Rename function appendVSockPCI to appendVSock to be general. The
function could use PCI or CCW devices.
Added return error to appendVSock.
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Fixes: #2023
CompatOCISpec is used to gurantee backward compatbility for old runtime
specs, after we convert CompatOCISpec to standard specs.Spec, we should
use specs.Spec instead of CompatOCISpec, and CompatOCISpec should be
useless from then.
Spread usage of CompatOCISpec can make code structure confusing and making
the runtime spec usage non-standard. Besides, this can be the very first
step of removing CompatOCISpec from config's Annotations field.
Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>
With MacVTap internetworking, Kata fails to launch containers
with ACRN hypervisor. This was due to missing MAC address as
part of virtio-net device when launching VM. This patch fixes
this issue by adding the MAC address.
Fixes: #2029
Signed-off-by: Vijay Dhanraj <vijay.dhanraj@intel.com>
Create generic function to be reused to the reimplemented methods by
various architectures
Fixes: #1153
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Reviewed-by: Jan Schintag <jan.schintag@de.ibm.com>
In this way it is possible to set bridge variable for each arch when
instantiating the hypervisor.
Fixes: #1153
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Co-authored-by: Jan Schintag <jan.schintag@de.ibm.com>
Casting in golang doesn't return a pointer to the structure, instead a new
structure is instantiated. This patch is to update the old structure with
the new one in order to apply the changes.
fixes#2016
Signed-off-by: Julio Montes <julio.montes@intel.com>
The container store should be deleted when new/create is failed if the
store is newly created.
Fixes: #2013
Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>
Use all subsystems for SandboxOnly option to make sure
all cgroups are deleted.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Add containers does not need to check the cgroup path
this is done in a different function
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
When a new sandbox is created, join to its cgroup path
this will create all proxy, shim, etc in the sandbox cgroup.
Fixes: #1879
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
No call cgroup operations for containers in host
if SandboxCgroupOnly is enabled.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
add option to eneable only pod cgroup (SandboxCgroupOnly)
Depends-on: github.com/kata-containers/tests#1824
Fixes: #1879
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
The container CgroupsPath is optional acording to OCI.
If for some reason the runtime decide to not define one.
just skip cgroup operations.
This is going to be useful for upcoming, sandbox cgroup only
cgroup managment feature.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Some errors propagate with printing showing a cgroup path.
If for some reason this is empty is difficult to know looking
at the logs.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
constrainHypervisor -> constrainHypervisorVCPUs
Document and rename function.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
prefix cgroup related methods with cgroups,
make easy to group together in auto-generated docs.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Since virtio-fs is under active development, more
options will be added increasingly. To avaoid frequent
change on runtime side to handle option changes, use
one mingled arg to ease testing new option/feature of
virtiofsd.
See `virtiofsd -h` for more option details.
Fixes: #1999
Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>
When shimv2 was killed by accident, containerd would try to
launch a new shimv2 binarry to cleanup the container. In order
to avoid race condition, the cleanup should be done serialized
in a sandbox. Thus adding a new api to do this by locking the
sandbox.
Fixes:#1832
Signed-off-by: lifupan <lifupan@gmail.com>
`virtcontainers.ensureDestinationExists` will create the bind
destination directory/file, which should be removed properly when
unmounting.
Fixes: #1974
Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>
When create container failed, it should delete the container
config from sandbox, otherwise, the following new creating container
would get a wrong resources caculating which would contain the previous
failed container resources such as memory and cpu.
Fixes: #1997
Signed-off-by: lifupan <lifupan@gmail.com>
The following storeSandbox() will store the sandbox config
data, thus there is no need to store it specifically before
run storeSandbox().
Signed-off-by: lifupan <lifupan@gmail.com>
strErr is qemu log message, should add err in error message, or if fail
before launch qemu, can not get corrent message.
Fixes: #1991
Signed-off-by: Ace-Tang <aceapril@126.com>
Since firecracker hasn't support console watching by now, so skip
watching console if the consoleURL is empty.
Fixes: #1970
Signed-off-by: lifupan <lifupan@gmail.com>
