ebb8fd576b
Use latest master to enable memory hotplug. Changes: c1e6d00 ci: Add memory resizing use case to vhost-user tests 890582b ci: Factorize kernel command line 4de2584 ci: Fix mmio tests with direct kernel boot f268246 ci: Factorize integration tests booting from vhost-user-blk 5a5b3cf ci: Factorize vhost-user-blk integration tests dd8debf ci: Run vhost-user-blk tests for mmio builds 0c9c72c ci: Unify vhost-user-blk integration tests c95851f ci: Run vhost-user-net tests for mmio transport 68293fc ci: Factorize vhost-user-net one step further d75e745 vm-virtio: vhost-user: Send memory update to the backend 7ff82af vm-virtio: vhost-user: Factorize SET_MEM_TABLE setup e54f8ec vmm: Update memory through DeviceManager bc874a9 vm-virtio: Add update_memory() to VirtioDevice trait 93becca build(deps): bump backtrace from 0.3.45 to 0.3.46 feb8d7a vmm: Separate seccomp filters between VMM and API threads 5120c27 main: Add seccomp support f1a23d7 vmm: api: Add seccomp to the HTTP API thread db62cb3 vmm: Add seccomp filter to the VMM thread cb98d90 vmm: Create new seccomp_filter module 708f02d vmm: Pull seccomp crate from Firecracker 18fbd30 vhost-user-fs: return correct result of fs_slave_io() bbc385c devices: ioapic: Remove unused MsiMessage structure 2fc86ff dev_cli: Always pull the latest container image 4b462a5 Dockerfile: Add cpio and bsdtar to the container image 8acc15a build: Bump vm-memory and linux-loader dependencies 38ed560 build(deps): bump thiserror from 1.0.12 to 1.0.13 9f67de4 build(deps): bump proc-macro-hack from 0.5.12 to 0.5.14 ebab809 build(deps): bump thiserror from 1.0.11 to 1.0.12 c67e407 build(deps): bump syn from 1.0.16 to 1.0.17 bdcfe1e tests: Add "discard_writes" pmem test 7098602 tests: Make the test_virtio_pmem test use a temporary file f7197e8 vmm: Add a "discard_writes=" to --pmem d11a67b vmm: Use more generic MmapRegion constructor 7257e89 vmm: Add "readonly" parameter MemoryManager::create_userspace_mapping 03cb26c release: v0.6.0 3e9a39c github: Upload the ch-remote asset c503118 vmm: fix a corrupted stack caused by get_win_size 0788600 build: Remove "pvh_boot" feature flag 477bc17 bin: Share VFIO device syntax between cloud-hypervisor and ch-remote 96be2db build(deps): bump serde_derive from 1.0.104 to 1.0.105 5a335fc build(deps): bump serde from 1.0.104 to 1.0.105 a31ffef openapi: Add hotplug_size for memory hotplug 87990f9 vmm: Add virtio-pci device to B/D/F hash table fb185fa vmm: Always return PCI B/D/F from add_virtio_pci_device 462082c build(deps): bump arc-swap from 0.4.4 to 0.4.5 c821e96 vhost_user_fs: Implement support for FUSE_LSEEK 5aa9abc docs: Add document for vhost-user-net test with OVS/DPDK 6329219 vm-virtio: queue: Use a SeqCst fence on get_used_event 63eeed2 vm: Comment on the VM config update from memory hotplug 0895bcb build(deps): bump proc-macro-hack from 0.5.11 to 0.5.12 0541f5a build(deps): bump proc-macro-nested from 0.1.3 to 0.1.4 51f51ea build(deps): bump libc from 0.2.67 to 0.2.68 9cf67d1 arch: x86: Always set the bootloader type ad35470 arch: x86: Extract common bootparams settings 28a5f9d vmm: acpi: Remove unused IORT related structures 5c1207c vhost-user-fs: handle FS_IO request f61f78e build(deps): bump anyhow from 1.0.26 to 1.0.27 efb2447 pvh: Add integration test to validate PVH boot da084fa pvh: Add unit tests for initial sregs and control registers 64941bf pvh: Add unit tests for start_info and memory map structures 9e247c4 pvh: Introduce "pvh_boot" feature a22bc35 pvh: Write start_info structure to guest memory 840a9a9 pvh: Initialize vCPU regs/sregs for PVH boot 24f0e42 pvh: Introduce EntryPoint struct 98b9568 pvh: Add definitions for PVH boot protocol support 6e6ef83 build: Fix log dependency 291f1ce build(deps): bump linux-loader from `0c754f3` to `0ce5bfa` 07cc73b vhost_user_fs: add a flag to disable extended attributes 710520e vhost_user_fs: Process requests in parallel with a thread pool 90309b5 vm-virtio: queue: Add methods to switch a descriptor context 2294c2d Add .rustfmt.toml to the project 48c4885 vhost_user_fs: replace HandleData's File Mutex with RwLock 134e64c arch, qcow: Fix 1.42.0 clippy warnings 6ea85ca resources: Dockerfile: Update Rust toolchain 4579afa vmm: For --disk error if socket and path is specified 7e599b4 vmm: Make disk path optional 477d924 github: Build from a rust toolchain matrix 4f2469e main: Remove "--vhost-user-net" 8d785bb pci: Fix the PciBus using HashMap instead of Vec 04f2ccd build(deps): bump ryu from 1.0.2 to 1.0.3 02265bb build(deps): bump regex-syntax from 0.6.16 to 0.6.17 40b38a4 openapi: Make desired_ram int64 format ca3b39c bin: Fix wrapping in help strings ee1ba56 build: Use "wrap_help" feature for clap 3957d1e vhost_user_backend: call get_used_event from needs_notification 536323d vm-virtio: queue: hint that get_used_event should be inlined 401e1d2 vm-virtio: queue: fix a barrier comment at update_avail_event e0bdfe8 vm-virtio: queue: add a missing memory barrier in get_used_event df2570a resources: Simplify kernel config filename 9ab648b resources: Enable VIRTIO_MEM support 0339853 ci: Bump to kernel 5.6-rc4 abccf76 tests: Use ch-remote to add/remove devices in test_vfio 5c3ce9d tests: Extend ch-remote helper to support optional single argument 9a7d9c9 ch-remote: Support removing VFIO devices 0d53ba4 ch-remote: Support adding VFIO devices babefbd main: Remove spurious second help line for "--device" 63c5d09 github: Trigger the build job on PRs 8cbb6d0 github: Replace Travis CI with github actions efba48d vmm: Don't put a VFIO device behind the vIOMMU by default 34412c9 vmm: Add id option to VFIO hotplug 18dc916 vmm: Switch to the micro-http package 9023444 vmm: Add id field to --device through CLI f4a956a vmm: Remove 32 bits MMIO range from correct address space 432eb5b vmm: Free PCI BARs when unplugging PCI device f0dff8b vfio: pci: Remove KVM user memory region when cleaning up 34d1f43 vfio: pci: Implement free_bars() from the PciDevice trait b8e1cf2 vm-allocator: Add new function to free 32 bits MMIO address space f3dc245 pci: Extend PciDevice trait with new free_bars() method 911a2d6 tests: Use ch-remote to resize the VM 21160f7 ch-remote: Add "resize" command bb2d04b ch-remote: Add support for sending a request body bde4f73 ch-remote: Refactor HTTP response handling 6ed23bb build(deps): bump micro_http from `9bbde4f` to `6b3e5f0` 5edd812 build(deps): bump backtrace-sys from 0.1.33 to 0.1.34 f727714 ci: Add integration test for VFIO hot-unplug b50cbe5 pci: Give PCI device ID back when removing a device df71aae pci: Make the device ID allocation smarter e514b12 vmm: Update VmConfig when removing VFIO device 81173bf vmm: Add id field to DeviceConfig structure 6cbdb9a vmm: api: Introduce new "remove-device" HTTP endpoint 991f3bb vmm: Remove VFIO device from everywhere it is referenced 6adebbc vmm: Detect when guest notifies about ejecting PCI device 0e21c32 devices: Add new method to remove all occurrences of a BusDevice f8e2008 pci: Add a function to remove a PciDevice from the bus 08604ac vmm: Store PCI devices as Any devices from DeviceManager 0f99d3f vmm: Store VFIO device's name and its PCI b/d/f 13a61c4 build(deps): bump rand_chacha from 0.2.1 to 0.2.2 fcd605a build(deps): bump micro_http from `6d416af` to `9bbde4f` 30b6954 vm-virtio: Consume pause events to prevent infinite epoll_wait calls 16fd506 tests: Use new ch-remote for pause/resume integration test ba8cd4d bin: Introduce "ch-remote" for controlling VMM 06cd31c build(deps): bump micro_http from `02def92` to `6d416af` 7e941c9 build(deps): bump linux-loader from `8cb7c66` to `0c754f3` Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Runtime
This repository contains the runtime for the Kata Containers project.
For details of the other Kata Containers repositories, see the repository summary.
- Introduction
- License
- Platform support
- Download and install
- Quick start for developers
- Architecture overview
- Configuration
- Logging
- Debugging
- Limitations
- Community
- Further information
- Additional packages
Introduction
kata-runtime, referred to as "the runtime", is the Command-Line Interface
(CLI) part of the Kata Containers runtime component. It leverages the
virtcontainers
package to provide a high-performance standards-compliant runtime that creates
hardware-virtualized Linux containers running on Linux hosts.
The runtime is OCI-compatible, CRI-O-compatible, and Containerd-compatible, allowing it to work seamlessly with both Docker and Kubernetes respectively.
License
The code is licensed under an Apache 2.0 license.
See the license file for further details.
Platform support
Kata Containers currently works on systems supporting the following technologies:
- Intel VT-x technology.
- ARM Hyp mode (virtualization extension).
- IBM Power Systems.
- IBM Z mainframes.
Hardware requirements
The runtime has a built-in command to determine if your host system is capable of running and creating a Kata Container:
$ kata-runtime kata-check
Note:
By default, only a brief success / failure message is printed. If more details are needed, the
--verboseflag can be used to display the list of all the checks performed.
rootpermission is needed to check if the system is capable of running Kata containers. In this case, additional checks are performed (e.g., if another incompatible hypervisor is running).
Download and install
See the installation guides available for various operating systems.
Quick start for developers
See the developer guide.
Architecture overview
See the architecture overview for details on the Kata Containers design.
Configuration
The runtime uses a TOML format configuration file called configuration.toml.
The file contains comments explaining all options.
Note:
The initial values in the configuration file provide a good default configuration. You may need to modify this file to optimise or tailor your system, or if you have specific requirements.
Since the runtime supports a
stateless system,
it checks for this configuration file in multiple locations, two of which are
built in to the runtime. The default location is
/usr/share/defaults/kata-containers/configuration.toml for a standard
system. However, if /etc/kata-containers/configuration.toml exists, this
takes priority.
The below command lists the full paths to the configuration files that the runtime attempts to load. The first path that exists will be used:
$ kata-runtime --kata-show-default-config-paths
Aside from the built-in locations, it is possible to specify the path to a
custom configuration file using the --kata-config option:
$ kata-runtime --kata-config=/some/where/configuration.toml ...
The runtime will log the full path to the configuration file it is using. See the logging section for further details.
To see details of your systems runtime environment (including the location of the configuration file being used), run:
$ kata-runtime kata-env
Logging
For detailed information and analysis on obtaining logs for other system
components, see the documentation for the
kata-log-parser
tool.
For runtime logs, see the following sections for the CRI-O and containerd shimv2 based runtimes.
Kata OCI
The Kata OCI runtime (including when used with CRI-O), provides --log= and --log-format= options.
However, the runtime also always logs to the system log (syslog or journald).
To view runtime log output:
$ sudo journalctl -t kata-runtime
Kata containerd shimv2
The Kata containerd shimv2 runtime logs through containerd, and its logs will be sent
to wherever the containerd logs are directed. However, the
shimv2 runtime also always logs to the system log (syslog or journald) under the
identifier name of kata.
To view the shimv2 runtime log output:
$ sudo journalctl -t kata
Debugging
See the debugging section of the developer guide.
Limitations
See the limitations file for further details.
Community
Contact
See how to reach the community.
Further information
See the project table of contents and the documentation repository.
Additional packages
For details of the other packages contained in this repository, see the package documentation.