mirror of
https://github.com/aljazceru/kata-containers.git
synced 2026-01-04 23:14:19 +01:00
845bf73726
Add support for annotations that allow us to custimise a subset of the configurations provided in kata conf toml file. This initial commit adds support for customising vcpus, default max vcpus, memory and the kernel command line passed as Hypervisor config. Replaces #1695 Fixes #1655 Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
90 lines
4.2 KiB
Go
90 lines
4.2 KiB
Go
// Copyright (c) 2017 Intel Corporation
|
|
//
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
//
|
|
|
|
package annotations
|
|
|
|
const (
|
|
kataAnnotationsPrefix = "io.kata-containers."
|
|
kataConfAnnotationsPrefix = kataAnnotationsPrefix + "config."
|
|
kataAnnotHypervisorPrefix = kataConfAnnotationsPrefix + "hypervisor."
|
|
kataAnnotAgentPrefix = kataConfAnnotationsPrefix + "agent."
|
|
kataAnnotRuntimePrefix = kataConfAnnotationsPrefix + "runtime." // nolint: unused
|
|
|
|
// KernelPath is a sandbox annotation for passing a per container path pointing at the kernel needed to boot the container VM.
|
|
KernelPath = kataAnnotHypervisorPrefix + "kernel"
|
|
|
|
// ImagePath is a sandbox annotation for passing a per container path pointing at the guest image that will run in the container VM.
|
|
ImagePath = kataAnnotHypervisorPrefix + "image"
|
|
|
|
// InitrdPath is a sandbox annotation for passing a per container path pointing at the guest initrd image that will run in the container VM.
|
|
InitrdPath = kataAnnotHypervisorPrefix + "initrd"
|
|
|
|
// HypervisorPath is a sandbox annotation for passing a per container path pointing at the hypervisor that will run the container VM.
|
|
HypervisorPath = kataAnnotHypervisorPrefix + "path"
|
|
|
|
// JailerPath is a sandbox annotation for passing a per container path pointing at the jailer that will constrain the container VM.
|
|
JailerPath = kataAnnotHypervisorPrefix + "jailer_path"
|
|
|
|
// FirmwarePath is a sandbox annotation for passing a per container path pointing at the guest firmware that will run the container VM.
|
|
FirmwarePath = kataAnnotHypervisorPrefix + "firmware"
|
|
|
|
// KernelHash is a sandbox annotation for passing a container kernel image SHA-512 hash value.
|
|
KernelHash = kataAnnotHypervisorPrefix + "kernel_hash"
|
|
|
|
// ImageHash is an sandbox annotation for passing a container guest image SHA-512 hash value.
|
|
ImageHash = kataAnnotHypervisorPrefix + "image_hash"
|
|
|
|
// InitrdHash is an sandbox annotation for passing a container guest initrd SHA-512 hash value.
|
|
InitrdHash = kataAnnotHypervisorPrefix + "initrd_hash"
|
|
|
|
// HypervisorHash is an sandbox annotation for passing a container hypervisor binary SHA-512 hash value.
|
|
HypervisorHash = kataAnnotHypervisorPrefix + "hypervisor_hash"
|
|
|
|
// JailerHash is an sandbox annotation for passing a jailer binary SHA-512 hash value.
|
|
JailerHash = kataAnnotHypervisorPrefix + "jailer_hash"
|
|
|
|
// FirmwareHash is an sandbox annotation for passing a container guest firmware SHA-512 hash value.
|
|
FirmwareHash = kataAnnotHypervisorPrefix + "firmware_hash"
|
|
|
|
// AssetHashType is the hash type used for assets verification
|
|
AssetHashType = kataAnnotationsPrefix + "asset_hash_type"
|
|
|
|
// BundlePathKey is the annotation key to fetch the OCI configuration file path.
|
|
BundlePathKey = kataAnnotationsPrefix + "pkg.oci.bundle_path"
|
|
|
|
// ContainerTypeKey is the annotation key to fetch container type.
|
|
ContainerTypeKey = kataAnnotationsPrefix + "pkg.oci.container_type"
|
|
|
|
// KernelModules is the annotation key for passing the list of kernel
|
|
// modules and their parameters that will be loaded in the guest kernel.
|
|
// Semicolon separated list of kernel modules and their parameters.
|
|
// These modules will be loaded in the guest kernel using modprobe(8).
|
|
// The following example can be used to load two kernel modules with parameters
|
|
///
|
|
// annotations:
|
|
// io.kata-containers.config.agent.kernel_modules: "e1000e InterruptThrottleRate=3000,3000,3000 EEE=1; i915 enable_ppgtt=0"
|
|
//
|
|
// The first word is considered as the module name and the rest as its parameters.
|
|
//
|
|
KernelModules = kataAnnotAgentPrefix + "kernel_modules"
|
|
|
|
// DefaultVCPUs is a sandbox annotation for passing the default vcpus assigned for a VM by the hypervisor.
|
|
DefaultVCPUs = kataAnnotHypervisorPrefix + "default_vcpus"
|
|
|
|
// DefaultVCPUs is a sandbox annotation that specifies the maximum number of vCPUs allocated for the VM by the hypervisor.
|
|
DefaultMaxVCPUs = kataAnnotHypervisorPrefix + "default_max_vcpus"
|
|
|
|
// DefaultMemory is a sandbox annotation for the memory assigned for a VM by the hypervisor.
|
|
DefaultMemory = kataAnnotHypervisorPrefix + "default_memory"
|
|
|
|
// KernelParams is a sandbox annotation for passing additional guest kernel parameters.
|
|
KernelParams = kataAnnotHypervisorPrefix + "kernel_params"
|
|
)
|
|
|
|
const (
|
|
// SHA512 is the SHA-512 (64) hash algorithm
|
|
SHA512 string = "sha512"
|
|
)
|