forked from kata-containers/kata-containers
-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adapt code for vanilla Kata #154
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This fixes the below error when attempting to access the debug console when all debug_console_enabled=true and all 3 enable_debug options are true: level=error msg="error create pseudo tty" error="open /dev/ptmx: operation not permitted" Signed-off-by: Aurelien Bombo <abombo@microsoft.com>
Doesn't make sense for non-TEEs and was only a remnant of cc-msft-prototypes. This will have to be taken into account in microsoft/azurelinux#6942. [upstream-merged] Already done this way upstream. Signed-off-by: Aurélien Bombo <abombo@microsoft.com>
sprt
force-pushed
the
sprt/align-vanilla-sources
branch
from
January 24, 2024 17:47
4be2127
to
fb4c887
Compare
sprt
added a commit
to microsoft/azurelinux
that referenced
this pull request
Jan 24, 2024
* Requires the new Rust virtiosfd 1.8.0. * Removes all patches. See microsoft/kata-containers#122 (comment) for a discussion. Since then, the memory patch was included in msft-main and patch 0004 is included in microsoft/kata-containers#154. * Cleans up runtime make flags: * The following were redundant as we were setting the default: * DEFSHAREDFS * DEFVIRTIOFSCACHESIZE * DEFSANDBOXCGROUPONLY * DEFSTATICRESOURCEMGMT_CLH
sprt
added a commit
to microsoft/azurelinux
that referenced
this pull request
Jan 24, 2024
* Requires the new Rust virtiosfd 1.8.0. * Removes all patches. See microsoft/kata-containers#122 (comment) for a discussion. Since then, the memory patch was included in msft-main and patch 0004 is included in microsoft/kata-containers#154. * Cleans up runtime make flags: * Set DEFVIRTIOFSDAEMON to the Rust binary path. * The following were redundant as we were setting the default: * DEFSHAREDFS (now DEFSHAREDFS_CLH_VIRTIOFS) * DEFVIRTIOFSCACHESIZE * DEFSANDBOXCGROUPONLY * DEFSTATICRESOURCEMGMT_CLH * The following were referring to macros that do not have a value: * QEMUPATH * MACHINETYPE * FEATURE_SELINUX does not exist in the Kata source code.
sprt
added a commit
to microsoft/azurelinux
that referenced
this pull request
Jan 24, 2024
* Removes all patches. See microsoft/kata-containers#122 (comment) for a discussion. Since then, the memory patch was included in msft-main and patch 0004 is included in microsoft/kata-containers#154. * Requires the new Rust virtiosfd 1.8.0. * Adds BuildRequires for devmapper code paths in msft-main. * Cleans up runtime make flags: * Set DEFVIRTIOFSDAEMON to the Rust binary path. * The following were redundant as we were setting the default: * DEFSHAREDFS (now DEFSHAREDFS_CLH_VIRTIOFS) * DEFVIRTIOFSCACHESIZE * DEFSANDBOXCGROUPONLY * DEFSTATICRESOURCEMGMT_CLH * The following were referring to macros that do NOT expand to a value: * QEMUPATH * MACHINETYPE * FEATURE_SELINUX does not exist in the Kata source code. * DEFENABLEANNOTATIONS should not be set to ".*". * Ensures sed doesn't break symlinks. For configuration.toml, sed would convert that file from a symlink to a regular, so it'd become out of sync with configuration-clh.toml. rootfs.sh isn't a symlink but added the flag as well for good measure.
sprt
added a commit
to microsoft/azurelinux
that referenced
this pull request
Jan 24, 2024
* Cleans up runtime make flags: * Set DEFVIRTIOFSDAEMON to the Rust binary path. * The following were redundant as we were setting the default: * DEFSHAREDFS (now DEFSHAREDFS_CLH_VIRTIOFS) * DEFVIRTIOFSCACHESIZE * DEFSANDBOXCGROUPONLY * DEFSTATICRESOURCEMGMT_CLH * The following were referring to macros that do NOT expand to a value: * QEMUPATH * MACHINETYPE * FEATURE_SELINUX does not exist in the Kata source code. * DEFENABLEANNOTATIONS should not be set to ".*". * Removes all patches. See microsoft/kata-containers#122 (comment) for a discussion. Since then, the memory patch was included in msft-main and patch 0004 is included in microsoft/kata-containers#154. * Adds BuildRequires for devmapper code paths in msft-main. * Requires the new Rust virtiosfd 1.8.0. * Ensures sed doesn't break symlinks. For configuration.toml, sed would convert that file from a symlink to a regular, so it'd become out of sync with configuration-clh.toml. rootfs.sh isn't a symlink but added the flag as well for good measure.
sprt
added a commit
to microsoft/azurelinux
that referenced
this pull request
Jan 24, 2024
* Cleans up runtime make flags: * Set DEFVIRTIOFSDAEMON to the Rust binary path. * The following were redundant as we were setting the default: * DEFSHAREDFS (now DEFSHAREDFS_CLH_VIRTIOFS) * DEFVIRTIOFSCACHESIZE * DEFSANDBOXCGROUPONLY * DEFSTATICRESOURCEMGMT_CLH * The following were referring to macros that do NOT expand to a value: * QEMUPATH * MACHINETYPE * FEATURE_SELINUX does not exist in the Kata source code. * DEFENABLEANNOTATIONS should not be set to ".*". * Removes all patches. See microsoft/kata-containers#122 (comment) for a discussion. Since then, the memory patch was included in msft-main and patch 0004 is included in microsoft/kata-containers#154. * Adds BuildRequires for devmapper code paths in msft-main. * Requires the new Rust virtiosfd 1.8.0. * Ensures sed doesn't break symlinks. For configuration.toml, sed would convert that file from a symlink to a regular file, so it'd become out of sync with configuration-clh.toml. rootfs.sh isn't a symlink but added the flag as well for good measure.
sprt
added a commit
to microsoft/azurelinux
that referenced
this pull request
Jan 25, 2024
* Cleans up runtime make flags: * Set DEFVIRTIOFSDAEMON to the Rust binary path. * The following were redundant as we were setting the default: * DEFSHAREDFS (now DEFSHAREDFS_CLH_VIRTIOFS) * DEFVIRTIOFSCACHESIZE * DEFSANDBOXCGROUPONLY * DEFSTATICRESOURCEMGMT_CLH * The following were referring to macros that do NOT expand to a value: * QEMUPATH * MACHINETYPE * FEATURE_SELINUX does not exist in the Kata source code. * DEFENABLEANNOTATIONS should not be set to ".*". * Removes all patches. See microsoft/kata-containers#122 (comment) for a discussion. Since then, the memory patch was included in msft-main and patch 0004 is included in microsoft/kata-containers#154. * Adds BuildRequires for devmapper code paths in msft-main. * Requires the new Rust virtiosfd 1.8.0. * Ensures sed doesn't break symlinks. For configuration.toml, sed would convert that file from a symlink to a regular file, so it'd become out of sync with configuration-clh.toml. rootfs.sh isn't a symlink but added the flag as well for good measure.
sprt
added a commit
to microsoft/azurelinux
that referenced
this pull request
Jan 25, 2024
* Cleans up runtime make flags: * Set DEFVIRTIOFSDAEMON to the Rust binary path. * The following were redundant as we were setting the default: * DEFSHAREDFS (now DEFSHAREDFS_CLH_VIRTIOFS) * DEFVIRTIOFSCACHESIZE * DEFSANDBOXCGROUPONLY * DEFSTATICRESOURCEMGMT_CLH * The following were referring to macros that do NOT expand to a value: * QEMUPATH * MACHINETYPE * FEATURE_SELINUX does not exist in the Kata source code. * DEFENABLEANNOTATIONS should not be set to ".*". * Removes all patches. See microsoft/kata-containers#122 (comment) for a discussion. Since then, the memory patch was included in msft-main and patch 0004 is included in microsoft/kata-containers#154. * Adds BuildRequires for devmapper code paths in msft-main. * Requires the new Rust virtiosfd 1.8.0. * Ensures sed doesn't break symlinks. For configuration.toml, sed would convert that file from a symlink to a regular file, so it'd become out of sync with configuration-clh.toml. rootfs.sh isn't a symlink but added the flag as well for good measure.
When the rootfs is built with AGENT_POLICY=no, the build fails at line 36 for us, since our package build does not have access to the entire source at once. Rather, we only copy the directories that we think we'll need (and we missed that one). TBA in a future packaging change. [upstream-not-needed] Upstream isn't affected as they build with the whole code base. Signed-off-by: Aurelien Bombo <abombo@microsoft.com>
sprt
force-pushed
the
sprt/align-vanilla-sources
branch
from
January 31, 2024 17:23
7729400
to
b4ab11d
Compare
sprt
added a commit
to microsoft/azurelinux
that referenced
this pull request
Jan 31, 2024
* Cleans up runtime make flags: * Set DEFVIRTIOFSDAEMON to the Rust binary path. * The following were redundant as we were setting the default: * DEFSHAREDFS (now DEFSHAREDFS_CLH_VIRTIOFS) * DEFVIRTIOFSCACHESIZE * DEFSANDBOXCGROUPONLY * DEFSTATICRESOURCEMGMT_CLH * The following were referring to macros that do NOT expand to a value: * QEMUPATH * MACHINETYPE * FEATURE_SELINUX does not exist in the Kata source code. * DEFENABLEANNOTATIONS should not be set to ".*". * Removes all patches. See microsoft/kata-containers#122 (comment) for a discussion. Since then, the memory patch was included in msft-main and patch 0004 is included in microsoft/kata-containers#154. * Adds BuildRequires for devmapper code paths in msft-main. * Requires the new Rust virtiosfd 1.8.0. * Ensures sed doesn't break symlinks. For configuration.toml, sed would convert that file from a symlink to a regular file, so it'd become out of sync with configuration-clh.toml. rootfs.sh isn't a symlink but added the flag as well for good measure.
danmihai1
approved these changes
Jan 31, 2024
ms-mahuber
approved these changes
Jan 31, 2024
sprt
force-pushed
the
sprt/align-vanilla-sources
branch
2 times, most recently
from
February 12, 2024 20:58
fcf3b08
to
b4ab11d
Compare
Fixes a remnant of cc-msft-prototypes. This will require a change in the kata-containers-cc spec. [upstream-not-needed] Signed-off-by: Aurelien Bombo <abombo@microsfot.com>
sprt
added a commit
to microsoft/azurelinux
that referenced
this pull request
Feb 12, 2024
* Cleans up runtime make flags: * Set DEFVIRTIOFSDAEMON to the Rust binary path. * The following were redundant as we were setting the default: * DEFSHAREDFS (now DEFSHAREDFS_CLH_VIRTIOFS) * DEFVIRTIOFSCACHESIZE * DEFSANDBOXCGROUPONLY * DEFSTATICRESOURCEMGMT_CLH * The following were referring to macros that do NOT expand to a value: * QEMUPATH * MACHINETYPE * FEATURE_SELINUX does not exist in the Kata source code. * DEFENABLEANNOTATIONS should not be set to ".*". * Removes all patches. See microsoft/kata-containers#122 (comment) for a discussion. Since then, the memory patch was included in msft-main and patch 0004 is included in microsoft/kata-containers#154. * Adds BuildRequires for devmapper code paths in msft-main. * Requires the new Rust virtiosfd 1.8.0. * Ensures sed doesn't break symlinks. For configuration.toml, sed would convert that file from a symlink to a regular file, so it'd become out of sync with configuration-clh.toml. rootfs.sh isn't a symlink but added the flag as well for good measure.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merge Checklist
upstream-missing
label (orupstream-not-needed
) has been set on the PR.Summary
Turns out we can start vanilla Kata pods pretty much out of the box with msft-main. This PR just tweaks the vanilla config file and patches the runtime to unblock the debug console. I'm surprised we still need the runtime change, but I've verified the debug console doesn't work without that patch.
See microsoft/azurelinux#6942 for specs changes.
Test Methodology