Fix nasty bug which resulted in `kata-env` showing
`VMContainerCapable = true` even on amd64 systems without virtualisation
support (thankfully `kata-check` still showed the correct results).
Added arch-specific tests to avoid any possibility of regression.
Fixes#660.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Add a heuristic to ensure the amount of memory allocated to the
hypervisor is bigger than the size of the image.
This catches simple configuration issues where `default_memory=` is set
to a smaller value than the size of either the `image=` or `initrd=`
files.
If the configured image type is `initrd`, fail but only warn in the
logs for `image` as although it seems a highly unlikely scenario, it is
permitted.
Update tests to ensure that created resources have `>0` bytes.
Fixes#636.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
The `TestMinimalRuntimeConfig` should not be using the real
resource files that might be installed on a system so make temporary
files instead to better control the test.
Split out `TestMinimalRuntimeConfigWithVsock` to reduce cyclomatic
complexity (along with dropping the config file delete at the end - not
required as the entire test-specific directory gets auto-deleted).
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
The CLI being the implementation of the OCI specification, and the
hooks being OCI specific, it makes sense to move the handling of any
OCI hooks to the CLI level. This changes allows the Kata API to
become OCI agnostic.
Fixes#599
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
This commit moves the network namespace creation out of virtcontainers
in order to anticipate the move of the OCI hooks to the CLI through a
follow up commit.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Add additional `context.Context` parameters and `struct` fields to allow
trace spans to be created by the `virtcontainers` internal functions,
objects and sub-packages.
Note that not every function is traced; we can add more traces as
desired.
Fixes#566.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
We need this configuration due to a limitation in seabios
firmware in handling hotplug for PCI devices with large BARS.
Long term, this needs to be fixed in the firmware.
Fixes#594
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
`kata-env` did not include the path to the runtime exe itself.
Add that into the Runtime section.
Fixes: #577
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Add initial support for opentracing by using the `jaeger` package.
Since opentracing uses the `context` package, add a `context.Context`
as the first parameter to all the functions that we might want to
trace. Trace "spans" (trace points) are then added by extracting the
trace details from the specified context parameter.
Notes:
- Although the tracer is created in `main()`, the "root span"
(aka the first trace point) is not added until `beforeSubcommands()`.
This is by design and is a compromise: by delaying the creation of the
root span, the spans become much more readable since using the web-based
JaegerUI, you will see traces like this:
```
kata-runtime: kata-runtime create
------------ -------------------
^ ^
| |
Trace name First span name
(which clearly shows the CLI command that was run)
```
Creating the span earlier means it is necessary to expand 'n' spans in
the UI before you get to see the name of the CLI command that was run.
In adding support, this became very tedious, hence my design decision to
defer the creation of the root span until after signal handling has been
setup and after CLI options have been parsed, but still very early in
the code path.
- At this stage, the tracing stops at the `virtcontainers` call
boundary.
- Tracing is "always on" as there doesn't appear to be a way to toggle
it. However, its resolves to a "nop" unless the tracer can talk to a
jaeger agent.
Note that this commit required a bit of rework to `beforeSubcommands()`
to reduce the cyclomatic complexity.
Fixes#557.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Created two new helper functions to create a `cli.Context` with and without a
`cli.App`.
Calling these functions simplifies a lot of test code.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
When starting a kata container, if both initrd and rootfs
are provided in the configuration file then the error message
presented is "cannot specify an image and an initrd in
configuration file" which might be a bit confusing. This
fix makes the error message more explicit.
Fixes: #563
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
When the hypervisor option `use_vsock` is true the runtime will check for vsock
support. If vsock is supported, not proxy will be used and the shims
will connect to the VM using VSOCKS. This flag is true by default, so will use
VSOCK when possible and no proxy will be started.
fixes#383
Signed-off-by: Jose Carlos Venegas Munoz jose.carlos.venegas.munoz@intel.com
Signed-off-by: Julio Montes <julio.montes@intel.com>
add extra field in KataAgentConfig structure to specify if the
kata agent have to use a vsock instead of serial port.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Add `use_vsock` option to enable or disable the use of vsocks
for communication between host and guest.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Signed-off-by: Julio Montes <julio.montes@intel.com>
Refine the changes made on #468 by adding the containerID log field as
soon as possible (before *any* virtcontainers calls). This requires
that `setExternalLoggers()` be called more times, but it's essential to
ensure the correct log fields are available as early as possible.
Partially fixes#519.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
We were defer removing the temporary config.json files
but not the tmpdir path we had created to store them in.
Expose that path out so we can defer removeall it.
Fixes: #480
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
For one thing, it is not used by any kata components. For another thing,
it breaks vm factory hypervisor config check.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Add enable_template option to the config file.
When it is set, enable the vm template factory.
cache factory cannot be used by kata cli directly because
it requires a running daemon to maintain the cache VMs.
`kata-runtime factory init` would initialize the vm factory and
`kata-runtime factory destroy` would destroy the vm factory.
When configured, a vm factory is loaded before creating new sandboxes.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Ephemeral volumes should not be passed at 9pfs mounts.
They should be created inside the VM.
This patch disables ephemeral volumes from getting
mounted as 9pfs from the host and instead a corresponding
tmpfs is created inside the VM.
Fixes : #61
Signed-off-by: Harshal Patil <harshal.patil@in.ibm.com>
Add a test to ensure the JSON output passes the same
parameter check and write/re-read test as the TOML one.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
With the addition of the JSON kata-env output, we need
to fix up the tests:
- add a test for the JSON flag
- fix the format/layout of the other tests to take into
account the change in function API and the additon of a
flagset to the cmdline ctx.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Having a direct JSON output for kata-env will help record
results in our CIs in some instances. Add that ability with
a kata-env command line extension.
Fixes: #474
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Add the runtime CLI command name to the virtcontainers logger so that it
is clear when reading virtcontainers log entries which runtime command
they refer to.
Fixes#448.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Once `containerID` and `sandboxID` fields are available, re-register
the logger with the external packages to ensure they too display these
important fields.
Fixes#467.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
