3251beaa23
Move to master tip to get support for vfio hotplug. Changes: df79499 net: Do not check multiqueue for new interface 7d75b1f build(deps): bump quote from 1.0.2 to 1.0.3 841bf89 build(deps): bump failure from 0.1.6 to 0.1.7 86acdb9 build(deps): bump failure_derive from 0.1.6 to 0.1.7 4b32863 docs: Update api.md for VFIO hotplug e518098 scripts: Make integration tests fail if some important commands fail be6f91d tests: Refactoring vhost_user_net test cases 6341736 vhost_user_net: Provide tap option for vhost_user_net backend e0419e9 build: Don't cancel older master builds f0a3e7c build: Bump linux-loader and vm-memory dependencies 6539d4a vfio: handle case for missing iommu_group cfbebd8 build(deps): bump micro_http from `88011bd` to `02def92` 4214806 tests: Remove further use of sudo subshells 2baf5ab tests: Simplfy the shm region check 97affbe tests: Re-enable the virtio-fs tests and make them work with virtio-mmio 7b1d5c1 tests: Remove entropy check from vhost-user-block test a4cca5f tests: sha1sums --check can take a list of hashes 689415e build(deps): bump libssh2-sys from 0.2.15 to 0.2.16 09829c4 vmm: Remove IO bus strong reference from Vm 2dbb376 vmm: Remove all Weak references from DeviceManager 9e915a0 vmm: Remove all Weak references from CpuManager 49268bf pci: Remove all Weak references from PciBus ca426cf devices: Make Bus hold a list of Weak BusDevice references 7773812 vmm: Store the list of BusDevice devices from DeviceManager d0820cc vmm: Make add_vfio_device mutable 948f808 vm: Rename DeviceManager field in Vm structure aa638ea build(deps): bump backtrace from 0.3.44 to 0.3.45 1152b1a ci: Add VFIO hotplug integration test d47f733 vmm: Break the cyclic dependency between DeviceManager and IO bus c1af13e vmm: Update VmConfig when adding new device a86f436 vmm: Add VFIO PCI device hotplug support 320fea0 vmm: Factorize VFIO PCI device creation 00716f9 vmm: Store virtio-iommu device from DeviceManager 5902dfa vmm: Store VFIO KVM device from DeviceManager d9c1b43 vmm: Store MSI InterruptManager from DeviceManager 02adc40 vmm: Store PciBus from DeviceManager 3f396d8 resources: Enable ACPI PCI hotplug in the kernel config d0218e9 vmm: Trigger hotplug notification to the guest 0e58741 vmm: api: Introduce new "add-device" HTTP endpoint 0f1396a vmm: Insert PCI device hotplug operation region on IO bus 65774e8 vmm: Implement BusDevice for DeviceManager 2eb26d4 devices: acpi: Update GED to support PCI devices hotplug 8dbc843 vmm: acpi: Add PCNT method to invoke DVNT c62db97 vmm: acpi: Add _EJ0 to each PCI device slot 4dc2a39 vmm: acpi: Create PHPR container c3a0685 vmm: acpi: Add notification method for PCI device slots 5a68d5b vmm: acpi: Create PCI device slots ead86bb build(deps): bump micro_http from `9945928` to `88011bd` 22dd49d tests: Test virtio-fs with virtio-mmio 642b890 vm-virtio: mmio: Enable reporting of SHM regions via config fields 0223cf8 ci: Update ClearLinux image ed396b4 build(deps): bump vm-memory from `2099f41` to `a84a7b8` 81c2294 vhost_rs: remove unused crate 5200bf3 Cargo: switch vhost_rs to external crate 65a38e6 vm-virtio: vhost_user: Fix blk device configuration space offset value d6e6901 vmm/api: Fix vm.info response definition 8f37200 build(deps): bump micro_http from `3eb926c` to `9945928` cc2d03d build(deps): bump regex-syntax from 0.6.15 to 0.6.16 f5b37e3 build(deps): bump regex-syntax from 0.6.14 to 0.6.15 009f4d2 build(deps): bump micro_http from `8d48e73` to `3eb926c` 5ade9d4 tests: Remove unnecessary sleeps and kill on clean shutdown tests c98949b tests: Wait for VMM to exit in test_serial_file/test_console_file 2f58fb8 tests: Test rebooting works for block self spawn test e817aa6 tests: Improve VM shutdown behaviour 559b70c tests: Make output capture optional dae7608 tests: Remove duplicated network configuration 6466ad2 tests: Remove duplicated disk configuration 9f1ac24 tests: Make the GuestCommand take a reference to the guest 49e70c6 tests: Port integration tests over to GuestCommand 67a5882 tests: Introduce new GuestCommand to handle launching the guest 8142c82 vmm: Move DeviceManager into an Arc<Mutex<>> 531f4ff vhost_user_fs: Remove an unneeded unwrap in handle_event e52129e vhost_user_fs: Process events from HIPRIO queue 0c5c470 build(deps): bump micro_http from `b85757e` to `8d48e73` 5b96dd5 ci: Don't give special capabilities to Rust vhost-user-fs backend d8d790b vhost_rs: Don't check for SLAVE_SEND_FD on SET_SLAVE_REQ_FD 1c5562b vhost_user_fs: Add support for EVENT_IDX eae4f1d vhost_user_fs: Add support for indirect descriptors ea0bc24 vhost_user_fs: Be honest about protocol supported features 42937c9 vm-virtio: Add support for indirect descriptors d7b0b98 tests: Move integration tests to their own directory 3cb4513 vhost_rs: control SlaveFsCacheReq with vhost-user-slave feature 9de3ace devices: implement Aml trait for GED device b77fdeb msi/msi-x: Prevent from losing masked interrupts 8423c08 build(deps): bump proc-macro2 from 1.0.8 to 1.0.9 6315f16 build(deps): bump syn from 1.0.15 to 1.0.16 4cf89d3 pci: handle extended configuration space properly f6b9445 pci: fix pci MMCONFIG address parsing 77ee331 resources: Enable KASLR in kernel config bba5ef3 vmm: Remove deprecated CPU syntax 374ac77 main, vmm: Remove deprecated --vhost-user-net ffd816e main, vmm: Remove deprecated --vhost-user-blk d04e0dc build(deps): bump crossbeam-utils from 0.7.0 to 0.7.2 7da5b53 build(deps): bump ssh2 from 0.7.1 to 0.8.0 109c7f7 build(deps): bump hermit-abi from 0.1.7 to 0.1.8 812a6b9 build(deps): bump syn from 1.0.14 to 1.0.15 ad30791 build(deps): bump memchr from 2.3.2 to 2.3.3 94f2fc3 release-notes: Update for v0.5.1 bug fix release f190cb0 build(deps): bump libc from 0.2.66 to 0.2.67 299eb28 build(deps): bump micro_http from `6fd1545` to `b85757e` d2f1749 vmm: config: Add poll_queue property to DiskConfig 378dd81 vmm: openapi: Add missing "direct" knob to DiskConfig 056f548 vmm: openapi: Fix "readonly" and "wce" defaults in DiskConfig 4ebf01b vhost_user_backend: Don't report out socket broken errors b5755e9 vhost_rs: vhost_user: Return error when connection broken c49e31a vmm: api: Return a resize error when resize fails ebc6391 vmm: api: Fix resize command typos 9de7553 vmm: openapi: Update DiskConfig ed1e781 vmm: Workaround double reboot triggered by the kernel 5c06b7f vhost_user_block: Implement optional static polling 0e4e27e vhost_user_block: Make use of the EVENT_IDX feature 1ef6996 vhost_user_backend: Add helpers for EVENT_IDX d17fa78 vm-virtio: Implement support for EVENT_IDX 793d4e7 vmm: Move codebase to GuestMemoryAtomic from vm-memory ddf6caf ci: Improve test_memory_mergeable_on stability af621be build(deps): bump micro_http from `57ac9df` to `6fd1545` 4970e2f vhost-user-fs: add dax tests for vhost_user_fs rust daemon 59958f0 vhost_user_fs: add the ability to set slave req fd 3f09eff vhost_user_fs: add fs cache request operations 956a84f vhost_user_fs: add necessary structs for map/unmap requests 269d660 vhost_user_fs: add SlaveFsCacheReq to handle map/unmap be78c6d vhost_rs: Fix unit test race condition f7378bc tests: Add self spawning vhost-user-block test 1f6cbad vmm: Add support for spawning vhost-user-block backend 4d60ef5 vm-virtio: vhost_user: block: On shutdown() drop the socket 7fabca3 ci: Don't run unit tests in a privileged container 2724716 build(deps): bump micro_http from `4827569` to `57ac9df` 08a68f2 build: Run unit tests on worker node f21cd31 scripts: dev_cli: Add more privileges for the integration tests a94887e build: Use dev container for integration tests 3edc2bd vmm: Prevent memory overcommitment through virtio-fs shared regions 968c90a build(deps): bump hermit-abi from 0.1.6 to 0.1.7 7485a0c Revert "build: Don't fail build on test_vfio failure" cbc0ac3 build(deps): bump micro_http from `7a23e54` to `4827569` 7fdb5ae build(deps): bump vm-memory from `eb2fc0b` to `f615b19` 0d748c5 build(deps): bump scopeguard from 1.0.0 to 1.1.0 6692fa6 build(deps): bump thiserror from 1.0.10 to 1.0.11 f03602a tests: Add self spawning vhost-user-net test bc75c1b vmm: Add support for spawning vhost-user-net backend d054ddd vm-virtio: Retry connections to vhost-user backends b04eb47 vmm: Follow the "exe" symlink from the PID directory in /proc 5038878 vm-virtio: vhost_user: net: On shutdown() drop the socket 7c9e8b1 vmm: device_manager: Shutdown all virtio devices 545ea9e vm-virtio: Add shutdown method to VirtioDevice trait ebd8369 main: Display git commit hash with the '--version' option bdb92f9 build(deps): bump micro_http from `7fb2e46` to `7a23e54` 2061f0d tests: Always create shared VFIO directory from scratch e8e4f43 tests: Use hugepages for test_vfio 296ada9 scripts: dev_cli: Fix post build permissions for the whole tree 287897d tests: Run test_vfio with PCI binary 1661444 build(deps): bump serde_json from 1.0.47 to 1.0.48 96479da build(deps): bump vm-memory from `f3d1c27` to `eb2fc0b` 88c1683 build(deps): bump memchr from 2.3.1 to 2.3.2 8d3e4f9 build(deps): bump micro_http from `c9e900c` to `7fb2e46` 53481aa docs: Update documentation related to multiqueue network 4dd16c2 vm-virtio: Detect if a tap interface supports multiqueue 8627656 net_util: Provide more accurate error messages 6e5338d build(deps): bump memchr from 2.3.0 to 2.3.1 014844d build: Don't fail build on test_vfio failure 779cbfe build(deps): bump backtrace from 0.3.43 to 0.3.44 700df9e vhost_user_net: Port to new exit event strategy c33c38b vhost_user_block: Port to new exit event strategy da7f31d bin: vhost_user_fs: Port to new exit event strategy 759a0be vhost_user_backend: Add support for handling exiting of worker thread b17bafb build(deps): bump micro_http from `1de6f32` to `c9e900c` 7ca691f vhost_user_block: Implement and use worker shutdown e619fe6 vhost_user_net: Remove "Clone" implementation 613f254 vhost_user_backend: Wait on the worker thread 97ab767 vhost_user_net: Shutdown worker thread on exit 7f032c8 bin: vhost_user_fs: Shutdown worker thread on exit 99cb8dc bin: vhost_user_fs use error! macro logging for consistency 710394b vhost_user_block: Forward the error from unexpected event 4f4c3d3 vhost_user_block: Make Error behave like net and fs versions f1e19d6 vhost_user_backend: Forward the error from main thread 80c9dc2 Revert "vhost-user-backend: Correct error handling in run" c706ca1 scripts: dev_cli: Simplify the build command exit path 0a1d6e1 scripts: dev_cli: Fix build directory permisions c8fa809 scripts: dev_cli: Run unprivileged containers as the host user 26d8cae build(deps): bump micro_http from `ae15e75` to `1de6f32` 572aaa7 build(deps): bump serde_json from 1.0.46 to 1.0.47 04cb35e scripts: Make dev_cli.sh exit on test error 9bf100c build: Run worker and master build in parallel bfbca59 scripts: Don't use interactive & terminal mode for docker 6e6eb5b build: Do cargo tests, unit tests and OpenAPI check on master a5b053f scripts: dev_cli: Use a tmpfs mount for /tmp Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Runtime
This repository contains the runtime for the Kata Containers project.
For details of the other Kata Containers repositories, see the repository summary.
- Introduction
- License
- Platform support
- Download and install
- Quick start for developers
- Architecture overview
- Configuration
- Logging
- Debugging
- Limitations
- Community
- Further information
- Additional packages
Introduction
kata-runtime, referred to as "the runtime", is the Command-Line Interface
(CLI) part of the Kata Containers runtime component. It leverages the
virtcontainers
package to provide a high-performance standards-compliant runtime that creates
hardware-virtualized Linux containers running on Linux hosts.
The runtime is OCI-compatible, CRI-O-compatible, and Containerd-compatible, allowing it to work seamlessly with both Docker and Kubernetes respectively.
License
The code is licensed under an Apache 2.0 license.
See the license file for further details.
Platform support
Kata Containers currently works on systems supporting the following technologies:
- Intel VT-x technology.
- ARM Hyp mode (virtualization extension).
- IBM Power Systems.
- IBM Z mainframes.
Hardware requirements
The runtime has a built-in command to determine if your host system is capable of running and creating a Kata Container:
$ kata-runtime kata-check
Note:
By default, only a brief success / failure message is printed. If more details are needed, the
--verboseflag can be used to display the list of all the checks performed.
rootpermission is needed to check if the system is capable of running Kata containers. In this case, additional checks are performed (e.g., if another incompatible hypervisor is running).
Download and install
See the installation guides available for various operating systems.
Quick start for developers
See the developer guide.
Architecture overview
See the architecture overview for details on the Kata Containers design.
Configuration
The runtime uses a TOML format configuration file called configuration.toml.
The file contains comments explaining all options.
Note:
The initial values in the configuration file provide a good default configuration. You may need to modify this file to optimise or tailor your system, or if you have specific requirements.
Since the runtime supports a
stateless system,
it checks for this configuration file in multiple locations, two of which are
built in to the runtime. The default location is
/usr/share/defaults/kata-containers/configuration.toml for a standard
system. However, if /etc/kata-containers/configuration.toml exists, this
takes priority.
The below command lists the full paths to the configuration files that the runtime attempts to load. The first path that exists will be used:
$ kata-runtime --kata-show-default-config-paths
Aside from the built-in locations, it is possible to specify the path to a
custom configuration file using the --kata-config option:
$ kata-runtime --kata-config=/some/where/configuration.toml ...
The runtime will log the full path to the configuration file it is using. See the logging section for further details.
To see details of your systems runtime environment (including the location of the configuration file being used), run:
$ kata-runtime kata-env
Logging
For detailed information and analysis on obtaining logs for other system
components, see the documentation for the
kata-log-parser
tool.
For runtime logs, see the following sections for the CRI-O and containerd shimv2 based runtimes.
Kata OCI
The Kata OCI runtime (including when used with CRI-O), provides --log= and --log-format= options.
However, the runtime also always logs to the system log (syslog or journald).
To view runtime log output:
$ sudo journalctl -t kata-runtime
Kata containerd shimv2
The Kata containerd shimv2 runtime logs through containerd, and its logs will be sent
to wherever the containerd logs are directed. However, the
shimv2 runtime also always logs to the system log (syslog or journald) under the
identifier name of kata.
To view the shimv2 runtime log output:
$ sudo journalctl -t kata
Debugging
See the debugging section of the developer guide.
Limitations
See the limitations file for further details.
Community
Contact
See how to reach the community.
Further information
See the project table of contents and the documentation repository.
Additional packages
For details of the other packages contained in this repository, see the package documentation.