Use `kata-runtime kata-check --strict/-s` to perform version
consistency check.
Only if major version number, minor version number and Patch
number are all the same, we determine those two kata components
are version-consistent.
Fixes: #2375
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
We import new struct VersionInfo for better organizing version info of
kata components, in order to follow Semantic Versioning Specification.
Fixes: #2375
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
By default virtcontainer auto-detects if the current process is running
rootless or not, but this behavior can change from commandline with the
--rootless option
fixes#2417
Signed-off-by: Julio Montes <julio.montes@intel.com>
rootless is used in katautils, cli and virtcontainers. It makes more sense
if it's part of virtcontainer, this way virtcontainers won't depend on other
runtime subpackages
Signed-off-by: Julio Montes <julio.montes@intel.com>
- add pcie-root-port device to qemu command line for q35
- hotplug a PCIe device into a PCIe Root Port
Fixes: #2432
Signed-off-by: Jimmy Xu <junming.xjm@antfin.com>
libcontainer already has an API to detect if the runtime is running rootless.
Use libcontainer API instead of reinventing the wheel.
fixes#2415
Signed-off-by: Julio Montes <julio.montes@intel.com>
This commit adds qemu virtio-mem support.
Then qemu can use virtio-mem support memory resize.
To enable this function, need the Linux and the qemu that support
virtio-mem.
Use command "echo 1 > /proc/sys/vm/overcommit_memory" to enable memory
overcommitment of the Linux kernel. Because qemu virtio-mem device need
to allocate a lot of memory.
Set "enable_virtio_mem" of kata configuration to true.
Fixes: #2406
Signed-off-by: Hui Zhu <teawater@antfin.com>
The sandbox cgroup will be constrained if there is no container
type annotation, otherwise kata will rely on container engine's cgroup
configuration
Depends-on: github.com/kata-containers/tests#2255
fixes#2408
Signed-off-by: Julio Montes <julio.montes@intel.com>
Fixes#803
Move "newstore" features out of experimental feature list, from this
commit "newstore" will be default enabled.
Signed-off-by: Wei Zhang <weizhang555@gmail.com>
Do not flush it atexit(), where the test report file might be already
closed and it causes go test failure like:
PASS
testing: can't write /tmp/go-build146132196/b001/testlog.txt: close /tmp/go-build146132196/b001/testlog.txt: file already closed
FAIL github.com/kata-containers/runtime/cli 4.256s
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
ret is uintptr and always >= 0. errno is enough for error checking.
This is causing lint error:
/home/vagrant/workplace/golang/src/github.com/kata-containers/runtime/virtcontainers/utils
cli/kata-check.go:446:20: SA4003: no value of type uintptr is less than 0 (staticcheck)
if errno != 0 || ret <= 0 {
^
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
To control whether an image rootfs is used as nvdimm device or just
plain virtio-block device.
Fixes: #2372
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
If no virtioFsCache type set in configuration file, virtiofsd will
not starts, which makes kata-container start fail if virtio-fs
as its shared file system.
Fixes: #2279
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
For now, when we're using cache factory to launch kata containers,
we would encounter nil pointer runtime panic.
Fixes: #2272
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
NEMU deprecation was announced in 1.8 of Kata. Removing from tree.
Thanks for all the fish!
Fixes: #2195
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Updated to better clarify this configuration option. Currently in QEMU
pre 1.9 release of Kata, vhost-net is used for the virtio-net backend.
This results in efficient network I/O performance, but does rely on the
backend running in ring0 (host kernel). Update comment to clarify this
trade-off for end-users.
Fixes: #2198
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
vhost-net backend is not supported by the Firecracker VMM. It doesn't
make sense to have this in the configuration, and we should explicitly
disable it.
Fixes: #2192
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Prior to the addition of tcMirroring support kata-runtime had
compatibility issues with some CNI plugins some of which were addressed
by the bridged model. With the addition of tc mode there are no gaps in
networking that can be filled by the bridged mode or enlightened mode
(which was never implemented).
Eliminate both of these options to simplify the setup.
Fixes: #1213
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
ACRN doesn't support configuring number of guest vcpu option ('-c') anymore.
Number of guest vcpus will be defined in the hypervisor scenario
configuration file instead.
Removed the -c option from the acrn-dm parameters when launching VMs and
also trimmed configuration.toml file accordingly.
fixes#2136
Signed-off-by: Vijay Dhanraj <vijay.dhanraj@intel.com>
Add the ability to check whether kata is running rootlessly or
not. Add the setup of the rootless directory located in the dir
/run/user/<UID> directory.
Fixes: #1874
Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
Co-developed-by: Marco Vedovati <mvedovati@suse.com>
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
This patch adds support for getting the kata UUID from
acrn hypervisor and using these UUID to create a VM.
Fixes: #1785
Signed-off-by: Vijay Dhanraj <vijay.dhanraj@intel.com>
This will fix the qemu-virtiofs.toml to use the kernel with virtiofs.
Also removes the initrd image from the toml.
Depends-on: github.com/kata-containers/packaging#731
Fixes#2077
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
instead of using `DEFSHAREDFS_NEMU` in `configuration-qemu-virtiofs.toml`,
use `DEFSHAREDFS_QEMU_VIRTIOFS`.
nemu will be deprecated soon so using `DEFSHAREDFS_NEMU` may
brake the configuration for qemu-virtiofs.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
currently virtiofs support is being reworked to use qemu
and kernel from virtio-fs gitlab repo. The current support
that we have for virtio-fs has been disabled as required
patches for the 4.19 kernel were removed in [1].
[1] https://github.com/kata-containers/packaging/pull/703Fixes: #2048.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Enable a new configuration file for QEMU with virtiofs 3.0
Depends-on: github.com/kata-containers/packaging#710
Fixes#2053
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
Fixes: #2023
We can get OCI spec config from bundle instead of annotations, so this
field isn't necessary.
Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>
Fixes: #2023
CompatOCISpec is used to gurantee backward compatbility for old runtime
specs, after we convert CompatOCISpec to standard specs.Spec, we should
use specs.Spec instead of CompatOCISpec, and CompatOCISpec should be
useless from then.
Spread usage of CompatOCISpec can make code structure confusing and making
the runtime spec usage non-standard. Besides, this can be the very first
step of removing CompatOCISpec from config's Annotations field.
Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>
add option to eneable only pod cgroup (SandboxCgroupOnly)
Depends-on: github.com/kata-containers/tests#1824
Fixes: #1879
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Refactor unit test so that podman can be used to run tests when docker
is not available.
Fixes: #2006
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
Since virtio-fs is under active development, more
options will be added increasingly. To avaoid frequent
change on runtime side to handle option changes, use
one mingled arg to ease testing new option/feature of
virtiofsd.
See `virtiofsd -h` for more option details.
Fixes: #1999
Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>
