When 'debug' is enabled, qemu's debug info is output
into qemu's log file. When lauching qemu failed, it's
better to log these debug info and return it directly
for debugging.
Fixes:#2042
Signed-off-by: lifupan <lifupan@gmail.com>
Kata support several hypervisor and not all hypervisor support the
same type of sockets, for example QEMU support vsock and unix sockets, while
firecracker only support hybrid vsocks, hence sockets generations should be
hypervisor specific
fixes#2027
Signed-off-by: Julio Montes <julio.montes@intel.com>
Rename kataVSOCK to VSock and move it into the types package, this way it can
be accessible by other subpackages. This change is required because in next
commits the socket address and type (socket, vsock, hybrid vsock) will be
hypervisor specific.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Currently only firecracker supports hybrid vsocks, change the implementation
to use hybrid vsocks in firecracker.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Add logger to the http transport to log the requests that the runtime writes
in the firecracker's socket. Enable debug it's enabled.
Signed-off-by: Julio Montes <julio.montes@intel.com>
This commit enables the `share-rw` flag for the image file in s390x.
This enables multiple instances of qemu to share the same image.
Fixes: #2049
Signed-off-by: Jan Schintag <jan.schintag@de.ibm.com>
Fixes: #2023
We can get OCI spec config from bundle instead of annotations, so this
field isn't necessary.
Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>
Add appendImage function to struct qemuS390x, so that a call of
appendImage results in a call to the appendBlockDevice function of
qemuS390x instead of qemuArchBase.
Fixes: #2043
Signed-off-by: Jan Schintag <jan.schintag@de.ibm.com>
Rename function appendVSockPCI to appendVSock to be general. The
function could use PCI or CCW devices.
Added return error to appendVSock.
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Fixes: #2023
CompatOCISpec is used to gurantee backward compatbility for old runtime
specs, after we convert CompatOCISpec to standard specs.Spec, we should
use specs.Spec instead of CompatOCISpec, and CompatOCISpec should be
useless from then.
Spread usage of CompatOCISpec can make code structure confusing and making
the runtime spec usage non-standard. Besides, this can be the very first
step of removing CompatOCISpec from config's Annotations field.
Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>
With MacVTap internetworking, Kata fails to launch containers
with ACRN hypervisor. This was due to missing MAC address as
part of virtio-net device when launching VM. This patch fixes
this issue by adding the MAC address.
Fixes: #2029
Signed-off-by: Vijay Dhanraj <vijay.dhanraj@intel.com>
If ociMounts has DNS file /etc/resolv.conf present,
then pass the dns as part of CreateSandboxRequest to
the agent.
Depends-on: github.com/kata-containers/agent#625
Fixes: #1603
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
Create generic function to be reused to the reimplemented methods by
various architectures
Fixes: #1153
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Reviewed-by: Jan Schintag <jan.schintag@de.ibm.com>
In this way it is possible to set bridge variable for each arch when
instantiating the hypervisor.
Fixes: #1153
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
Co-authored-by: Jan Schintag <jan.schintag@de.ibm.com>
Casting in golang doesn't return a pointer to the structure, instead a new
structure is instantiated. This patch is to update the old structure with
the new one in order to apply the changes.
fixes#2016
Signed-off-by: Julio Montes <julio.montes@intel.com>
The container store should be deleted when new/create is failed if the
store is newly created.
Fixes: #2013
Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>
Use all subsystems for SandboxOnly option to make sure
all cgroups are deleted.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Add containers does not need to check the cgroup path
this is done in a different function
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
When a new sandbox is created, join to its cgroup path
this will create all proxy, shim, etc in the sandbox cgroup.
Fixes: #1879
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
No call cgroup operations for containers in host
if SandboxCgroupOnly is enabled.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
add option to eneable only pod cgroup (SandboxCgroupOnly)
Depends-on: github.com/kata-containers/tests#1824
Fixes: #1879
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
