Build and publish for ppc64le #3
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Pause and resume task do not currently update the status of the container to paused or running, so fix this. This is specifically for pausing the task and not the VM. Fixes kata-containers#6434 Signed-off-by: Chelsea Mafrica <[email protected]>
Amulyam24
force-pushed
the
workflow-1
branch
15 times, most recently
from
a10ce05 to
9bc5e70
Compare
After running cri-containerd/integration-tests twice we receive permission denied during containerd clean. Fixes: kata-containers#8216 Signed-off-by: Beraldo Leal <[email protected]>
Amulyam24
force-pushed
the
workflow-1
branch
6 times, most recently
from
896e73c to
7a7b948
Compare
This is to skip a flaky test `create_tmpfs()` on s390x until a root cause is identified and fixed. Fixes: kata-containers#4248 Signed-off-by: Hyounggyu Choi <[email protected]>
Add the hypervisor security details to the output of the `kata-runtime env` and `kata-ctl env` commands so the user can see, amongst other things, the value of `confidential_guest`. Fixes: kata-containers#8313. Signed-off-by: James O. D. Hunt <[email protected]>
This feature supports creating bind mounts directly between containers through annotations. Fixes: kata-containers#6715 Signed-off-by: HanZiyao <[email protected]>
Improve the code by fixing some lint issues: - defining variables before using them. - Using `grep -E` rather than `egrep`. - Quoting variables. - Adding a check for invalid CLI arguments. Signed-off-by: James O. D. Hunt <[email protected]>
The archive names for x86_64 [Kata releases](https://github.com/kata-containers/kata-containers/releases) used to include the tag `x86_64`, but that has now been changed to `amd64`, which unfortunately broke `kata-manager.sh`: ``` kata-static-3.1.3-x86_64.tar.xz ~~~~~~ expected kata-static-3.2.0-alpha3-x86_64.tar.xz ~~~~~~ expected kata-static-3.2.0-alpha4-amd64.tar.xz ~~~~~ changed ``` Fixes: kata-containers#8321. Signed-off-by: James O. D. Hunt <[email protected]>
Use tabs consistently. Signed-off-by: James O. D. Hunt <[email protected]>
Contained release files include the version number without a "v" prefix. However, the tag for the equivalent release does include it so handle this distinction and also tighten up the Kata check by specifying an explicit version number in the regex. Signed-off-by: James O. D. Hunt <[email protected]>
We don't have to do this since we're relying on the `static_sandbox_resource_mgmt` feature, which gives us the correct amount of memory and CPUs to be allocated. Signed-off-by: Fabiano Fidêncio <[email protected]>
…check-dl-url-count utils: kata-manager: Ensure only one download URL
…cy-doc docs: add agent policy documentation
First of all, this is a controversial piece, and I know that. In this commit we're trying to make a less greedy approach regards the amount of vCPUs we allocate for the VMM, which will be advantageous mainly when using the `static_sandbox_resource_mgmt` feature, which is used by the confidential guests. The current approach we have basically does: * Gets the amount of vCPUs set in the config (an integer) * Gets the amount of vCPUs set as limit (an integer) * Sum those up * Starts / Updates the VMM to use that total amount of vCPUs The fact we're dealing with integers is logical, as we cannot request 500m vCPUs to the VMMs. However, it leads us to, in several cases, be wasting one vCPU. Let's take the example that we know the VMM requires 500m vCPUs to be running, and the workload sets 250m vCPUs as a resource limit. In that case, we'd do: * Gets the amount of vCPUs set in the config: 1 * Gets the amount of vCPUs set as limit: ceil(0.25) * 1 + ceil(0.25) = 1 + 1 = 2 vCPUs * Starts / Updates the VMM to use 2 vCPUs With the logic changed here, what we're doing is considering everything as float till just before we start / update the VMM. So, the flow describe above would be: * Gets the amount of vCPUs set in the config: 0.5 * Gets the amount of vCPUs set as limit: 0.25 * ceil(0.5 + 0.25) = 1 vCPUs * Starts / Updates the VMM to use 1 vCPUs In the way I've written this patch we introduce zero regressions, as the default values set are still the same, and those will only be changed for the TEE use cases (although I can see firecracker, or any other user of `static_sandbox_resource_mgmt=true` taking advantage of this). There's, though, an implicit assumption in this patch that we'd need to make explicit, and that's that the default_vcpus / default_memory is the amount of vcpus / memory required by the VMM, and absolutely nothing else. Also, the amount set there should be reflected in the podOverhead for the specific runtime class. One other possible approach, which I am not that much in favour of taking as I think it's **less clear**, is that we could actually get the podOverhead amount, subtract it from the default_vcpus (treating the result as a float), then sum up what the user set as limit (as a float), and finally ceil the result. It could work, but IMHO this is **less clear**, and **less explicit** on what we're actually doing, and how the default_vcpus / default_memory should be used. Fixes: kata-containers#6909 Signed-off-by: Fabiano Fidêncio <[email protected]> Signed-off-by: Christophe de Dinechin <[email protected]>
With the change done in the last commit, instead of calculating milli cpus, we're actually converting the CPUs to a fraction number, a float. Let's update the function name (and associated vars) to represent that change. Signed-off-by: Fabiano Fidêncio <[email protected]>
As we've done some changes in the VMM vcpu allocation, let's introduce basic tests to make sure that we're getting the expected behaviour. The test consists in checking 3 scenarios: * default_vcpus = 0 | no limits set * this should allocate 1 vcpu * default_vcpus = 0.75 | limits set to 0.25 * this should allocate 1 vcpu * default_vcpus = 0.75 | limits set to 1.2 * this should allocate 2 vcpus The tests are very basic, but they do ensure we're rounding things up to what the new logic is supposed to do. Signed-off-by: Fabiano Fidêncio <[email protected]>
- Dragonball's vhost-net feature not depends on virtio-net feature.
- Remove `TapError` from dbs-virtio-devices's Error, and add `VirtioNet`
and `VhostNet` two fields.
- Downgrade visiblity of two fields of `VhostNetDeviceMgr` from
`pub(crate)`.
- File an issue to record a todo for network rate limiter.
- Print internal errors with `{0:?}.
Signed-off-by: Xuewei Niu <[email protected]>
`test_networkconfig_to_netconfig` from clh depends on `NetworkConfig` which has some new fields in this PR. Therefore, this commit gives the test missing fields. Signed-off-by: Xuewei Niu <[email protected]>
- Remove two panic statements from InsertNetworkDevice test. - Rename `NUM_QUEUES` to `DEFAULT_NUM_QUEUES`, `QUEUE_SIZE` to `DEFAULT_QUEUE_SIZE` for vhost-net and virtio-net. Signed-off-by: Xuewei Niu <[email protected]>
set_offload() for tap devices depends on acked features. Signed-off-by: Helin Guo <[email protected]> Signed-off-by: Xuewei Niu <[email protected]>
- Add feature control for InsertNetworkDevice. Signed-off-by: Xuewei Niu <[email protected]>
PR kata-containers#8311 inadvertently broke the runtime-rs / Cloud Hypervisor TDX handling. It also introduced unrecoverable failure scenarios. Hence, replace slow, fallible regex matching in logging fast path with single pass non-failing multi-string log level matching. Also, added a unit test for `parse_ch_log_level()`. Fixes: kata-containers#8418. Signed-off-by: James O. D. Hunt <[email protected]>
…x-tdx runtime-rs: ch: Fix TDX
This reverts commit e9bd852.
Peng Tao made this move as part of 1280f85, and here we're simply adjusting to the move. Signed-off-by: Fabiano Fidêncio <[email protected]>
There's no need to keep those as separate files, and by having those in the basic-ci-amd64.yaml file actually helps us to avoid the undocummented GHA limitation about the number of files imported. Signed-off-by: Fabiano Fidêncio <[email protected]>
…_init_environment metrics: Fix function that completely stops kata containers before running a test
…add-list-option utils: kata-manager: Add option to list versions
…-8115 ci: Re-add tracing tests and move docker/nerdctl to the basic-ci-amd64.yaml file
Two workflows, run-nerdctl-tests-on-garm.yaml and run-docker-tests-on-garm.yaml, are removed from commit b481d39. However, they are referenced by CI workflow. It leads to the CI not working properly. This patch is to remove those files from ci.yaml. Fixes: kata-containers#8433 Signed-off-by: Xuewei Niu <[email protected]>
…and-nerdctl gha: Remove docker and nerdctl tests from ci.yaml
This patch is to remove vhost-net dependency on virtio-net for dbs-virtio-devices crate. Then, the feature of vhost-net is able to enable without enabling virtio-net device, error, etc. Fixes: kata-containers#8423 Signed-off-by: Xuewei Niu <[email protected]>
The virtio vsock driver has a small window during initialization where it can silently drop replies to connection requests. Because no reply is sent, kata waits for 10 seconds and in the end it generates a connection timeout error in HybridVSockDialer. Fixes: kata-containers#8291 Signed-off-by: Alexandru Matei <[email protected]>
…mprove-vcpu-allocation-on-host-side runtime: Improve vCPU allocation for the VMMs
…-drop kernel: Fix vsock packets drop when the driver initializes
…io-net dragonball: Remove vhost-net dependency on virtio-net
Amulyam24
force-pushed
the
workflow-1
branch
2 times, most recently
from
a127cc3 to
f18794d
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.