Architecture-dependent settings were not being populated when GOPATH
was set. This change ensures they are always set.
Fixes#1169
Signed-off-by: William Douglas <william.douglas@intel.com>
- Do symlink to a relative path to hypervisor config.
- Create symlink on DESTDIR
Fixes: #1161
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Support building with `make HYPERVISOR=firecracker`.
Notes:
- Firecracker is currently only supported on x86_64, hence the
architecture check.
- The template file `cli/config/configuration-fc.toml.in` is based
on `cli/config/configuration.toml.in`.
Fixes#1105.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Improve the build to:
- Encapsulate the qemu configuration.
- Validate the chosen hypervisor.
- Display hypervisor details for `make help`.
This lays the groundwork to build configurations for multiple
hypervisors.
Notes:
- Variables that are hypervisor specific have now been suffixed with `_QEMU`.
- `make install` now installs `configuration-qemu.toml`.
To maintain compatibility with existing installations, a symbolic link
to this file called `configuration.toml` is created.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Move the quiet prefix from the `INSTALL_EXEC` recipe and use it at the
call sites. This makes the code robust when calling the recipe in a
`$(foreach ...)` loop.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Pass Seccomp profile to the agent only if
the configuration.toml allows it to be passed
and the agent/image is seccomp capable.
Fixes: #688
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
Most of the projects, they can be built with "make". After that,
"sudo make install" can install the application.
It is not work for kata-runtime because kata-runtime's make must work
with golang in the environment that default sudo cannot supply it.
But "make install" doesn't need golang.
So add "GOPATH not set" to handle the issue.
Fixes: #1008
Signed-off-by: Hui Zhu <teawater@hyper.sh>
Add the ability to skip checking the go version, by passing to make the
variable SKIP_GO_VERSION_CHECK=1
Fixes: #916
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
Refactor the config related codes into a separated
package which can be shared with other cli programs
such as kata's shimv2.
Fixes: #787Fixes: #714
Signed-off-by: fupan <lifupan@gmail.com>
Build {runtime,netmon} as Position-Independent-Executable (PIE) for improved
security and compliancy with distros packaging guidelines.
Fixes: #875
Signed-off-by: Marco Vedovati <mvedovati@suse.com>
Check that the system golang version is new enough to build with
according to the data from the `versions.yaml` file.
Update the verions in the versions.yaml accordingly, and add a note
describing what the 'newest-version' item represents.
Note, we only do a minimum requirement check, and are not checking
against the 'newest-version' info from the yaml.
Fixes: #148
Inspired-by: Wei Zhang <zhangwei555@huawei.com>
Idea-by: James O. D. Hunt <james.o.hunt@intel.com>
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Add configuration to decide the amount of slots that will be used in a VM
- This will limit the amount of times that memory can be hotplugged.
- Use memory slots provided by user.
- tests: aling struct
cli: kata-env: Add memory slots info.
- Show the slots to be added to the VM.
```diff
[Hypervisor]
MachineType = "pc"
Version = "QEMU ..."
Path = "/opt/kata/bin/qemu-system-x86_64"
BlockDeviceDriver = "virtio-scsi"
Msize9p = 8192
+ MemorySlots = 10
Debug = false
UseVSock = false
```
Fixes: #751
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
In order to choose if the network monitor should be used or not, this
patch makes it configurable from the configuration.toml file.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit modifies the Makefile at the root of this repository
so that the binary kata-netmon can be built from there.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
We need this configuration due to a limitation in seabios
firmware in handling hotplug for PCI devices with large BARS.
Long term, this needs to be fixed in the firmware.
Fixes#594
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Allow the path being checked by the os-no-exit script to be
passed in, and update the Makefile to use that to check the
current code paths of the cli and virtcontainers.
Fixes: #477
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
There is a relation between the maximum number of vCPUs and the
memory footprint, if QEMU maxcpus option and kernel nr_cpus
cmdline argument are big, then memory footprint is big, this
issue only occurs if CPU hotplug support is enabled in the kernel,
might be because of kernel needs to allocate resources to watch all
sockets waiting for a CPU to be connected (ACPI event).
For example
```
+---------------+-------------------------+
| | Memory Footprint (KB) |
+---------------+-------------------------+
| NR_CPUS=240 | 186501 |
+---------------+-------------------------+
| NR_CPUS=8 | 110684 |
+---------------+-------------------------+
```
In order to do not affect CPU hotplug and allow to users to have containers
with the same number of physical CPUs, this patch tries to mitigate the
big memory footprint by using the actual number of physical CPUs as the
maximum number of vCPUs for each container if `default_maxvcpus` is <= 0 in
the runtime configuration file, otherwise `default_maxvcpus` is used as the
maximum number of vCPUs.
Before this patch a container with 256MB of RAM
```
total used free shared buff/cache available
Mem: 195M 40M 113M 26M 41M 112M
Swap: 0B 0B 0B
```
With this patch
```
total used free shared buff/cache available
Mem: 236M 11M 188M 26M 36M 186M
Swap: 0B 0B 0B
```
fixes#295
Signed-off-by: Julio Montes <julio.montes@intel.com>
"make install" fails on a clean working directory:
$ make install
install: cannot stat ‘data/kata-collect-data.sh’: No such file or directory
This happens because install and install-scripts do not depend on the
runtime. Make doesn't know it needs to build the runtime before it can
be installed.
Add the missing dependencies to the install targets so that "make
install" works on a clean working directory and rebuilds when source
files have been modified.
Note that SCRIPTS contains the generated kata-collect-data.sh script.
That file needs to be generated before it can be installed, so make
SCRIPTS a dependency of install-scripts.
Fixes: #283
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Add option to configure if IO needs to be in a separate IO thread.
Add tests to verify option is correctly parsed. The default value
is set to false for now.
This should be considered to be enabled by default in the future.
Fixes#132
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Add `initrd=[path]` option to configuration.toml and use it to set
the HypervisorConfig.InitrdPath option.
The default value of hypervisor image option is removed since we want
to allow it to be unset. For the same reason, there is no default value
for hypervisor initrd option either.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
They only exist to remove the generated file `cli/generated.go` but the
removal is unnecessary because:
1. it is ignored in .gitignore
2. it get rebuilt every time when we run `make`
Fixes: #108
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Add a data collection script that can be run by users and its output
pasted directly into a github issue.
The script is designed to make diagnosing issues as easy as possible
and its output provides a summary of a Kata Containers system
including:
- Versions of all components.
- Details of container managers.
- Errors found in the system journal.
Fixes#80.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Merge `cli/Makefile` with the top level `Makefile`.
Also includes a Travis config update.
Fixes#88.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add a basic `Makefile` to allow a runtime to be built:
- Clear Containers-based Kata runtime:
```
$ make KATA_RUNTIME=cc [install]
```
- `runv`-based Kata runtime:
```
$ make KATA_RUNTIME=runv [install]
```
Fixes#15.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
