It tracks all existing pods in the current runtime. If the runtime
calls multiple APIs, it can reuse existing pod data structure instead
of re-construct it in every API call.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
When specified, it does not spawn a new process to proxy kata grpc
connections. Instead, the yamux multiplexing functionality is builtin
in the kata agent dialer.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
in order to make log-parser happy, mockcontainer must return
always a valid process with a fake PID, since log-parser checks
that PID value in the logs and it must be different to zero
Depends-on: github.com/kata-containers/tests#226
Signed-off-by: Julio Montes <julio.montes@intel.com>
Factorize configuration and hardware support for hotplugging block
devices into a single function and use that.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Use noopAgent in unit tests to add online fake resources.
Fix unit tests according with new changes introduced recently.
fixes#192
Signed-off-by: Julio Montes <julio.montes@intel.com>
The rollback does not work as expected because the error has to be
checked from the defer itself.
Fixes#178
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
In case the container creation fails, we need a proper rollback
regarding the mounts previously performed.
Fixes#135
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
In case the container creation fails, we need a proper rollback
regarding the mounts and hotplugs previously performed.
This patch also rework the hotplugDrive() function in order to
prevent createContainer() function complexity to exceed 15.
Fixes#135
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Fixes#140
`virtcontainers` had been moved from `github.com/containers/virtcontainers` to
`github.com/kata-containers/runtime/virtcontainers`, so we should remove legacy dependencies
of `github.com/containers/virtcontainers` from go imports and vendors.
Also some documents need to be modified.
Note: vendor is updated with `dep` tool with following command:
`$ dep ensure -update github.com/containers/virtcontainers`
Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
Add a hypervisor configuration to specify if IO should
be handled in a separate thread. Add support for iothreads for
virtio-scsi for now. Since we attach all scsi drives to the
same scsi controller, all the drives will be handled in a separate
IO thread which would still give better performance.
Going forward we need to assess if adding more controllers and
attaching iothreasds to each of them with distributing drives
among teh scsi controllers should be done, based on more performance
analysis.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
If a container is not running, but created/ready instead, this means
a container process exists and that we can actually exec another
process inside this container. The container does not have to be
in running state.
Fixes#120
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
In case a consumer of virtcontainers tries to start/stop a container,
or stop a pod, and for some reasons, this fails, virtcontainers always
tries to delete everything related to the container or the pod before
it returns the error.
The caller of the runtime is the one responsible for cleaning things
up if something goes wrong, that's why this cleanup call is never
needed.
A real example of that is the case of cc-runtime and CRI-O, where this
cleanup prevented CRI-O from retrieving proper state of the container
after the failure, leading to the inability to stop and remove the
container and the VM afterwards.
Fixes#87
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit modifies version.yaml to now point to the qemu
2.11 stable version.
It modifies the default QEMU_CMD to be qemu-system-x86_64
instead of qemu-lite-system-x86_64.
And modifies virtcontainers unit tests to now point to the
correct QEMU_CMD.
Fixes: #118.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
The kata_agent.go code breaks after the first /dev/shm. But in case
several are defined, the agent will crash since other /dev/shm will
be wrongly configured in the OCI spec mounts.
Fixes#127
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Instead of ignoring containers based on their path, this commit
relies on the type of mount being "bind" to choose if this mount
should be ignored or not.
For instance, we have some use cases where k8s expects the path
"/dev/container-log" to be bind mounted inside the container, but
the code ignores it because it has the prefix "/dev" which is a
system prefix mount.
Fixes#122
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
To fix CI complains:
virtcontainers/qemu.go:248:⚠️ cyclomatic complexity 18 of
function (*qemu).createPod() is high (> 15) (gocyclo)
Signed-off-by: Peng Tao <bergwolf@gmail.com>
If an initrd image is configured in HypervisorConfig or passed in by
annotations, append it to qemu command line arguments.
Fixes: #97
Signed-off-by: Peng Tao <bergwolf@gmail.com>
With this patch VFIO devices are hot plugged in the VM, that means
no more cold plug in kata containers.
fixes#85
Signed-off-by: Julio Montes <julio.montes@intel.com>
In case of virtio-block, we hotplug devices to a bridge.
We need to remove device from bridge while stopping a
container.
Fixes#82
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
After hot adding vCPUs in the POD, agent's funtion `onlineCPUMem`
must be called to request the agent to online the vCPUs
fixes#67
Signed-off-by: Julio Montes <julio.montes@intel.com>
Added magic tags for `gometalinter` to ignore two unused `const`s that
form part of an `iota` sequence.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
We were using code copied from github.com/safchain/ethtool.
Vendor in upstream package instead to use additional
functionality added in.
Fixes#71
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Since Go 1.8 users no longer need to have GOPATH set in their environment
for the Go tool chain to work. If GOPATH is set, Go will use it. Otherwise
it defaults to ~/go on linux. As most users store their code in ~/go, they
don't bother setting GOPATH any more. virtcontainers-setup.sh, in its
current form, fails for those users, as it requires GOPATH to be set.
This commit fixes the issue by calling go env "GOPATH" to determine the
correct location of the user's go code. go env "GOPATH" will always
return the correct location, whether GOPATH is set, or not.
Fixes: #63
Signed-off-by: Mark Ryan <mark.d.ryan@intel.com>
We ignore routes that have an ipv6 destination, since hyperstart agent
does not have support for ipv6 currently. We should do the same
for default route that has an ipv6 gateway address.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
We ignore routes that have an ipv6 destination, since kata agent
does not have support for ipv6 currently. We should do the same
for default route that has an ipv6 gateway address. We need to
revisit this once we start adding support for ipv6.
Fixes#58
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
This commit enables the support of virtio-scsi for block devices
used as root filesystem or as devices passed through the VM to be
used directly from the container.
Fixes#56
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
There is a shared directory shared through virtio-9p between the
host and guest OS. The version of the driver used matters as it
may improve a few things. In this case, using the specific version
9p2000.L does not result in any regression, and it fixes failures
related to symlinks being passed through 9p.
Fixes#56
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit factorizes the code appending devices to the device list
provided to the Kata agent, in order to reduce the complexity of the
function createContainer().
Fixes#56
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
