial *ConsoleConfig `json:"serial,omitempty"` - Console *ConsoleConfig `json:"console,omitempty"` - Devices *[]DeviceConfig `json:"devices,omitempty"` - Vdpa *[]VdpaConfig `json:"vdpa,omitempty"` - Vsock *VsockConfig `json:"vsock,omitempty"` - SgxEpc *[]SgxEpcConfig `json:"sgx_epc,omitempty"` - Tdx *TdxConfig `json:"tdx,omitempty"` - Numa *[]NumaConfig `json:"numa,omitempty"` - Iommu *bool `json:"iommu,omitempty"` - Watchdog *bool `json:"watchdog,omitempty"` - Platform *PlatformConfig `json:"platform,omitempty"` + Cpus *CpusConfig `json:"cpus,omitempty"` + Memory *MemoryConfig `json:"memory,omitempty"` + Payload PayloadConfig `json:"payload"` + Disks *[]DiskConfig `json:"disks,omitempty"` + Net *[]NetConfig `json:"net,omitempty"` + Rng *RngConfig `json:"rng,omitempty"` + Balloon *BalloonConfig `json:"balloon,omitempty"` + Fs *[]FsConfig `json:"fs,omitempty"` + Pmem *[]PmemConfig `json:"pmem,omitempty"` + Serial *ConsoleConfig `json:"serial,omitempty"` + Console *ConsoleConfig `json:"console,omitempty"` + Devices *[]DeviceConfig `json:"devices,omitempty"` + Vdpa *[]VdpaConfig `json:"vdpa,omitempty"` + Vsock *VsockConfig `json:"vsock,omitempty"` + SgxEpc *[]SgxEpcConfig `json:"sgx_epc,omitempty"` + Tdx *TdxConfig `json:"tdx,omitempty"` + Numa *[]NumaConfig `json:"numa,omitempty"` + Iommu *bool `json:"iommu,omitempty"` + Watchdog *bool `json:"watchdog,omitempty"` + Platform *PlatformConfig `json:"platform,omitempty"` } // NewVmConfig instantiates a new VmConfig object // This constructor will assign default values to properties that have it defined, // and makes sure properties required by API are set, but the set of arguments // will change when the set of required properties is changed -func NewVmConfig(kernel KernelConfig) *VmConfig { +func NewVmConfig(payload PayloadConfig) *VmConfig { this := VmConfig{} - this.Kernel = kernel + this.Payload = payload var iommu bool = false this.Iommu = &iommu var watchdog bool = false @@ -130,103 +128,28 @@ func (o *VmConfig) SetMemory(v MemoryConfig) { o.Memory = &v } -// GetKernel returns the Kernel field value -func (o *VmConfig) GetKernel() KernelConfig { +// GetPayload returns the Payload field value +func (o *VmConfig) GetPayload() PayloadConfig { if o == nil { - var ret KernelConfig + var ret PayloadConfig return ret } - return o.Kernel + return o.Payload } -// GetKernelOk returns a tuple with the Kernel field value +// GetPayloadOk returns a tuple with the Payload field value // and a boolean to check if the value has been set. -func (o *VmConfig) GetKernelOk() (*KernelConfig, bool) { +func (o *VmConfig) GetPayloadOk() (*PayloadConfig, bool) { if o == nil { return nil, false } - return &o.Kernel, true + return &o.Payload, true } -// SetKernel sets field value -func (o *VmConfig) SetKernel(v KernelConfig) { - o.Kernel = v -} - -// GetInitramfs returns the Initramfs field value if set, zero value otherwise (both if not set or set to explicit null). -func (o *VmConfig) GetInitramfs() InitramfsConfig { - if o == nil || o.Initramfs.Get() == nil { - var ret InitramfsConfig - return ret - } - return *o.Initramfs.Get() -} - -// GetInitramfsOk returns a tuple with the Initramfs field value if set, nil otherwise -// and a boolean to check if the value has been set. -// NOTE: If the value is an explicit nil, `nil, true` will be returned -func (o *VmConfig) GetInitramfsOk() (*InitramfsConfig, bool) { - if o == nil { - return nil, false - } - return o.Initramfs.Get(), o.Initramfs.IsSet() -} - -// HasInitramfs returns a boolean if a field has been set. -func (o *VmConfig) HasInitramfs() bool { - if o != nil && o.Initramfs.IsSet() { - return true - } - - return false -} - -// SetInitramfs gets a reference to the given NullableInitramfsConfig and assigns it to the Initramfs field. -func (o *VmConfig) SetInitramfs(v InitramfsConfig) { - o.Initramfs.Set(&v) -} - -// SetInitramfsNil sets the value for Initramfs to be an explicit nil -func (o *VmConfig) SetInitramfsNil() { - o.Initramfs.Set(nil) -} - -// UnsetInitramfs ensures that no value is present for Initramfs, not even an explicit nil -func (o *VmConfig) UnsetInitramfs() { - o.Initramfs.Unset() -} - -// GetCmdline returns the Cmdline field value if set, zero value otherwise. -func (o *VmConfig) GetCmdline() CmdLineConfig { - if o == nil || o.Cmdline == nil { - var ret CmdLineConfig - return ret - } - return *o.Cmdline -} - -// GetCmdlineOk returns a tuple with the Cmdline field value if set, nil otherwise -// and a boolean to check if the value has been set. -func (o *VmConfig) GetCmdlineOk() (*CmdLineConfig, bool) { - if o == nil || o.Cmdline == nil { - return nil, false - } - return o.Cmdline, true -} - -// HasCmdline returns a boolean if a field has been set. -func (o *VmConfig) HasCmdline() bool { - if o != nil && o.Cmdline != nil { - return true - } - - return false -} - -// SetCmdline gets a reference to the given CmdLineConfig and assigns it to the Cmdline field. -func (o *VmConfig) SetCmdline(v CmdLineConfig) { - o.Cmdline = &v +// SetPayload sets field value +func (o *VmConfig) SetPayload(v PayloadConfig) { + o.Payload = v } // GetDisks returns the Disks field value if set, zero value otherwise. @@ -782,13 +705,7 @@ func (o VmConfig) MarshalJSON() ([]byte, error) { toSerialize["memory"] = o.Memory } if true { - toSerialize["kernel"] = o.Kernel - } - if o.Initramfs.IsSet() { - toSerialize["initramfs"] = o.Initramfs.Get() - } - if o.Cmdline != nil { - toSerialize["cmdline"] = o.Cmdline + toSerialize["payload"] = o.Payload } if o.Disks != nil { toSerialize["disks"] = o.Disks diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/cloud-hypervisor.yaml b/src/runtime/virtcontainers/pkg/cloud-hypervisor/cloud-hypervisor.yaml index 705293f1f..029b4cf08 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/cloud-hypervisor.yaml +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/cloud-hypervisor.yaml @@ -8,10 +8,9 @@ info: version: 0.3.0 servers: -- url: http://localhost/api/v1 + - url: http://localhost/api/v1 paths: - /vmm.ping: get: summary: Ping the VMM to check for API server availability @@ -21,7 +20,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmmPingResponse' + $ref: "#/components/schemas/VmmPingResponse" /vmm.shutdown: put: @@ -40,7 +39,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmInfo' + $ref: "#/components/schemas/VmInfo" /vm.counters: get: @@ -51,7 +50,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmCounters' + $ref: "#/components/schemas/VmCounters" /vm.create: put: @@ -62,7 +61,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmConfig' + $ref: "#/components/schemas/VmConfig" required: true responses: 204: @@ -154,7 +153,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmResize' + $ref: "#/components/schemas/VmResize" required: true responses: 204: @@ -170,7 +169,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmResizeZone' + $ref: "#/components/schemas/VmResizeZone" required: true responses: 204: @@ -186,7 +185,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmAddDevice' + $ref: "#/components/schemas/VmAddDevice" required: true responses: 200: @@ -194,7 +193,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PciDeviceInfo' + $ref: "#/components/schemas/PciDeviceInfo" 204: description: The new device was successfully (cold) added to the VM instance. 404: @@ -208,7 +207,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmRemoveDevice' + $ref: "#/components/schemas/VmRemoveDevice" required: true responses: 204: @@ -224,7 +223,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/DiskConfig' + $ref: "#/components/schemas/DiskConfig" required: true responses: 200: @@ -232,7 +231,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PciDeviceInfo' + $ref: "#/components/schemas/PciDeviceInfo" 204: description: The new disk was successfully (cold) added to the VM instance. 500: @@ -246,7 +245,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/FsConfig' + $ref: "#/components/schemas/FsConfig" required: true responses: 200: @@ -254,7 +253,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PciDeviceInfo' + $ref: "#/components/schemas/PciDeviceInfo" 204: description: The new device was successfully (cold) added to the VM instance. 500: @@ -268,7 +267,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PmemConfig' + $ref: "#/components/schemas/PmemConfig" required: true responses: 200: @@ -276,7 +275,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PciDeviceInfo' + $ref: "#/components/schemas/PciDeviceInfo" 204: description: The new device was successfully (cold) added to the VM instance. 500: @@ -290,7 +289,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/NetConfig' + $ref: "#/components/schemas/NetConfig" required: true responses: 200: @@ -298,7 +297,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PciDeviceInfo' + $ref: "#/components/schemas/PciDeviceInfo" 204: description: The new device was successfully (cold) added to the VM instance. 500: @@ -312,7 +311,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VsockConfig' + $ref: "#/components/schemas/VsockConfig" required: true responses: 200: @@ -320,12 +319,12 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PciDeviceInfo' + $ref: "#/components/schemas/PciDeviceInfo" 204: description: The new device was successfully (cold) added to the VM instance. 500: description: The new device could not be added to the VM instance. - + /vm.add-vdpa: put: summary: Add a new vDPA device to the VM @@ -334,7 +333,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VdpaConfig' + $ref: "#/components/schemas/VdpaConfig" required: true responses: 200: @@ -342,7 +341,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/PciDeviceInfo' + $ref: "#/components/schemas/PciDeviceInfo" 204: description: The new vDPA device was successfully (cold) added to the VM instance. 500: @@ -356,7 +355,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmSnapshotConfig' + $ref: "#/components/schemas/VmSnapshotConfig" required: true responses: 204: @@ -374,7 +373,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmCoredumpData' + $ref: "#/components/schemas/VmCoredumpData" required: true responses: 204: @@ -392,7 +391,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RestoreConfig' + $ref: "#/components/schemas/RestoreConfig" required: true responses: 204: @@ -408,7 +407,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ReceiveMigrationData' + $ref: "#/components/schemas/ReceiveMigrationData" required: true responses: 204: @@ -424,7 +423,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SendMigrationData' + $ref: "#/components/schemas/SendMigrationData" required: true responses: 204: @@ -434,10 +433,9 @@ paths: components: schemas: - VmmPingResponse: required: - - version + - version type: object properties: version: @@ -446,12 +444,12 @@ components: VmInfo: required: - - config - - state + - config + - state type: object properties: config: - $ref: '#/components/schemas/VmConfig' + $ref: "#/components/schemas/VmConfig" state: type: string enum: [Created, Running, Shutdown, Paused] @@ -461,7 +459,7 @@ components: device_tree: type: object additionalProperties: - $ref: '#/components/schemas/DeviceNode' + $ref: "#/components/schemas/DeviceNode" description: Virtual Machine information DeviceNode: @@ -491,8 +489,8 @@ components: PciDeviceInfo: required: - - id - - bdf + - id + - bdf type: object properties: id: @@ -501,65 +499,72 @@ components: type: string description: Information about a PCI device + PayloadConfig: + type: object + properties: + kernel: + type: string + cmdline: + type: string + initramfs: + type: string + description: Payloads to boot in guest + VmConfig: required: - - kernel + - payload type: object properties: cpus: - $ref: '#/components/schemas/CpusConfig' + $ref: "#/components/schemas/CpusConfig" memory: - $ref: '#/components/schemas/MemoryConfig' - kernel: - $ref: '#/components/schemas/KernelConfig' - initramfs: - $ref: '#/components/schemas/InitramfsConfig' - cmdline: - $ref: '#/components/schemas/CmdLineConfig' + $ref: "#/components/schemas/MemoryConfig" + payload: + $ref: "#/components/schemas/PayloadConfig" disks: type: array items: - $ref: '#/components/schemas/DiskConfig' + $ref: "#/components/schemas/DiskConfig" net: type: array items: - $ref: '#/components/schemas/NetConfig' + $ref: "#/components/schemas/NetConfig" rng: - $ref: '#/components/schemas/RngConfig' + $ref: "#/components/schemas/RngConfig" balloon: - $ref: '#/components/schemas/BalloonConfig' + $ref: "#/components/schemas/BalloonConfig" fs: type: array items: - $ref: '#/components/schemas/FsConfig' + $ref: "#/components/schemas/FsConfig" pmem: type: array items: - $ref: '#/components/schemas/PmemConfig' + $ref: "#/components/schemas/PmemConfig" serial: - $ref: '#/components/schemas/ConsoleConfig' + $ref: "#/components/schemas/ConsoleConfig" console: - $ref: '#/components/schemas/ConsoleConfig' + $ref: "#/components/schemas/ConsoleConfig" devices: type: array items: - $ref: '#/components/schemas/DeviceConfig' + $ref: "#/components/schemas/DeviceConfig" vdpa: type: array items: - $ref: '#/components/schemas/VdpaConfig' + $ref: "#/components/schemas/VdpaConfig" vsock: - $ref: '#/components/schemas/VsockConfig' + $ref: "#/components/schemas/VsockConfig" sgx_epc: type: array items: - $ref: '#/components/schemas/SgxEpcConfig' + $ref: "#/components/schemas/SgxEpcConfig" tdx: - $ref: '#/components/schemas/TdxConfig' + $ref: "#/components/schemas/TdxConfig" numa: type: array items: - $ref: '#/components/schemas/NumaConfig' + $ref: "#/components/schemas/NumaConfig" iommu: type: boolean default: false @@ -567,7 +572,7 @@ components: type: boolean default: false platform: - $ref: '#/components/schemas/PlatformConfig' + $ref: "#/components/schemas/PlatformConfig" description: Virtual machine configuration CpuAffinity: @@ -600,8 +605,8 @@ components: CpusConfig: required: - - boot_vcpus - - max_vcpus + - boot_vcpus + - max_vcpus type: object properties: boot_vcpus: @@ -613,7 +618,7 @@ components: default: 1 type: integer topology: - $ref: '#/components/schemas/CpuTopology' + $ref: "#/components/schemas/CpuTopology" kvm_hyperv: type: boolean default: false @@ -622,9 +627,9 @@ components: affinity: type: array items: - $ref: '#/components/schemas/CpuAffinity' + $ref: "#/components/schemas/CpuAffinity" features: - $ref: '#/components/schemas/CpuFeatures' + $ref: "#/components/schemas/CpuFeatures" PlatformConfig: type: object @@ -639,11 +644,17 @@ components: format: int16 serial_number: type: string + uuid: + type: string + oem_strings: + type: array + items: + type: string MemoryZoneConfig: required: - - id - - size + - id + - size type: object properties: id: @@ -681,7 +692,7 @@ components: MemoryConfig: required: - - size + - size type: object properties: size: @@ -715,37 +726,12 @@ components: zones: type: array items: - $ref: '#/components/schemas/MemoryZoneConfig' - - KernelConfig: - required: - - path - type: object - properties: - path: - type: string - - InitramfsConfig: - nullable: true - required: - - path - type: object - properties: - path: - type: string - - CmdLineConfig: - required: - - args - type: object - properties: - args: - type: string + $ref: "#/components/schemas/MemoryZoneConfig" TokenBucket: required: - - size - - refill_time + - size + - refill_time type: object properties: size: @@ -777,16 +763,16 @@ components: type: object properties: bandwidth: - $ref: '#/components/schemas/TokenBucket' + $ref: "#/components/schemas/TokenBucket" ops: - $ref: '#/components/schemas/TokenBucket' + $ref: "#/components/schemas/TokenBucket" description: Defines an IO rate limiter with independent bytes/s and ops/s limits. Limits are defined by configuring each of the _bandwidth_ and _ops_ token buckets. DiskConfig: required: - - path + - path type: object properties: path: @@ -811,11 +797,8 @@ components: default: false vhost_socket: type: string - poll_queue: - type: boolean - default: true rate_limiter_config: - $ref: '#/components/schemas/RateLimiterConfig' + $ref: "#/components/schemas/RateLimiterConfig" pci_segment: type: integer format: int16 @@ -858,11 +841,11 @@ components: type: integer format: int16 rate_limiter_config: - $ref: '#/components/schemas/RateLimiterConfig' + $ref: "#/components/schemas/RateLimiterConfig" RngConfig: required: - - src + - src type: object properties: src: @@ -874,7 +857,7 @@ components: BalloonConfig: required: - - size + - size type: object properties: size: @@ -891,10 +874,10 @@ components: FsConfig: required: - - num_queues - - queue_size - - socket - - tag + - num_queues + - queue_size + - socket + - tag type: object properties: tag: @@ -915,7 +898,7 @@ components: PmemConfig: required: - - file + - file type: object properties: file: @@ -937,7 +920,7 @@ components: ConsoleConfig: required: - - mode + - mode type: object properties: file: @@ -951,7 +934,7 @@ components: DeviceConfig: required: - - path + - path type: object properties: path: @@ -967,8 +950,8 @@ components: VdpaConfig: required: - - path - - num_queues + - path + - num_queues type: object properties: path: @@ -987,8 +970,8 @@ components: VsockConfig: required: - - cid - - socket + - cid + - socket type: object properties: cid: @@ -1010,8 +993,8 @@ components: SgxEpcConfig: required: - - id - - size + - id + - size type: object properties: id: @@ -1025,7 +1008,7 @@ components: TdxConfig: required: - - firmware + - firmware type: object properties: firmware: @@ -1034,8 +1017,8 @@ components: NumaDistance: required: - - destination - - distance + - destination + - distance type: object properties: destination: @@ -1047,7 +1030,7 @@ components: NumaConfig: required: - - guest_numa_id + - guest_numa_id type: object properties: guest_numa_id: @@ -1061,7 +1044,7 @@ components: distances: type: array items: - $ref: '#/components/schemas/NumaDistance' + $ref: "#/components/schemas/NumaDistance" memory_zones: type: array items: @@ -1127,7 +1110,7 @@ components: RestoreConfig: required: - - source_url + - source_url type: object properties: source_url: @@ -1137,7 +1120,7 @@ components: ReceiveMigrationData: required: - - receiver_url + - receiver_url type: object properties: receiver_url: @@ -1145,7 +1128,7 @@ components: SendMigrationData: required: - - destination_url + - destination_url type: object properties: destination_url: diff --git a/src/runtime/virtcontainers/qemu_amd64.go b/src/runtime/virtcontainers/qemu_amd64.go index c5c5cb63e..e9ccb0ed0 100644 --- a/src/runtime/virtcontainers/qemu_amd64.go +++ b/src/runtime/virtcontainers/qemu_amd64.go @@ -46,6 +46,8 @@ const ( defaultQemuMachineOptions = "accel=kvm,kernel_irqchip=on" + splitIrqChipMachineOptions = "accel=kvm,kernel_irqchip=split" + qmpMigrationWaitTimeout = 5 * time.Second sevAttestationGrpcTimeout = 10 * time.Second @@ -57,11 +59,6 @@ const ( sevAttestationSessionFileName = "session_file.b64" ) -var qemuPaths = map[string]string{ - QemuQ35: defaultQemuPath, - QemuMicrovm: defaultQemuPath, -} - var kernelParams = []Param{ {"tsc", "reliable"}, {"no_timer_check", ""}, @@ -117,7 +114,7 @@ func newQemuArch(config HypervisorConfig) (qemuArch, error) { // IOMMU and Guest Protection require a split IRQ controller for handling interrupts // otherwise QEMU won't be able to create the kernel irqchip if config.IOMMU || config.ConfidentialGuest { - mp.Options = "accel=kvm,kernel_irqchip=split" + mp.Options = splitIrqChipMachineOptions } if config.IOMMU { @@ -130,7 +127,7 @@ func newQemuArch(config HypervisorConfig) (qemuArch, error) { q := &qemuAmd64{ qemuArchBase: qemuArchBase{ qemuMachine: *mp, - qemuExePath: qemuPaths[machineType], + qemuExePath: defaultQemuPath, memoryOffset: config.MemOffset, kernelParamsNonDebug: kernelParamsNonDebug, kernelParamsDebug: kernelParamsDebug, @@ -188,19 +185,6 @@ func (q *qemuAmd64) bridges(number uint32) { q.Bridges = genericBridges(number, q.qemuMachine.Type) } -func (q *qemuAmd64) cpuModel() string { - cpuModel := defaultCPUModel - - // VMX is not migratable yet. - // issue: https://github.com/kata-containers/runtime/issues/1750 - if q.vmFactory { - hvLogger.WithField("subsystem", "qemuAmd64").Warn("VMX is not migratable yet: turning it off") - cpuModel += ",vmx=off" - } - - return cpuModel -} - func (q *qemuAmd64) memoryTopology(memoryMb, hostMemoryMb uint64, slots uint8) govmmQemu.Memory { return genericMemoryTopology(memoryMb, hostMemoryMb, slots, q.memoryOffset) } diff --git a/src/runtime/virtcontainers/qemu_amd64_test.go b/src/runtime/virtcontainers/qemu_amd64_test.go index df07e8cc4..be6332e86 100644 --- a/src/runtime/virtcontainers/qemu_amd64_test.go +++ b/src/runtime/virtcontainers/qemu_amd64_test.go @@ -86,7 +86,7 @@ func TestQemuAmd64CPUModel(t *testing.T) { base, ok := amd64.(*qemuAmd64) assert.True(ok) base.vmFactory = true - expectedOut = defaultCPUModel + ",vmx=off" + expectedOut = defaultCPUModel model = amd64.cpuModel() assert.Equal(expectedOut, model) } diff --git a/src/runtime/virtcontainers/qemu_ppc64le.go b/src/runtime/virtcontainers/qemu_ppc64le.go index 27bac3581..6e62551b6 100644 --- a/src/runtime/virtcontainers/qemu_ppc64le.go +++ b/src/runtime/virtcontainers/qemu_ppc64le.go @@ -114,10 +114,6 @@ func (q *qemuPPC64le) bridges(number uint32) { q.Bridges = genericBridges(number, q.qemuMachine.Type) } -func (q *qemuPPC64le) cpuModel() string { - return defaultCPUModel -} - func (q *qemuPPC64le) memoryTopology(memoryMb, hostMemoryMb uint64, slots uint8) govmmQemu.Memory { q.Logger().Debug("Aligning maxmem to multiples of 256MB. Assumption: Kernel Version >= 4.11") diff --git a/src/tools/runk/Cargo.lock b/src/tools/runk/Cargo.lock index 9a9ed7bc4..e78e58058 100644 --- a/src/tools/runk/Cargo.lock +++ b/src/tools/runk/Cargo.lock @@ -2,6 +2,12 @@ # It is not intended for manual editing. version = 3 +[[package]] +name = "adler" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" + [[package]] name = "aho-corasick" version = "0.7.18" @@ -111,13 +117,13 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "cgroups-rs" -version = "0.2.9" +version = "0.2.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cdae996d9638ba03253ffa1c93345a585974a97abbdeab9176c77922f3efc1e8" +checksum = "cf5525f2cf84d5113ab26bfb6474180eb63224b4b1e4be31ee87be4098f11399" dependencies = [ "libc", "log", - "nix", + "nix 0.24.2", "regex", ] @@ -174,6 +180,15 @@ dependencies = [ "os_str_bytes", ] +[[package]] +name = "crc32fast" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b540bd8bc810d3885c6ea91e2018302f68baba2129ab3e88f32389ee9370880d" +dependencies = [ + "cfg-if 1.0.0", +] + [[package]] name = "crossbeam-channel" version = "0.5.4" @@ -313,6 +328,16 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "37ab347416e802de484e4d03c7316c48f1ecb56574dfd4a46a80f173ce1de04d" +[[package]] +name = "flate2" +version = "1.0.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f82b0f4c27ad9f8bfd1f3208d882da2b09c301bc1c828fd3a00d0216d2fbbff6" +dependencies = [ + "crc32fast", + "miniz_oxide", +] + [[package]] name = "fnv" version = "1.0.7" @@ -438,6 +463,12 @@ dependencies = [ "libc", ] +[[package]] +name = "hex" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" + [[package]] name = "ident_case" version = "1.0.1" @@ -485,6 +516,12 @@ dependencies = [ "cfg-if 1.0.0", ] +[[package]] +name = "io-lifetimes" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24c3f4eff5495aee4c0399d7b6a0dc2b6e81be84242ffbfcf253ebacccc1d0cb" + [[package]] name = "itertools" version = "0.10.3" @@ -508,27 +545,30 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.124" +version = "0.2.127" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21a41fed9d98f27ab1c6d161da622a4fa35e8a54a8adc24bbf3ddd0ef70b0e50" +checksum = "505e71a4706fa491e9b1b55f51b95d4037d0821ee40131190475f692b35b009b" [[package]] name = "libcontainer" version = "0.0.1" dependencies = [ "anyhow", + "cgroups-rs", "chrono", "derive_builder", "libc", "logging", - "nix", + "nix 0.23.1", "oci", + "procfs", "rustjail", "scopeguard", "serde", "serde_json", "slog", "tempfile", + "test-utils", ] [[package]] @@ -540,6 +580,12 @@ dependencies = [ "clap", ] +[[package]] +name = "linux-raw-sys" +version = "0.0.46" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d4d2456c373231a208ad294c33dc5bff30051eafd954cd4caae83a712b12854d" + [[package]] name = "lock_api" version = "0.4.7" @@ -585,6 +631,15 @@ dependencies = [ "autocfg", ] +[[package]] +name = "miniz_oxide" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f5c75688da582b8ffc1f1799e9db273f32133c49e048f614d22ec3256773ccc" +dependencies = [ + "adler", +] + [[package]] name = "mio" version = "0.8.2" @@ -627,6 +682,18 @@ dependencies = [ "memoffset", ] +[[package]] +name = "nix" +version = "0.24.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "195cdbc1741b8134346d515b3a56a1c94b0912758009cfd53f99ea0f57b065fc" +dependencies = [ + "bitflags", + "cfg-if 1.0.0", + "libc", + "memoffset", +] + [[package]] name = "ntapi" version = "0.3.7" @@ -716,7 +783,7 @@ dependencies = [ "libc", "redox_syscall", "smallvec", - "windows-sys", + "windows-sys 0.34.0", ] [[package]] @@ -793,6 +860,21 @@ dependencies = [ "unicode-xid", ] +[[package]] +name = "procfs" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1391b61957e3b6f25a59ca2e057d22a44415917d87893986f6627fef109d32f" +dependencies = [ + "bitflags", + "byteorder", + "chrono", + "flate2", + "hex", + "lazy_static", + "rustix", +] + [[package]] name = "prost" version = "0.8.0" @@ -947,7 +1029,7 @@ dependencies = [ "libcontainer", "liboci-cli", "logging", - "nix", + "nix 0.23.1", "oci", "rustjail", "serde", @@ -960,6 +1042,20 @@ dependencies = [ "users", ] +[[package]] +name = "rustix" +version = "0.35.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d51cc38aa10f6bbb377ed28197aa052aa4e2b762c22be9d3153d01822587e787" +dependencies = [ + "bitflags", + "errno", + "io-lifetimes", + "libc", + "linux-raw-sys", + "windows-sys 0.36.1", +] + [[package]] name = "rustjail" version = "0.1.0" @@ -974,7 +1070,7 @@ dependencies = [ "inotify", "lazy_static", "libc", - "nix", + "nix 0.23.1", "oci", "path-absolutize", "protobuf", @@ -1176,6 +1272,13 @@ dependencies = [ "winapi-util", ] +[[package]] +name = "test-utils" +version = "0.1.0" +dependencies = [ + "nix 0.24.2", +] + [[package]] name = "textwrap" version = "0.15.0" @@ -1273,7 +1376,7 @@ dependencies = [ "byteorder", "libc", "log", - "nix", + "nix 0.23.1", "protobuf", "protobuf-codegen-pure", "thiserror", @@ -1400,11 +1503,24 @@ version = "0.34.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5acdd78cb4ba54c0045ac14f62d8f94a03d10047904ae2a40afa1e99d8f70825" dependencies = [ - "windows_aarch64_msvc", - "windows_i686_gnu", - "windows_i686_msvc", - "windows_x86_64_gnu", - "windows_x86_64_msvc", + "windows_aarch64_msvc 0.34.0", + "windows_i686_gnu 0.34.0", + "windows_i686_msvc 0.34.0", + "windows_x86_64_gnu 0.34.0", + "windows_x86_64_msvc 0.34.0", +] + +[[package]] +name = "windows-sys" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2" +dependencies = [ + "windows_aarch64_msvc 0.36.1", + "windows_i686_gnu 0.36.1", + "windows_i686_msvc 0.36.1", + "windows_x86_64_gnu 0.36.1", + "windows_x86_64_msvc 0.36.1", ] [[package]] @@ -1413,26 +1529,56 @@ version = "0.34.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "17cffbe740121affb56fad0fc0e421804adf0ae00891205213b5cecd30db881d" +[[package]] +name = "windows_aarch64_msvc" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47" + [[package]] name = "windows_i686_gnu" version = "0.34.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2564fde759adb79129d9b4f54be42b32c89970c18ebf93124ca8870a498688ed" +[[package]] +name = "windows_i686_gnu" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6" + [[package]] name = "windows_i686_msvc" version = "0.34.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9cd9d32ba70453522332c14d38814bceeb747d80b3958676007acadd7e166956" +[[package]] +name = "windows_i686_msvc" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024" + [[package]] name = "windows_x86_64_gnu" version = "0.34.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cfce6deae227ee8d356d19effc141a509cc503dfd1f850622ec4b0f84428e1f4" +[[package]] +name = "windows_x86_64_gnu" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1" + [[package]] name = "windows_x86_64_msvc" version = "0.34.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d19538ccc21819d01deaf88d6a17eae6596a12e9aafdbb97916fb49896d89de9" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" diff --git a/src/tools/runk/libcontainer/Cargo.toml b/src/tools/runk/libcontainer/Cargo.toml index ed96a4bff..0db70d3d1 100644 --- a/src/tools/runk/libcontainer/Cargo.toml +++ b/src/tools/runk/libcontainer/Cargo.toml @@ -19,6 +19,9 @@ chrono = { version = "0.4.19", features = ["serde"] } serde = { version = "1.0.133", features = ["derive"] } serde_json = "1.0.74" scopeguard = "1.1.0" +cgroups = { package = "cgroups-rs", version = "0.2.10" } +procfs = "0.14.0" [dev-dependencies] tempfile = "3.3.0" +test-utils = { path = "../../../libs/test-utils" } diff --git a/src/tools/runk/libcontainer/src/builder.rs b/src/tools/runk/libcontainer/src/builder.rs index afb02b356..c175c77c4 100644 --- a/src/tools/runk/libcontainer/src/builder.rs +++ b/src/tools/runk/libcontainer/src/builder.rs @@ -3,11 +3,8 @@ // SPDX-License-Identifier: Apache-2.0 // -use crate::container::{get_config_path, ContainerLauncher}; -use crate::{ - status::{get_current_container_state, Status}, - utils::validate_process_spec, -}; +use crate::container::{get_config_path, Container, ContainerLauncher}; +use crate::utils::validate_process_spec; use anyhow::{anyhow, Result}; use derive_builder::Builder; use oci::{ContainerState, Process as OCIProcess, Spec}; @@ -138,32 +135,35 @@ impl ActivatedContainer { logger, "enter ActivatedContainer::create_launcher {:?}", self ); - let status = Status::load(&self.root, &self.id)?; - let state = get_current_container_state(&status)?; + let container = Container::load(&self.root, &self.id)?; // If state is Created or Running, we can execute the process. - if state != ContainerState::Created && state != ContainerState::Running { - return Err(anyhow!("cannot exec in a stopped or paused container")); + if container.state != ContainerState::Created && container.state != ContainerState::Running + { + return Err(anyhow!( + "cannot exec in a stopped or paused container, state: {:?}", + container.state + )); } - let mut config = status.config; + let mut config = container.status.config; let spec = config.spec.as_mut().unwrap(); - self.adapt_exec_spec(spec, status.pid, logger)?; + self.adapt_exec_spec(spec, container.status.pid, logger)?; debug!(logger, "adapted spec: {:?}", spec); validate_spec(spec, &self.console_socket)?; debug!(logger, "create LinuxContainer with config: {:?}", config); // Maybe we should move some properties from status into LinuxContainer, // like pid, process_start_time, created, cgroup_manager, etc. But it works now. - let container = + let runner = create_linux_container(&self.id, &self.root, config, self.console_socket, logger)?; Ok(ContainerLauncher::new( &self.id, - &status.bundle, + &container.status.bundle, &self.root, false, - container, + runner, self.pid_file, )) } @@ -264,13 +264,14 @@ pub fn validate_spec(spec: &Spec, console_socket: &Option) -> Result<() mod tests { use super::*; use crate::container::CONFIG_FILE_NAME; - use crate::utils::test_utils::TEST_ROOTFS_PATH; + use crate::status::Status; + use crate::utils::test_utils::*; use chrono::DateTime; use nix::unistd::getpid; use oci::{self, Root, Spec}; use oci::{Linux, LinuxNamespace, User}; - use rustjail::cgroups::fs::Manager; use rustjail::container::TYPETONAME; + use scopeguard::defer; use slog::o; use std::fs::create_dir; use std::time::SystemTime; @@ -279,6 +280,7 @@ mod tests { path::PathBuf, }; use tempfile::tempdir; + use test_utils::skip_if_not_root; #[derive(Debug)] struct TestData { @@ -323,7 +325,9 @@ mod tests { .to_string_lossy() .to_string(); let test_data = TestData { - id: String::from("test"), + // Since tests are executed concurrently, container_id must be unique in tests with cgroup. + // Or the cgroup directory may be removed by other tests in advance. + id: String::from("test_init_container_create_launcher"), bundle: bundle_dir.path().to_path_buf(), root: root_dir.into_path(), console_socket: Some(PathBuf::from("test")), @@ -356,6 +360,10 @@ mod tests { Some(launcher.runner.console_socket), test_data.console_socket ); + // If it is run by root, create_launcher will create cgroup dirs successfully. So we need to do some cleanup stuff. + if nix::unistd::Uid::effective().is_root() { + clean_up_cgroup(Path::new(&test_data.id)); + } } #[test] @@ -454,6 +462,11 @@ mod tests { } fn create_dummy_status(id: &str, pid: i32, root: &Path, spec: &Spec) -> Status { + let start_time = procfs::process::Process::new(pid) + .unwrap() + .stat() + .unwrap() + .starttime; Status { oci_version: spec.version.clone(), id: id.to_string(), @@ -461,9 +474,9 @@ mod tests { root: root.to_path_buf(), bundle: PathBuf::from("/tmp"), rootfs: TEST_ROOTFS_PATH.to_string(), - process_start_time: 0, + process_start_time: start_time, created: DateTime::from(SystemTime::now()), - cgroup_manager: Manager::new("test").unwrap(), + cgroup_manager: serde_json::from_str(TEST_CGM_DATA).unwrap(), config: CreateOpts { spec: Some(spec.clone()), ..Default::default() @@ -498,11 +511,14 @@ mod tests { #[test] fn test_activated_container_create() { + // create cgroup directory needs root permission + skip_if_not_root!(); let logger = slog::Logger::root(slog::Discard, o!()); let bundle_dir = tempdir().unwrap(); let root = tempdir().unwrap(); - // let bundle = temp - let id = "test".to_string(); + // Since tests are executed concurrently, container_id must be unique in tests with cgroup. + // Or the cgroup directory may be removed by other tests in advance. + let id = "test_activated_container_create".to_string(); create_activated_dirs(root.path(), &id, bundle_dir.path()); let pid = getpid().as_raw(); @@ -516,6 +532,10 @@ mod tests { let status = create_dummy_status(&id, pid, root.path(), &spec); status.save().unwrap(); + // create empty cgroup directory to avoid is_pause failing + let cgroup = create_dummy_cgroup(Path::new(id.as_str())); + defer!(cgroup.delete().unwrap()); + let result = ActivatedContainerBuilder::default() .id(id) .root(root.into_path()) @@ -575,6 +595,8 @@ mod tests { #[test] fn test_activated_container_create_with_process() { + // create cgroup directory needs root permission + skip_if_not_root!(); const PROCESS_FILE_NAME: &str = "process.json"; let bundle_dir = tempdir().unwrap(); let process_file = bundle_dir.path().join(PROCESS_FILE_NAME); @@ -588,7 +610,9 @@ mod tests { let logger = slog::Logger::root(slog::Discard, o!()); let root = tempdir().unwrap(); - let id = "test".to_string(); + // Since tests are executed concurrently, container_id must be unique in tests with cgroup. + // Or the cgroup directory may be removed by other tests in advance. + let id = "test_activated_container_create_with_process".to_string(); let pid = getpid().as_raw(); let mut spec = create_dummy_spec(); spec.root.as_mut().unwrap().path = bundle_dir @@ -600,6 +624,10 @@ mod tests { let status = create_dummy_status(&id, pid, root.path(), &spec); status.save().unwrap(); + // create empty cgroup directory to avoid is_pause failing + let cgroup = create_dummy_cgroup(Path::new(id.as_str())); + defer!(cgroup.delete().unwrap()); + let launcher = ActivatedContainerBuilder::default() .id(id) .root(root.into_path()) diff --git a/src/tools/runk/libcontainer/src/cgroup.rs b/src/tools/runk/libcontainer/src/cgroup.rs index 9b53bb368..586c6e894 100644 --- a/src/tools/runk/libcontainer/src/cgroup.rs +++ b/src/tools/runk/libcontainer/src/cgroup.rs @@ -3,24 +3,15 @@ // SPDX-License-Identifier: Apache-2.0 // -use anyhow::{anyhow, Result}; -use rustjail::cgroups::fs::Manager as CgroupManager; -use std::{ - path::Path, - {fs, thread, time}, -}; - -pub fn destroy_cgroup(cgroup_mg: &CgroupManager) -> Result<()> { - for path in cgroup_mg.paths.values() { - remove_cgroup_dir(Path::new(path))?; - } - - Ok(()) -} +use anyhow::anyhow; +use anyhow::Result; +use cgroups; +use cgroups::freezer::{FreezerController, FreezerState}; +use std::{thread, time}; // Try to remove the provided cgroups path five times with increasing delay between tries. // If after all there are not removed cgroups, an appropriate error will be returned. -fn remove_cgroup_dir(path: &Path) -> Result<()> { +pub fn remove_cgroup_dir(cgroup: &cgroups::Cgroup) -> Result<()> { let mut retries = 5; let mut delay = time::Duration::from_millis(10); while retries != 0 { @@ -29,12 +20,58 @@ fn remove_cgroup_dir(path: &Path) -> Result<()> { thread::sleep(delay); } - if !path.exists() || fs::remove_dir(path).is_ok() { + if cgroup.delete().is_ok() { return Ok(()); } retries -= 1; } - return Err(anyhow!("failed to remove cgroups paths: {:?}", path)); + return Err(anyhow!("failed to remove cgroups paths")); +} + +// Make sure we get a stable freezer state, so retry if the cgroup is still undergoing freezing. +pub fn get_freezer_state(freezer: &FreezerController) -> Result { + let mut retries = 10; + while retries != 0 { + let state = freezer.state()?; + match state { + FreezerState::Thawed => return Ok(FreezerState::Thawed), + FreezerState::Frozen => return Ok(FreezerState::Frozen), + FreezerState::Freezing => { + // sleep for 10 ms, wait for the cgroup to finish freezing + thread::sleep(time::Duration::from_millis(10)); + retries -= 1; + } + } + } + Ok(FreezerState::Freezing) +} + +// check whether freezer state is frozen +pub fn is_paused(cgroup: &cgroups::Cgroup) -> Result { + let freezer_controller: &FreezerController = cgroup + .controller_of() + .ok_or_else(|| anyhow!("failed to get freezer controller"))?; + let freezer_state = get_freezer_state(freezer_controller)?; + match freezer_state { + FreezerState::Frozen => Ok(true), + _ => Ok(false), + } +} + +pub fn freeze(cgroup: &cgroups::Cgroup, state: FreezerState) -> Result<()> { + let freezer_controller: &FreezerController = cgroup + .controller_of() + .ok_or_else(|| anyhow!("failed to get freezer controller"))?; + match state { + FreezerState::Frozen => { + freezer_controller.freeze()?; + } + FreezerState::Thawed => { + freezer_controller.thaw()?; + } + _ => return Err(anyhow!("invalid freezer state")), + } + Ok(()) } diff --git a/src/tools/runk/libcontainer/src/container.rs b/src/tools/runk/libcontainer/src/container.rs index abc40fbba..9a3c0fa61 100644 --- a/src/tools/runk/libcontainer/src/container.rs +++ b/src/tools/runk/libcontainer/src/container.rs @@ -3,14 +3,20 @@ // SPDX-License-Identifier: Apache-2.0 // -use crate::status::{self, get_all_pid, get_current_container_state, Status}; +use crate::cgroup::{freeze, remove_cgroup_dir}; +use crate::status::{self, get_current_container_state, Status}; use anyhow::{anyhow, Result}; +use cgroups; +use cgroups::freezer::FreezerState; +use cgroups::hierarchies::is_cgroup2_unified_mode; use nix::sys::signal::kill; use nix::{ sys::signal::Signal, + sys::signal::SIGKILL, unistd::{chdir, unlink, Pid}, }; use oci::ContainerState; +use procfs; use rustjail::{ container::{BaseContainer, LinuxContainer, EXEC_FIFO_FILENAME}, process::{Process, ProcessOperations}, @@ -35,20 +41,55 @@ pub enum ContainerAction { pub struct Container { pub status: Status, pub state: ContainerState, + pub cgroup: cgroups::Cgroup, } +// Container represents a container that is created by the container runtime. impl Container { pub fn load(state_root: &Path, id: &str) -> Result { let status = Status::load(state_root, id)?; - let state = get_current_container_state(&status)?; - Ok(Self { status, state }) + let spec = status + .config + .spec + .as_ref() + .ok_or_else(|| anyhow!("spec config was not present"))?; + let linux = spec + .linux + .as_ref() + .ok_or_else(|| anyhow!("linux config was not present"))?; + let cpath = if linux.cgroups_path.is_empty() { + id.to_string() + } else { + linux + .cgroups_path + .clone() + .trim_start_matches('/') + .to_string() + }; + let cgroup = cgroups::Cgroup::load(cgroups::hierarchies::auto(), cpath); + let state = get_current_container_state(&status, &cgroup)?; + Ok(Self { + status, + state, + cgroup, + }) } pub fn processes(&self) -> Result> { - get_all_pid(&self.status.cgroup_manager) + let pids = self.cgroup.tasks(); + let result = pids.iter().map(|x| Pid::from_raw(x.pid as i32)).collect(); + Ok(result) } pub fn kill(&self, signal: Signal, all: bool) -> Result<()> { + if self.state == ContainerState::Stopped { + return Err(anyhow!( + "container {} can't be killed because it is {:?}", + self.status.id, + self.state + )); + } + if all { let pids = self.processes()?; for pid in pids { @@ -58,18 +99,46 @@ impl Container { kill(pid, signal)?; } } else { - if self.state == ContainerState::Stopped { - return Err(anyhow!("container {} not running", self.status.id)); - } let pid = Pid::from_raw(self.status.pid); if status::is_process_running(pid)? { kill(pid, signal)?; } } + // For cgroup v1, killing a process in a frozen cgroup does nothing until it's thawed. + // Only thaw the cgroup for SIGKILL. + // Ref: https://github.com/opencontainers/runc/pull/3217 + if !is_cgroup2_unified_mode() && self.state == ContainerState::Paused && signal == SIGKILL { + freeze(&self.cgroup, FreezerState::Thawed)?; + } Ok(()) } - // TODO: add pause and resume + pub fn pause(&self) -> Result<()> { + if self.state != ContainerState::Running && self.state != ContainerState::Created { + return Err(anyhow!( + "failed to pause container: current status is: {:?}", + self.state + )); + } + freeze(&self.cgroup, FreezerState::Frozen)?; + Ok(()) + } + + pub fn resume(&self) -> Result<()> { + if self.state != ContainerState::Paused { + return Err(anyhow!( + "failed to resume container: current status is: {:?}", + self.state + )); + } + freeze(&self.cgroup, FreezerState::Thawed)?; + Ok(()) + } + + pub fn destroy(&self) -> Result<()> { + remove_cgroup_dir(&self.cgroup)?; + self.status.remove_dir() + } } /// Used to run a process. If init is set, it will create a container and run the process in it. @@ -190,11 +259,14 @@ impl ContainerLauncher { /// Generate runk specified Status fn get_status(&self) -> Result { let oci_state = self.runner.oci_state()?; + // read start time from /proc//stat + let proc = procfs::process::Process::new(self.runner.init_process_pid)?; + let process_start_time = proc.stat()?.starttime; Status::new( &self.state_root, &self.bundle, oci_state, - self.runner.init_process_start_time, + process_start_time, self.runner.created, self.runner .cgroup_manager diff --git a/src/tools/runk/libcontainer/src/status.rs b/src/tools/runk/libcontainer/src/status.rs index 3cd9768b1..6a3480c59 100644 --- a/src/tools/runk/libcontainer/src/status.rs +++ b/src/tools/runk/libcontainer/src/status.rs @@ -3,6 +3,7 @@ // SPDX-License-Identifier: Apache-2.0 // +use crate::cgroup::is_paused; use crate::container::get_fifo_path; use crate::utils::*; use anyhow::{anyhow, Result}; @@ -14,6 +15,7 @@ use nix::{ unistd::Pid, }; use oci::{ContainerState, State as OCIState}; +use procfs::process::ProcState; use rustjail::{cgroups::fs::Manager as CgroupManager, specconv::CreateOpts}; use serde::{Deserialize, Serialize}; use std::{ @@ -35,6 +37,10 @@ pub struct Status { pub rootfs: String, pub process_start_time: u64, pub created: DateTime, + // Methods of Manager traits in rustjail are invisible, and CgroupManager.cgroup can't be serialized. + // So it is cumbersome to manage cgroups by this field. Instead, we use cgroups-rs::cgroup directly in Container to manager cgroups. + // Another solution is making some methods public outside rustjail and adding getter/setter for CgroupManager.cgroup. + // Temporarily keep this field for compatibility. pub cgroup_manager: CgroupManager, pub config: CreateOpts, } @@ -143,53 +149,34 @@ pub fn is_process_running(pid: Pid) -> Result { } } -pub fn get_current_container_state(status: &Status) -> Result { - let running = is_process_running(Pid::from_raw(status.pid))?; - let mut has_fifo = false; - - if running { - let fifo = get_fifo_path(status); - if fifo.exists() { - has_fifo = true - } +// Returns the current state of a container. It will read cgroupfs and procfs to determine the state. +// https://github.com/opencontainers/runc/blob/86d6898f3052acba1ebcf83aa2eae3f6cc5fb471/libcontainer/container_linux.go#L1953 +pub fn get_current_container_state( + status: &Status, + cgroup: &cgroups::Cgroup, +) -> Result { + if is_paused(cgroup)? { + return Ok(ContainerState::Paused); } - - if running && !has_fifo { - // TODO: Check paused status. - // runk does not support pause command currently. + let proc = procfs::process::Process::new(status.pid); + // if reading /proc/ occurs error, then the process is not running + if proc.is_err() { + return Ok(ContainerState::Stopped); } - - if !running { - Ok(ContainerState::Stopped) - } else if has_fifo { - Ok(ContainerState::Created) - } else { - Ok(ContainerState::Running) + let proc_stat = proc.unwrap().stat()?; + // if start time is not equal, then the pid is reused, and the process is not running + if proc_stat.starttime != status.process_start_time { + return Ok(ContainerState::Stopped); } -} - -pub fn get_all_pid(cgm: &CgroupManager) -> Result> { - let cgroup_path = cgm.paths.get("devices"); - match cgroup_path { - Some(v) => { - let path = Path::new(v); - if !path.exists() { - return Err(anyhow!("cgroup devices file does not exist")); + match proc_stat.state()? { + ProcState::Zombie | ProcState::Dead => Ok(ContainerState::Stopped), + _ => { + let fifo = get_fifo_path(status); + if fifo.exists() { + return Ok(ContainerState::Created); } - - let procs_path = path.join("cgroup.procs"); - let pids: Vec = lines_from_file(&procs_path)? - .into_iter() - .map(|v| { - Pid::from_raw( - v.parse::() - .expect("failed to parse string into pid_t"), - ) - }) - .collect(); - Ok(pids) + Ok(ContainerState::Running) } - None => Err(anyhow!("cgroup devices file dose not exist")), } } @@ -197,10 +184,12 @@ pub fn get_all_pid(cgm: &CgroupManager) -> Result> { mod tests { use super::*; use crate::utils::test_utils::*; + use ::test_utils::skip_if_not_root; use chrono::{DateTime, Utc}; use nix::unistd::getpid; use oci::ContainerState; use rustjail::cgroups::fs::Manager as CgroupManager; + use scopeguard::defer; use std::path::Path; use std::time::SystemTime; @@ -235,14 +224,13 @@ mod tests { #[test] fn test_get_current_container_state() { - let status = create_dummy_status(); - let state = get_current_container_state(&status).unwrap(); + skip_if_not_root!(); + let mut status = create_dummy_status(); + status.id = "test_get_current_container_state".to_string(); + // crete a dummy cgroup to make sure is_pause doesn't return error + let cgroup = create_dummy_cgroup(Path::new(&status.id)); + defer!(cgroup.delete().unwrap()); + let state = get_current_container_state(&status, &cgroup).unwrap(); assert_eq!(state, ContainerState::Running); } - - #[test] - fn test_get_all_pid() { - let cgm: CgroupManager = serde_json::from_str(TEST_CGM_DATA).unwrap(); - assert!(get_all_pid(&cgm).is_ok()); - } } diff --git a/src/tools/runk/libcontainer/src/utils.rs b/src/tools/runk/libcontainer/src/utils.rs index bcb8b9748..a65a3568d 100644 --- a/src/tools/runk/libcontainer/src/utils.rs +++ b/src/tools/runk/libcontainer/src/utils.rs @@ -114,11 +114,16 @@ pub(crate) mod test_utils { let cgm: CgroupManager = serde_json::from_str(TEST_CGM_DATA).unwrap(); let oci_state = create_dummy_oci_state(); let created = SystemTime::now(); + let start_time = procfs::process::Process::new(oci_state.pid) + .unwrap() + .stat() + .unwrap() + .starttime; let status = Status::new( Path::new(TEST_STATE_ROOT_PATH), Path::new(TEST_BUNDLE_PATH), oci_state, - 1, + start_time, created, cgm, create_dummy_opts(), @@ -128,6 +133,15 @@ pub(crate) mod test_utils { status } + pub fn create_dummy_cgroup(cpath: &Path) -> cgroups::Cgroup { + cgroups::Cgroup::new(cgroups::hierarchies::auto(), cpath) + } + + pub fn clean_up_cgroup(cpath: &Path) { + let cgroup = cgroups::Cgroup::load(cgroups::hierarchies::auto(), cpath); + cgroup.delete().unwrap(); + } + #[test] pub fn test_validate_process_spec() { let valid_process = Process { diff --git a/src/tools/runk/src/commands/delete.rs b/src/tools/runk/src/commands/delete.rs index 4884c0291..ead8aa47e 100644 --- a/src/tools/runk/src/commands/delete.rs +++ b/src/tools/runk/src/commands/delete.rs @@ -4,13 +4,10 @@ // use anyhow::{anyhow, Result}; -use libcontainer::{ - cgroup, - status::{get_current_container_state, Status}, -}; +use libcontainer::{container::Container, status::Status}; use liboci_cli::Delete; use nix::{ - errno::Errno, + sys::signal::SIGKILL, sys::signal::{kill, Signal}, unistd::Pid, }; @@ -26,13 +23,14 @@ pub async fn run(opts: Delete, root: &Path, logger: &Logger) -> Result<()> { return Err(anyhow!("container {} does not exist", container_id)); } - let status = if let Ok(value) = Status::load(root, container_id) { + let container = if let Ok(value) = Container::load(root, container_id) { value } else { fs::remove_dir_all(status_dir)?; return Ok(()); }; + let status = &container.status; let spec = status .config .spec @@ -42,7 +40,7 @@ pub async fn run(opts: Delete, root: &Path, logger: &Logger) -> Result<()> { let oci_state = OCIState { version: status.oci_version.clone(), id: status.id.clone(), - status: get_current_container_state(&status)?, + status: container.state, pid: status.pid, bundle: status .bundle @@ -64,20 +62,16 @@ pub async fn run(opts: Delete, root: &Path, logger: &Logger) -> Result<()> { match oci_state.status { ContainerState::Stopped => { - destroy_container(&status)?; + container.destroy()?; } ContainerState::Created => { kill(Pid::from_raw(status.pid), Some(Signal::SIGKILL))?; - destroy_container(&status)?; + container.destroy()?; } _ => { if opts.force { - if let Err(errno) = kill(Pid::from_raw(status.pid), Some(Signal::SIGKILL)) { - if errno != Errno::ESRCH { - return Err(anyhow!("{}", errno)); - } - } - destroy_container(&status)?; + container.kill(SIGKILL, true)?; + container.destroy()?; } else { return Err(anyhow!( "cannot delete container {} that is not stopped", @@ -91,10 +85,3 @@ pub async fn run(opts: Delete, root: &Path, logger: &Logger) -> Result<()> { Ok(()) } - -fn destroy_container(status: &Status) -> Result<()> { - cgroup::destroy_cgroup(&status.cgroup_manager)?; - status.remove_dir()?; - - Ok(()) -} diff --git a/src/tools/runk/src/commands/list.rs b/src/tools/runk/src/commands/list.rs index ef3904204..e3020cb5a 100644 --- a/src/tools/runk/src/commands/list.rs +++ b/src/tools/runk/src/commands/list.rs @@ -5,7 +5,7 @@ use super::state::get_container_state_name; use anyhow::Result; -use libcontainer::status::{get_current_container_state, Status}; +use libcontainer::container::Container; use liboci_cli::List; use oci::ContainerState; use slog::{info, Logger}; @@ -19,7 +19,7 @@ pub fn run(_: List, root: &Path, logger: &Logger) -> Result<()> { let mut content = String::new(); for entry in fs::read_dir(root)? { let entry = entry?; - // Possibly race with runk delete, so continue loop when any error occurs below + // Possibly race with other command of runk, so continue loop when any error occurs below let metadata = match entry.metadata() { Ok(metadata) => metadata, Err(_) => continue, @@ -31,18 +31,15 @@ pub fn run(_: List, root: &Path, logger: &Logger) -> Result<()> { Ok(id) => id, Err(_) => continue, }; - let status = match Status::load(root, &container_id) { - Ok(status) => status, - Err(_) => continue, - }; - let state = match get_current_container_state(&status) { - Ok(state) => state, + let container = match Container::load(root, &container_id) { + Ok(container) => container, Err(_) => continue, }; + let state = container.state; // Just like runc, pid of stopped container is 0 let pid = match state { ContainerState::Stopped => 0, - _ => status.pid, + _ => container.status.pid, }; // May replace get_user_by_uid with getpwuid(3) let owner = match get_user_by_uid(metadata.uid()) { @@ -55,8 +52,8 @@ pub fn run(_: List, root: &Path, logger: &Logger) -> Result<()> { container_id, pid, get_container_state_name(state), - status.bundle.display(), - status.created, + container.status.bundle.display(), + container.status.created, owner ); } diff --git a/src/tools/runk/src/commands/mod.rs b/src/tools/runk/src/commands/mod.rs index 424303521..249b1440a 100644 --- a/src/tools/runk/src/commands/mod.rs +++ b/src/tools/runk/src/commands/mod.rs @@ -8,7 +8,9 @@ pub mod delete; pub mod exec; pub mod kill; pub mod list; +pub mod pause; pub mod ps; +pub mod resume; pub mod run; pub mod spec; pub mod start; diff --git a/src/tools/runk/src/commands/pause.rs b/src/tools/runk/src/commands/pause.rs new file mode 100644 index 000000000..fee9498a0 --- /dev/null +++ b/src/tools/runk/src/commands/pause.rs @@ -0,0 +1,18 @@ +// Copyright 2021-2022 Kata Contributors +// +// SPDX-License-Identifier: Apache-2.0 +// + +use anyhow::Result; +use libcontainer::container::Container; +use liboci_cli::Pause; +use slog::{info, Logger}; +use std::path::Path; + +pub fn run(opts: Pause, root: &Path, logger: &Logger) -> Result<()> { + let container = Container::load(root, &opts.container_id)?; + container.pause()?; + + info!(&logger, "pause command finished successfully"); + Ok(()) +} diff --git a/src/tools/runk/src/commands/resume.rs b/src/tools/runk/src/commands/resume.rs new file mode 100644 index 000000000..7d8b9d39d --- /dev/null +++ b/src/tools/runk/src/commands/resume.rs @@ -0,0 +1,18 @@ +// Copyright 2021-2022 Kata Contributors +// +// SPDX-License-Identifier: Apache-2.0 +// + +use anyhow::Result; +use libcontainer::container::Container; +use liboci_cli::Resume; +use slog::{info, Logger}; +use std::path::Path; + +pub fn run(opts: Resume, root: &Path, logger: &Logger) -> Result<()> { + let container = Container::load(root, &opts.container_id)?; + container.resume()?; + + info!(&logger, "pause command finished successfully"); + Ok(()) +} diff --git a/src/tools/runk/src/commands/start.rs b/src/tools/runk/src/commands/start.rs index 750493688..8176aa0fa 100644 --- a/src/tools/runk/src/commands/start.rs +++ b/src/tools/runk/src/commands/start.rs @@ -5,39 +5,29 @@ use crate::commands::state::get_container_state_name; use anyhow::{anyhow, Result}; -use libcontainer::{ - container::get_fifo_path, - status::{get_current_container_state, Status}, -}; +use libcontainer::container::{get_fifo_path, Container}; use liboci_cli::Start; use nix::unistd::unlink; use oci::ContainerState; use slog::{info, Logger}; -use std::{fs::OpenOptions, io::prelude::*, path::Path, time::SystemTime}; +use std::{fs::OpenOptions, io::prelude::*, path::Path}; pub fn run(opts: Start, state_root: &Path, logger: &Logger) -> Result<()> { - let mut status = Status::load(state_root, &opts.container_id)?; - let state = get_current_container_state(&status)?; - if state != ContainerState::Created { + let container = Container::load(state_root, &opts.container_id)?; + if container.state != ContainerState::Created { return Err(anyhow!( "cannot start a container in the {} state", - get_container_state_name(state) + get_container_state_name(container.state) )); }; - let fifo_path = get_fifo_path(&status); + let fifo_path = get_fifo_path(&container.status); let mut file = OpenOptions::new().write(true).open(&fifo_path)?; file.write_all("0".as_bytes())?; info!(&logger, "container started"); - status.process_start_time = SystemTime::now() - .duration_since(SystemTime::UNIX_EPOCH)? - .as_secs(); - - status.save()?; - if fifo_path.exists() { unlink(&fifo_path)?; } diff --git a/src/tools/runk/src/commands/state.rs b/src/tools/runk/src/commands/state.rs index eb6b87d49..4e3bf6f33 100644 --- a/src/tools/runk/src/commands/state.rs +++ b/src/tools/runk/src/commands/state.rs @@ -5,7 +5,7 @@ use anyhow::Result; use chrono::{DateTime, Utc}; -use libcontainer::status::{get_current_container_state, Status}; +use libcontainer::{container::Container, status::Status}; use liboci_cli::State; use oci::ContainerState; use serde::{Deserialize, Serialize}; @@ -37,9 +37,8 @@ impl RuntimeState { } pub fn run(opts: State, state_root: &Path, logger: &Logger) -> Result<()> { - let status = Status::load(state_root, &opts.container_id)?; - let state = get_current_container_state(&status)?; - let oci_state = RuntimeState::new(status, state); + let container = Container::load(state_root, &opts.container_id)?; + let oci_state = RuntimeState::new(container.status, container.state); let json_state = &serde_json::to_string_pretty(&oci_state)?; println!("{}", json_state); diff --git a/src/tools/runk/src/main.rs b/src/tools/runk/src/main.rs index 4565e6a36..9f338ec40 100644 --- a/src/tools/runk/src/main.rs +++ b/src/tools/runk/src/main.rs @@ -81,6 +81,8 @@ async fn cmd_run(subcmd: SubCommand, root_path: &Path, logger: &Logger) -> Resul CommonCmd::List(list) => commands::list::run(list, root_path, logger), CommonCmd::Exec(exec) => commands::exec::run(exec, root_path, logger).await, CommonCmd::Ps(ps) => commands::ps::run(ps, root_path, logger), + CommonCmd::Pause(pause) => commands::pause::run(pause, root_path, logger), + CommonCmd::Resume(resume) => commands::resume::run(resume, root_path, logger), _ => { return Err(anyhow!("command is not implemented yet")); } diff --git a/tools/packaging/kernel/build-kernel.sh b/tools/packaging/kernel/build-kernel.sh index 19436ac48..52465e0ec 100755 --- a/tools/packaging/kernel/build-kernel.sh +++ b/tools/packaging/kernel/build-kernel.sh @@ -127,7 +127,10 @@ get_tee_kernel() { mkdir -p ${kernel_path} [ -z "${kernel_url}" ] && kernel_url=$(get_from_kata_deps "assets.kernel.${tee}.url") - kernel_tarball="${version}.tar.gz" + + kernel_tarball="linux-${version}.tar.gz" + tarball_name=$(get_from_kata_deps "assets.kernel.${tee}.tarball") + [ -z "$tarball_name" ] || kernel_tarball="$tarball_name" if [ ! -f "${kernel_tarball}" ]; then curl --fail -OL "${kernel_url}/${kernel_tarball}" @@ -460,7 +463,7 @@ install_kata() { if [ "${arch_target}" = "arm64" ]; then install --mode 0644 -D "arch/${arch_target}/boot/Image" "${install_path}/${vmlinux}" elif [ "${arch_target}" = "s390" ]; then - install --mode 0644 -D "arch/${arch_target}/boot/compressed/vmlinux" "${install_path}/${vmlinux}" + install --mode 0644 -D "arch/${arch_target}/boot/vmlinux" "${install_path}/${vmlinux}" else install --mode 0644 -D "vmlinux" "${install_path}/${vmlinux}" fi @@ -557,7 +560,8 @@ main() { esac elif [[ "${conf_guest}" != "" ]]; then #If specifying a tag for kernel_version, must be formatted version-like to avoid unintended parsing issues - kernel_version=$(get_from_kata_deps "assets.kernel.${conf_guest}.tag") + kernel_version=$(get_from_kata_deps "assets.kernel.${conf_guest}.version" 2>/dev/null || true) + [ -n "${kernel_version}" ] || kernel_version=$(get_from_kata_deps "assets.kernel.${conf_guest}.tag") else kernel_version=$(get_from_kata_deps "assets.kernel.version") fi diff --git a/tools/packaging/kernel/configs/fragments/common/dax.conf b/tools/packaging/kernel/configs/fragments/common/dax.conf index 6c48de444..ff747ae17 100644 --- a/tools/packaging/kernel/configs/fragments/common/dax.conf +++ b/tools/packaging/kernel/configs/fragments/common/dax.conf @@ -12,7 +12,6 @@ CONFIG_SPARSEMEM_VMEMMAP=y # Without these the pmem_should_map_pages() call in the kernel fails with new # Related to the ARCH_HAS_HMM set in the arch files. CONFIG_ZONE_DEVICE=y -CONFIG_DEV_PAGEMAP_OPS=y CONFIG_ND_PFN=y CONFIG_NVDIMM_PFN=y @@ -23,7 +22,6 @@ CONFIG_BLK_DEV=y CONFIG_BLK_DEV_PMEM=y CONFIG_BLK_DEV_RAM=y CONFIG_LIBNVDIMM=y -CONFIG_ND_BLK=y CONFIG_BTT=y # FIXME: Should check if this is really needed # https://github.com/kata-containers/packaging/issues/483 diff --git a/tools/packaging/kernel/configs/fragments/s390/network.conf b/tools/packaging/kernel/configs/fragments/s390/network.conf deleted file mode 100644 index f3f159705..000000000 --- a/tools/packaging/kernel/configs/fragments/s390/network.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Options needed by HAVE_EBPF_JIT -CONFIG_PACK_STACK=y diff --git a/tools/packaging/kernel/configs/fragments/x86_64/base.conf b/tools/packaging/kernel/configs/fragments/x86_64/base.conf index 3734b51bd..b26a78831 100644 --- a/tools/packaging/kernel/configs/fragments/x86_64/base.conf +++ b/tools/packaging/kernel/configs/fragments/x86_64/base.conf @@ -15,6 +15,7 @@ CONFIG_NR_CPUS=240 # For security CONFIG_LEGACY_VSYSCALL_NONE=y +CONFIG_SPECULATION_MITIGATIONS=y CONFIG_RETPOLINE=y # Boot directly into the uncompressed kernel diff --git a/tools/packaging/kernel/configs/fragments/x86_64/sev/sev.conf b/tools/packaging/kernel/configs/fragments/x86_64/sev/sev.conf index 32a43f2bb..baa44878a 100644 --- a/tools/packaging/kernel/configs/fragments/x86_64/sev/sev.conf +++ b/tools/packaging/kernel/configs/fragments/x86_64/sev/sev.conf @@ -1,12 +1,9 @@ # AMD Secure Encrypted Virtualization (SEV) CONFIG_AMD_MEM_ENCRYPT=y -CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y -CONFIG_CRYPTO_DEV_SP_PSP=y -CONFIG_CRYPTO_DEV_CCP=y -CONFIG_SECURITYFS=y -CONFIG_VIRT_DRIVERS=y CONFIG_EFI=y CONFIG_EFI_SECRET=m +CONFIG_EFI_STUB=y CONFIG_MODULE_SIG=y -CONFIG_MODULES=y \ No newline at end of file +CONFIG_MODULES=y +CONFIG_VIRT_DRIVERS=y \ No newline at end of file diff --git a/tools/packaging/kernel/kata_config_version b/tools/packaging/kernel/kata_config_version index 49541f721..5595fa46c 100644 --- a/tools/packaging/kernel/kata_config_version +++ b/tools/packaging/kernel/kata_config_version @@ -1 +1 @@ -94 +95 diff --git a/tools/packaging/kernel/patches/5.19.x/no_patches.txt b/tools/packaging/kernel/patches/5.19.x/no_patches.txt new file mode 100644 index 000000000..e69de29bb diff --git a/versions.yaml b/versions.yaml index 95610e91a..3b0ea4744 100644 --- a/versions.yaml +++ b/versions.yaml @@ -75,7 +75,7 @@ assets: url: "https://github.com/cloud-hypervisor/cloud-hypervisor" uscan-url: >- https://github.com/cloud-hypervisor/cloud-hypervisor/tags.*/v?(\d\S+)\.tar\.gz - version: "v25.0" + version: "v26.0" firecracker: description: "Firecracker micro-VMM" @@ -151,16 +151,16 @@ assets: kernel: description: "Linux kernel optimised for virtual machines" url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/" - version: "v5.15.48" + version: "v5.19.2" tdx: description: "Linux kernel that supports TDX" url: "https://github.com/intel/linux-kernel-dcp/archive/refs/tags" tag: "SPR-BKC-PC-v9.6" + tarball: "SPR-BKC-PC-v9.6.tar.gz" sev: - description: "Linux kernel with efi_secret support" - url: "https://github.com/confidential-containers-demo/\ - linux/archive/refs/tags/" - tag: "efi-secret-v5.17-rc6" + description: "Linux kernel that supports SEV" + url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/" + version: "v5.19.2" kernel-experimental: description: "Linux kernel with virtio-fs support"