This repository has been archived by the owner on May 12, 2021. It is now read-only.
backport: 1.6.2 backport patches #1543
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Version bump no changes Signed-off-by: katacontainers bot <[email protected]>
…branch-bump # Kata Containers 1.6.0
Now, function NewFactory will return nil even create template does't complete. As for this, it will tell user that factory has been initialized no matter whether the template is created or not. This patch correct it by adding another return value of error in NewFactory. Testing initFactoryCommand when enable template will need root privilege to mount tmpfs. So skip it for no-root user. Testing initFactoryCommand func will create template, but no proxy type assigned to VMconfig which will using katabuiltinProxy instead. this will lead to failure for this type of proxy will check proxyparams which contains many null value. This commit fix it by substitute katabuiltinProxy as noopProxy when for test purpose. Fixes: kata-containers#1333 Signed-off-by: Jianyong Wu <[email protected]>
Fixes: kata-containers#1422 Detect failing test case: ``` .... === RUN TestEnterContainerFailingContNotStarted --- PASS: TestEnterContainerFailingContNotStarted (0.01s) === RUN TestEnterContainer --- FAIL: TestEnterContainer (0.00s) Error Trace: sandbox_test.go:1154 Error: Expected value not to be nil. Messages: Entering non-running container should fail Error Trace: sandbox_test.go:1157 Error: Expected nil, but got: &errors.errorString{s:"Can not move from running to running"} Messages: Failed to start sandbox: Can not move from running to running FAIL ``` `TestEnterContainerFailingContNotStarted` calls `cleanUp` at function begging but it doesn't clean its garbage after it ends. `TestEnterContainer` only call `cleanUp` in the end but it doesn't do cleanUp in the begging, that gives first test case a chance to impact latter one. This commit modifies all the test cases, let them all do the cleanUp() in the end. The policy here is: "everyone needs to take their garbage away when they leave" :) Signed-off-by: Wei Zhang <[email protected]>
do cleanup inside startVM() if start vm get error Fixes: kata-containers#1426 Signed-off-by: Ace-Tang <[email protected]>
update architecture.md link, since it has moved to within the design/ directory. Fixes: kata-containers#1462 Signed-off-by: Gabi Beyer <[email protected]>
Version bump no changes Signed-off-by: Eric Ernst <[email protected]>
Like shim, we should validate the proxy path if it is provided. Fixes: kata-containers#1424 Signed-off-by: Peng Tao <[email protected]>
gometalinter is deprecated and will be archived April '19. The suggestion is to switch to golangci-lint which is apparently 5x faster than gometalinter. Partially Fixes: kata-containers#1377 Signed-off-by: Ganesh Maharaj Mahalingam <[email protected]> (cherry picked from commit f442876)
After we switched golang linter to golangci-lint, we has extra 'deadcode' linter check, and we need to remove this linter check for all generic items. Fixes: kata-containers#1432 Signed-off-by: Penny Zheng <[email protected]> (cherry picked from commit 2e5194e)
Use TRAVIS branch to checkout test repository Fixes: kata-containers#1481 Signed-off-by: Jose Carlos Venegas Munoz <[email protected]>
…vis-fix ci: travis
# Kata Containers 1.6.1
The agent expects a IP CIDR for the route destination rather than an IP address. netmon was incorrectly converting route dest to an IP address and hence exiting with an error. We did not have an integration test for netmon with tcfilter mode. macvtap mode did not uncover this, as with macvtap routes are not really passed to the agent. We delete the IP on the veth device, and netmon looks at the routes after the IP is deleted with macvtap. Fixes kata-containers#1523 Signed-off-by: Archana Shinde <[email protected]>
stable 1.6 backport: netmon: Fix bug in how routes are converted
network: Make tcfilter model as default (cherry picked from commit edc77a0)
config: fix panic in type assertion (cherry picked from commit 303f126)
virtcontainers: prepend a kata specific string to host cgroups path (cherry picked from commit d99693a)
jcvenegas
added a commit
to jcvenegas/runtime
that referenced
this pull request
Aug 6, 2020
Highlights for cloud-hypervisor version 0.9.0 include:
virtiofs updates to new dax implementation based in qemu 5.0
Fixed random issues caused due to seccomp filters
io_uring Based Block Device Support
If the io_uring feature is enabled and the host kernel supports it then io_uring will be used for block devices. This results a very significant performance improvement.
Block and Network Device Statistics
Statistics for activity of the virtio network and block devices is now exposed through a new vm.counters HTTP API entry point. These take the form of simple counters which can be used to observe the activity of the VM.
HTTP API Responses
The HTTP API for adding devices now responds with the name that was assigned to the device as well the PCI BDF.
CPU Topology
A topology parameter has been added to --cpus which allows the configuration of the guest CPU topology allowing the user to specify the numbers of sockets, packages per socket, cores per package and threads per core.
Release Build Optimization
Our release build is now built with LTO (Link Time Optimization) which results in a ~20% reduction in the binary size.
Hypervisor Abstraction
A new abstraction has been introduced, in the form of a hypervisor crate so as to enable the support of additional hypervisors beyond KVM.
Snapshot/Restore Improvements
Multiple improvements have been made to the VM snapshot/restore support that was added in the last release. This includes persisting more vCPU state and in particular preserving the guest paravirtualized clock in order to avoid vCPU hangs inside the guest when running with multiple vCPUs.
Virtio Memory Ballooning Support
A virtio-balloon device has been added, controlled through the resize control, which allows the reclamation of host memory by resizing a memory balloon inside the guest.
Enhancements to ARM64 Support
The ARM64 support introduced in the last release has been further enhanced with support for using PCI for exposing devices into the guest as well as multiple bug fixes. It also now supports using an initramfs when booting.
Intel SGX Support
The guest can now use Intel SGX if the host supports it. Details can be found in the dedicated SGX documentation.
Seccomp Sandbox Improvements
The most frequently used virtio devices are now isolated with their own seccomp filters. It is also now possible to pass --seccomp=log which result in the logging of requests that would have otherwise been denied to further aid development.
Notable Bug Fixes
Our virtio-vsock implementation has been resynced with the implementation from Firecracker and includes multiple bug fixes.
CPU hotplug has been fixed so that it is now possible to add, remove, and re-add vCPUs (kata-containers#1338)
A workaround is now in place for when KVM reports MSRs available MSRs that are in fact unreadable preventing snapshot/restore from working correctly (kata-containers#1543).
virtio-mmio based devices are now more widely tested (kata-containers#275).
Multiple issues have been fixed with virtio device configuration (kata-containers#1217)
Console input was wrongly consumed by both virtio-console and the serial. (kata-containers#1521)
Fixes: kata-containers#2864
Signed-off-by: Jose Carlos Venegas Munoz <[email protected]>
jcvenegas
added a commit
to jcvenegas/runtime
that referenced
this pull request
Aug 11, 2020
Highlights for cloud-hypervisor version 0.9.0 include:
virtiofs updates to new dax implementation based in qemu 5.0
Fixed random issues caused due to seccomp filters
io_uring Based Block Device Support
If the io_uring feature is enabled and the host kernel supports it then io_uring will be used for block devices. This results a very significant performance improvement.
Block and Network Device Statistics
Statistics for activity of the virtio network and block devices is now exposed through a new vm.counters HTTP API entry point. These take the form of simple counters which can be used to observe the activity of the VM.
HTTP API Responses
The HTTP API for adding devices now responds with the name that was assigned to the device as well the PCI BDF.
CPU Topology
A topology parameter has been added to --cpus which allows the configuration of the guest CPU topology allowing the user to specify the numbers of sockets, packages per socket, cores per package and threads per core.
Release Build Optimization
Our release build is now built with LTO (Link Time Optimization) which results in a ~20% reduction in the binary size.
Hypervisor Abstraction
A new abstraction has been introduced, in the form of a hypervisor crate so as to enable the support of additional hypervisors beyond KVM.
Snapshot/Restore Improvements
Multiple improvements have been made to the VM snapshot/restore support that was added in the last release. This includes persisting more vCPU state and in particular preserving the guest paravirtualized clock in order to avoid vCPU hangs inside the guest when running with multiple vCPUs.
Virtio Memory Ballooning Support
A virtio-balloon device has been added, controlled through the resize control, which allows the reclamation of host memory by resizing a memory balloon inside the guest.
Enhancements to ARM64 Support
The ARM64 support introduced in the last release has been further enhanced with support for using PCI for exposing devices into the guest as well as multiple bug fixes. It also now supports using an initramfs when booting.
Intel SGX Support
The guest can now use Intel SGX if the host supports it. Details can be found in the dedicated SGX documentation.
Seccomp Sandbox Improvements
The most frequently used virtio devices are now isolated with their own seccomp filters. It is also now possible to pass --seccomp=log which result in the logging of requests that would have otherwise been denied to further aid development.
Notable Bug Fixes
Our virtio-vsock implementation has been resynced with the implementation from Firecracker and includes multiple bug fixes.
CPU hotplug has been fixed so that it is now possible to add, remove, and re-add vCPUs (kata-containers#1338)
A workaround is now in place for when KVM reports MSRs available MSRs that are in fact unreadable preventing snapshot/restore from working correctly (kata-containers#1543).
virtio-mmio based devices are now more widely tested (kata-containers#275).
Multiple issues have been fixed with virtio device configuration (kata-containers#1217)
Console input was wrongly consumed by both virtio-console and the serial. (kata-containers#1521)
Fixes: kata-containers#2864
Signed-off-by: Jose Carlos Venegas Munoz <[email protected]>
jcvenegas
added a commit
to jcvenegas/runtime
that referenced
this pull request
Aug 11, 2020
Highlights for cloud-hypervisor version 0.9.0 include:
virtiofs updates to new dax implementation based in qemu 5.0
Fixed random issues caused due to seccomp filters
io_uring Based Block Device Support
If the io_uring feature is enabled and the host kernel supports it then io_uring will be used for block devices. This results a very significant performance improvement.
Block and Network Device Statistics
Statistics for activity of the virtio network and block devices is now exposed through a new vm.counters HTTP API entry point. These take the form of simple counters which can be used to observe the activity of the VM.
HTTP API Responses
The HTTP API for adding devices now responds with the name that was assigned to the device as well the PCI BDF.
CPU Topology
A topology parameter has been added to --cpus which allows the configuration of the guest CPU topology allowing the user to specify the numbers of sockets, packages per socket, cores per package and threads per core.
Release Build Optimization
Our release build is now built with LTO (Link Time Optimization) which results in a ~20% reduction in the binary size.
Hypervisor Abstraction
A new abstraction has been introduced, in the form of a hypervisor crate so as to enable the support of additional hypervisors beyond KVM.
Snapshot/Restore Improvements
Multiple improvements have been made to the VM snapshot/restore support that was added in the last release. This includes persisting more vCPU state and in particular preserving the guest paravirtualized clock in order to avoid vCPU hangs inside the guest when running with multiple vCPUs.
Virtio Memory Ballooning Support
A virtio-balloon device has been added, controlled through the resize control, which allows the reclamation of host memory by resizing a memory balloon inside the guest.
Enhancements to ARM64 Support
The ARM64 support introduced in the last release has been further enhanced with support for using PCI for exposing devices into the guest as well as multiple bug fixes. It also now supports using an initramfs when booting.
Intel SGX Support
The guest can now use Intel SGX if the host supports it. Details can be found in the dedicated SGX documentation.
Seccomp Sandbox Improvements
The most frequently used virtio devices are now isolated with their own seccomp filters. It is also now possible to pass --seccomp=log which result in the logging of requests that would have otherwise been denied to further aid development.
Notable Bug Fixes
Our virtio-vsock implementation has been resynced with the implementation from Firecracker and includes multiple bug fixes.
CPU hotplug has been fixed so that it is now possible to add, remove, and re-add vCPUs (kata-containers#1338)
A workaround is now in place for when KVM reports MSRs available MSRs that are in fact unreadable preventing snapshot/restore from working correctly (kata-containers#1543).
virtio-mmio based devices are now more widely tested (kata-containers#275).
Multiple issues have been fixed with virtio device configuration (kata-containers#1217)
Console input was wrongly consumed by both virtio-console and the serial. (kata-containers#1521)
Fixes: kata-containers#2864
Signed-off-by: Jose Carlos Venegas Munoz <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backports include below patches
#1502
#1441
#1518