aljaz/kata-containers
1
0
Fork 0
mirror of https://github.com/aljazceru/kata-containers.git synced 2025-12-18 14:54:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,110 Commits 30 Branches 115 Tags
60bb9d114ac816ee2eb2c69a97fbe69409ee9025
Commit Graph

210 Commits

Author SHA1 Message Date
Ji-Xinyou
a828292b47 runtime-rs: add unit tests for network resource 
Add UTs for network resource

Fixes: #4923
Signed-off-by: Ji-Xinyou <jerryji0414@outlook.com>
 2022-09-01 10:13:09 +08:00
Peng Tao
f1276180b1 Merge pull request #4996 from liubin/fix/4995-delete-socket-option-for-shim 
runtime-rs: delete socket from shim command-line options
 2022-08-31 14:16:56 +08:00
Derek Lee
7914da72c9 cargo.tomls: Added Apache 2.0 to cargo.tomls 
One of the checks done by cargo-deny is ensuring all crates have a valid
license. As the rust programs import each other, cargo.toml files
without licenses trigger the check. While I could disable this check
this would be bad practice.

This adds an Apache-2.0 license in the Cargo.toml files.

Some of these files already had a header comment saying it is an Apache
license. As the entire project itself is under an Apache-2.0 license, I
assumed all individual components would also be covered under that
license.

Signed-off-by: Derek Lee <derlee@redhat.com>
 2022-08-30 09:30:03 -07:00
Bin Liu
11383c2c0e Merge pull request #4797 from openanolis/runtime-rs-coresched 
runtime-rs: add support for core scheduling
 2022-08-29 14:28:30 +08:00
Bin Liu
cce99c5c73 runtime-rs: delete socket from shim command-line options 
The socket is not used to specify the socket address, but
an ENV variable is used for runtime-rs.

Fixes: #4995

Signed-off-by: Bin Liu <bin@hyper.sh>
 2022-08-25 15:32:17 +08:00
Bin Liu
a7e64b1ca9 Merge pull request #4892 from openanolis/shuoyu/runtime-rs 
runtime-rs: support loading kernel modules in guest vm
 2022-08-25 15:01:23 +08:00
Yushuo
4b57c04c33 runtime-rs: support loading kernel modules in guest vm 
Users can specify the kernel module to be loaded through the agent
configuration in kata configuration file or in pod anotation file.

And information of those modules will be sent to kata agent when
sandbox is created.

Fixes: #4894

Signed-off-by: Yushuo <y-shuo@linux.alibaba.com>
 2022-08-25 10:38:04 +08:00
Peng Tao
e0ec09039d runtime-rs: update async-std dependency 
So that we bump several indirect dependencies like crossbeam-channel,
crossbeam-utils to bring in fixes to known security issues like CVE-2020-15254.

Signed-off-by: Peng Tao <bergwolf@hyper.sh>
 2022-08-24 16:56:29 +08:00
Peng Tao
338c282950 dep: update nix dependency 
To fix CVE-2021-45707 that affects nix < 0.20.2.

Fixes: #4929
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
 2022-08-17 16:06:26 +08:00
Bin Liu
8cd1e50eb6 Merge pull request #4921 from liubin/fix/2920-delete-vergen 
runtime-rs: delete vergen dependency
 2022-08-17 10:09:12 +08:00
Bin Liu
eab7c8f28f runtime-rs: delete vergen dependency 
vergen is a build dependency, but it is not being used.
we are processing ver/commit hash by make command, but not by vergen.

Fixes: #4920

Signed-off-by: Bin Liu <bin@hyper.sh>
 2022-08-16 15:31:24 +08:00
Bin Liu
828574d27c Merge pull request #4893 from openanolis/runtime-rs-main 
Runtime-rs: support persist file
 2022-08-16 14:42:22 +08:00
Zhongtao Hu
4d7f3edbaf runtime-rs: support the functionality of cleanup 
Cleanup sandbox resource

Fixes: #4891
Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
 2022-08-13 15:56:38 +08:00
Zhongtao Hu
5aa83754e5 runtime-rs: support save to persist file and restore 
Support the functionality of save and restore for sandbox state

Fixes:#4891
Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
 2022-08-13 15:44:13 +08:00
Zhongtao Hu
c280d6965b runtime-rs: delete route model 
As route model is used for specific internal scenario, and it's not for
the general requirement.

Fixes:#4838
Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
 2022-08-11 15:56:43 +08:00
Ji-Xinyou
4a54876dde runtime-rs: support static resource management functionality 
Supports functionalities of static resource management, enabled by
default.

Fixes: #4742
Signed-off-by: Ji-Xinyou <jerryji0414@outlook.com>
 2022-08-11 09:46:44 +08:00
Zhongtao Hu
8bbffc42cf runtime-rs:update rtnetlink version 
update rtnetlink version for runtime-rs

Fixes:#4824
Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
 2022-08-05 11:18:09 +08:00
Ji-Xinyou
a355812e05 runtime-rs: fixed bug on core-sched error handling 
Kernel code returns -errno, this should check negative values.

Fixes: #4429
Signed-off-by: Ji-Xinyou <jerryji0414@outlook.com>
 2022-08-03 15:26:48 +08:00
Ji-Xinyou
591dfa4fe6 runtime-rs: add support for core scheduling 
Linux 5.14 supports core scheduling to have better security control
for SMT siblings. This PR supports that.

Fixes: #4429
Signed-off-by: Ji-Xinyou <jerryji0414@outlook.com>
 2022-08-02 17:54:04 +08:00
Zhongtao Hu
7247575fa2 runtime-rs:fix cargo clippy 
fix cargo clippy

Fixes: #4791
Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
 2022-08-02 13:17:37 +08:00
Peng Tao
5457deb034 Merge pull request #4741 from openanolis/fix-stop-failed-in-azure 
runtime-rs: fix stop failed in azure
 2022-07-29 11:41:16 +08:00
Quanwei Zhou
fa0b11fc52 runtime-rs: fix stdin hang in azure 
Fix stdin hang in azure.

Fixes: #4740
Signed-off-by: Quanwei Zhou <quanweiZhou@linux.alibaba.com>
 2022-07-28 16:16:37 +08:00
Bin Liu
50b0b7cc15 Merge pull request #4681 from Tim-0731-Hzt/runtime-rs-sharepid 
runtime-rs: fix set share sandbox pid namespace
 2022-07-27 21:43:58 +08:00
Peng Tao
129335714b Merge pull request #4727 from openanolis/anolis-fix-network 
fix network failed for kata ci
 2022-07-26 15:10:55 +08:00
Zhongtao Hu
b3147411e3 runtime-rs:add unit test for set share pid ns 
Fixes:#4680
Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
 2022-07-26 14:42:00 +08:00
Zhongtao Hu
1ef3f8eac6 runtime-rs: set share sandbox pid namespace 
Set the share sandbox pid namepsace from spec

Fixes:#4680
Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
 2022-07-26 14:41:59 +08:00
Quanwei Zhou
57c556a801 runtime-rs: fix stop failed in azure 
Fix the stop failed in azure.

Fixes: #4740
Signed-off-by: Quanwei Zhou <quanweiZhou@linux.alibaba.com>
 2022-07-26 12:16:32 +08:00
Peng Tao
3f4dd92c2d Merge pull request #4702 from openanolis/runtime-rs-endpoint-dev 
runtime-rs: add functionalities support for macvlan and vlan endpoints
 2022-07-25 17:04:45 +08:00
Quanwei Zhou
c825065b27 runtime-rs: fix tc filter setup failed 
Fix bug using tc filter and protocol needs to use network byte order.

Fixes: #4726
Signed-off-by: Quanwei Zhou <quanweiZhou@linux.alibaba.com>
 2022-07-25 11:16:33 +08:00
Quanwei Zhou
e0194dcb5e runtime-rs: update route destination with prefix 
Update route destination with prefix.

Fixes: #4726
Signed-off-by: Quanwei Zhou <quanweiZhou@linux.alibaba.com>
 2022-07-25 11:16:22 +08:00
Ji-Xinyou
896478c92b runtime-rs: add functionalities support for macvlan and vlan endpoints 
Add macvlan and vlan support to runtime-rs code and corresponding unit
tests.

Fixes: #4701
Signed-off-by: Ji-Xinyou <jerryji0414@outlook.com>
 2022-07-22 10:09:11 +08:00
Quanwei Zhou
54f53d57ef runtime-rs: support disable_guest_seccomp 
support disable_guest_seccomp

Fixes: #4691
Signed-off-by: Quanwei Zhou <quanweiZhou@linux.alibaba.com>
 2022-07-21 07:46:28 +08:00
Bin Liu
540303880e Merge pull request #4688 from quanweiZhou/fix_sandbox_cgroup_false 
runtime-rs: fix sandbox_cgroup_only=false panic
 2022-07-19 20:38:57 +08:00
Peng Tao
7c146a5d95 Merge pull request #4684 from quanweiZhou/fix-ctr-exit-error 
runtime-rs: fix ctr exit failed
 2022-07-19 16:02:20 +08:00
Peng Tao
4c3bd6b1d1 Merge pull request #4656 from openanolis/runtime-rs-ipvlan 
runtime-rs: support functionalities of ipvlan endpoint
 2022-07-19 11:15:31 +08:00
Quanwei Zhou
e9988f0c68 runtime-rs: fix sandbox_cgroup_only=false panic 
When run with configuration `sandbox_cgroup_only=false`, we will call
`gen_overhead_path()` as the overhead path. The `cgroup-rs` will push
the path with the subsystem prefix by `PathBuf::push()`. When the path
has prefix “/” it will act as root path, such as
```
let mut path = PathBuf::from("/tmp");
path.push("/etc");
assert_eq!(path, PathBuf::from("/etc"));
```
So we shoud not set overhead path with prefix "/".

Fixes: #4687
Signed-off-by: Quanwei Zhou <quanweiZhou@linux.alibaba.com>
 2022-07-19 08:30:34 +08:00
Quanwei Zhou
cebbebbe8a runtime-rs: fix ctr exit failed 
During use, there will be cases where the container is in the stop state
and get another stop. In this case, the second stop needs to be ignored.

Fixes: #4683
Signed-off-by: Quanwei Zhou <quanweiZhou@linux.alibaba.com>
 2022-07-19 07:43:22 +08:00
Bin Liu
758cc47b32 Merge pull request #4671 from liubin/4670-upgrade-nix 
kata-sys-util: upgrade nix version
 2022-07-18 23:31:07 +08:00
Ji-Xinyou
62182db645 runtime-rs: add unit test for ipvlan endpoint 
Add unit test to check the integrity of IPVlanEndpoint::new(...)

Fixes: #4655
Signed-off-by: Ji-Xinyou <jerryji0414@outlook.com>
 2022-07-18 15:56:06 +08:00
xuejun-xj
545ae3f0ee runtime-rs: fix warning 
Module anyhow::anyhow is only used on x86_64 architecture in
crates/hypervisor/src/device/vfio.rs file.

Fixes: #4676

Signed-off-by: xuejun-xj <jiyunxue@alibaba.linux.com>
 2022-07-18 13:46:39 +08:00
Ji-Xinyou
d8920b00cd runtime-rs: support functionalities of ipvlan endpoint 
Add support for ipvlan endpoint

Fixes: #4655
Signed-off-by: Ji-Xinyou <jerryji0414@outlook.com>
 2022-07-18 11:34:03 +08:00
liubin
996a6b80bc kata-sys-util: upgrade nix version 
New nix is supporting UMOUNT_NOFOLLOW, upgrade nix
version to use this flag instead of the self-defined flag.

Fixes: #4670

Signed-off-by: liubin <liubin0329@gmail.com>
 2022-07-15 17:38:15 +08:00
Quanwei Zhou
3c989521b1 dragonball: update for review 
update for review

Fixes: #3785
Signed-off-by: Quanwei Zhou <quanweiZhou@linux.alibaba.com>
 2022-07-14 10:43:59 +08:00
Quanwei Zhou
3d6156f6ec runtime-rs: support dragonball and runtime-binary 
Fixes: #3785
Signed-off-by: Quanwei Zhou <quanweiZhou@linux.alibaba.com>
Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
 2022-07-14 08:49:30 +08:00
Zhongtao Hu
07231b2f3f runtime-rs:refactor network model with netlink 
add unit test for tcfilter

Fixes: #4289
Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
 2022-06-29 11:38:23 +08:00
Zhongtao Hu
9c526292e7 runtime-rs:refactor network model with netlink 
refactor tcfilter with netlink

Fixes: #4289
Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
 2022-06-29 11:03:29 +08:00
Fupan Li
9cb15ab4c5 agent: add the FSGroup support 
Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
 2022-06-11 11:30:51 +08:00
Fupan Li
ff7874bc23 protobuf: upgrade the protobuf version to 2.27.0 
Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
 2022-06-11 10:05:52 +08:00
Zhongtao Hu
06f398a34f runtime-rs: use withContext to evaluate lazily 
Fixes: #4129
Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
 2022-06-10 22:03:13 +08:00
Quanwei Zhou
fd4c26f9c1 runtime-rs: support network resource 
Fixes: #3785
Signed-off-by: Quanwei Zhou <quanweiZhou@linux.alibaba.com>
 2022-06-10 22:02:58 +08:00