profile
viewpoint
zhangwei_cs WeiZhang555 Kata Containers Beijing, China weizhang555.github.io Former Kata Containers Architecture Committee/Container Fans/Cloud Native developer. Live long and prosper!

WeiZhang555/agent 0

Virtual Machine agent for hardware virtualized containers

WeiZhang555/bilibili_go_server 0

https://github.com/openbilibili/go-common/

WeiZhang555/blessed-contrib 0

Build terminal dashboards using ascii/ansi art and javascript

WeiZhang555/bolt 0

An embedded key/value database for Go.

WeiZhang555/cc-oci-runtime 0

OCI (Open Containers Initiative) compatible runtime

WeiZhang555/cgroups 0

cgroups package for Go

WeiZhang555/clair 0

Container Vulnerability Analysis Service

WeiZhang555/cni 0

Container Network Interface

WeiZhang555/containerd 0

Standalone Container Daemon

Pull request review commentkata-containers/runtime

virtcontainers/qemu: fix createSandbox to admin de morgan's law

 func (q *qemu) createSandbox(ctx context.Context, id string, networkNS NetworkNa 	// subsequent ones with shared=off. virtio-fs always requires shared=on for 	// memory. 	if q.config.SharedFS == config.VirtioFS || q.config.FileBackedMemRootDir != "" {-		if !(q.config.BootToBeTemplate || q.config.BootFromTemplate) {+		if (!q.config.BootToBeTemplate && !q.config.BootFromTemplate) {

They're same logic with different code writting.

What is this trying to fix?

freeHackOfJeff

comment created time in 7 days

startedocclum/occlum

started time in 12 days

issue commentWeiZhang555/tabwriter

Some "CJK" characters are only one space

@gwd Thanks for you suggestion! Yesterday I had already merged a PR introducing https://godoc.org/github.com/mattn/go-runewidth , link is https://github.com/WeiZhang555/tabwriter/pull/1/files

I hope it can solver your problem 😄

gwd

comment created time in 12 days

startedkata-containers/proxy

started time in 13 days

push eventWeiZhang555/tabwriter

yasukotelin

commit sha 24cab3bba2efc748f40af2ae3726efda5a976b58

Fix the display width when mixes cjk and english string.

view details

zhangwei_cs

commit sha e5c45f4da38de1c97da8478eff3164f134a3b212

Merge pull request #1 from yasukotelin/fix-displayWidth Fix the display width when mixes cjk and english string.

view details

push time in 13 days

PR merged WeiZhang555/tabwriter

Fix the display width when mixes cjk and english string.

Hi! Thank you for your nice library😆!

I want to use text mixed cjk with english, but disps below output.

hello你好   this      is        a         test      from      wei
你好hello      hello     世界      world     。        再见      :)

cjk words should be disped with 2 word width(font width). So I fix like the below. This is computing the displayWidth with mattn/go-runewidth library.

hello你好   this      is        a         test      from      wei
你好hello   hello     世界      world     。        再见      :)

Thanks!

+24 -35

1 comment

2 changed files

yasukotelin

pr closed time in 13 days

pull request commentWeiZhang555/tabwriter

Fix the display width when mixes cjk and english string.

Wow, thanks for your patch.

Sorry it take me 2 months to notice your PR, finally :-)

LGTM

yasukotelin

comment created time in 13 days

issue commentWeiZhang555/tabwriter

Some "CJK" characters are only one space

Out of curiosity, did you first try to report a bug upstream?

@gwd I tried but Golang community didn't accept my patch, the real situation could be complicated so I might have only solved part of the problem. So far I'm not sure if the upstream golang fixed this problem or not.

gwd

comment created time in 13 days

issue closedkata-containers/runtime

CI: Initrd CI are failing due to garbage dir

Some initrd Jenkins job are failing due to garbage dir, reflink: http://jenkins.katacontainers.io/job/kata-containers-runtime-Power8-ubuntu-18-04-PR-initrd/740/consoleFull

ok  	github.com/kata-containers/runtime/virtcontainers/pkg/nsenter	0.221s	coverage: 94.6% of statements
INFO: Running 'go test' as current user on package 'github.com/kata-containers/runtime/virtcontainers/pkg/oci' with flags '-v  -timeout 30s'
Unable to create /tmp/virtc/ocibundle/ mkdir /tmp/virtc/ocibundle/: permission denied
FAIL	github.com/kata-containers/runtime/virtcontainers/pkg/oci	0.041s
Makefile:634: recipe for target 'go-test' failed
make: *** [go-test] Error 1
Build step 'Execute shell' marked build as failure
Performing Post build task...
Match found for :.* : True

The problem is caused by unit test for virtcontainers/pkg/oci/

Try "go test -count=1 -v ./virtcontainers/pkg/oci/", then you can see temp dir left in /tmp

$ ls -l /tmp/
total 4
drwxr-x--- 3 zhangwei zhangwei 4096 1月  14 10:24 virtc

closed time in 14 days

WeiZhang555

PR closed kata-containers/runtime

[DNM] CI: remove temp dir after unit test

Fixes #2391

When do unit test on package virtcontainers/pkg/oci/, we see there would be /tmp/virtc dir left after, this will make later CI works fail.

Signed-off-by: Wei Zhang weizhang555.zw@gmail.com

+23 -8

3 comments

1 changed file

WeiZhang555

pr closed time in 14 days

pull request commentkata-containers/runtime

[DNM] CI: remove temp dir after unit test

The fix has been included in another merged PR: https://github.com/kata-containers/runtime/pull/2239

so I'll close this one.

WeiZhang555

comment created time in 14 days

delete branch WeiZhang555/runtime

delete branch : persist-storage

delete time in 14 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

Wow 🎆 👏

Thanks everyone for help review!

WeiZhang555

comment created time in 14 days

pull request commentkata-containers/runtime

FC: Update Firecracker to v0.20.0

@chavafg @devimc The FC job is continually failing randomly, I've encountered the same problem: https://github.com/kata-containers/runtime/pull/2239

Pennyzct

comment created time in 14 days

pull request commentkata-containers/runtime

CI: remove temp dir after unit test

/test

WeiZhang555

comment created time in 14 days

PR opened kata-containers/runtime

CI: remove temp dir after unit test

Fixes #2391

When do unit test on package virtcontainers/pkg/oci/, we see there would be /tmp/virtc dir left after, this will make later CI works fail.

Signed-off-by: Wei Zhang weizhang555.zw@gmail.com

+23 -8

0 comment

1 changed file

pr created time in 14 days

create barnchWeiZhang555/runtime

branch : fix-initrd-ci

created branch time in 14 days

issue openedkata-containers/runtime

CI: Initrd CI are failing due to garbage dir

Some initrd Jenkins job are failing due to garbage dir, reflink: http://jenkins.katacontainers.io/job/kata-containers-runtime-Power8-ubuntu-18-04-PR-initrd/740/consoleFull

ok  	github.com/kata-containers/runtime/virtcontainers/pkg/nsenter	0.221s	coverage: 94.6% of statements
INFO: Running 'go test' as current user on package 'github.com/kata-containers/runtime/virtcontainers/pkg/oci' with flags '-v  -timeout 30s'
Unable to create /tmp/virtc/ocibundle/ mkdir /tmp/virtc/ocibundle/: permission denied
FAIL	github.com/kata-containers/runtime/virtcontainers/pkg/oci	0.041s
Makefile:634: recipe for target 'go-test' failed
make: *** [go-test] Error 1
Build step 'Execute shell' marked build as failure
Performing Post build task...
Match found for :.* : True

The problem is caused by unit test for virtcontainers/pkg/oci/

Try "go test -count=1 -v ./virtcontainers/pkg/oci/", then you can see temp dir left in /tmp

$ ls -l /tmp/
total 4
drwxr-x--- 3 zhangwei zhangwei 4096 1月  14 10:24 virtc

created time in 14 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test-fc

WeiZhang555

comment created time in 14 days

pull request commentkata-containers/runtime

kata-check: Add version consistency check

/test

Pennyzct

comment created time in 14 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

@devimc I think initrd and firecracker CI are unstable, for FC test, it fails quite randomly, besides I don't have a complete env testing and debugging this.

Is there anyone can help?

WeiZhang555

comment created time in 14 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test-fc

WeiZhang555

comment created time in 15 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

@devimc I think you're testing the backward compatibility in wrong direction(correct me if I'm wrong).

The backward testing process should be:

  1. start container with "master" kata-runtime
  2. replace kata-runtime from PR
  3. docker exec and docker rm the container with PR kata-runtime to check if it breaks master.

I think your "backward compatibility" test is actually "forward compatibility" and vice versa.

I modified the test case according to my environment and run it locally, the script:

#!/bin/bash

test_backward_compatibility() {
	echo "Running backward compatibility test"

	runtime_path="$1"
	master_runtime_path="$2"

	# start container with old runtime
	cp $runtime_path kata-runtime && sync

	# run a container with the current runtime
	cont_name="backward_test"
	docker run -d --name "${cont_name}" --net none --runtime=kata busybox tail -f /dev/null

	# debug info
	# print kata-runtime version
	kata-runtime version

	# print dir content
	sudo tree /run/vc/sbs/

	# switch to master runtime
	cp $master_runtime_path kata-runtime && sync
	# print kata-runtime version
	kata-runtime version

	# exec
	docker exec "${cont_name}" true

	# stop and remove container
	docker rm -f "${cont_name}"

	# start new container  and check dir content
	docker run -d --name "${cont_name}" --net none --runtime=kata busybox tail -f /dev/null
	sudo tree /run/vc/sbs/
	docker rm -f "${cont_name}"
}

test_backward_compatibility ./kata-runtime-old ./kata-runtime-new

result:

Running backward compatibility test
8a3260687b5b3ddf032d0bd92e3ada321eefaeb0c3e563ca57217e1aff6cf2cd
kata-runtime  : 1.10.0-rc0
   commit   : 3ea3d3201b3a0b6fc35dea48192e73a021b4734b
   OCI specs: 1.0.1-dev
/run/vc/sbs/
└── 8a3260687b5b3ddf032d0bd92e3ada321eefaeb0c3e563ca57217e1aff6cf2cd
    ├── 8a3260687b5b3ddf032d0bd92e3ada321eefaeb0c3e563ca57217e1aff6cf2cd
    │   ├── devices.json
    │   ├── lock
    │   ├── mounts.json
    │   ├── process.json
    │   ├── raw
    │   └── state.json
    ├── agent.json
    ├── devices.json
    ├── hypervisor.json
    ├── lock
    ├── network.json
    ├── proxy.sock
    ├── raw
    └── state.json

4 directories, 12 files
kata-runtime  : 1.10.0-rc0
   commit   : 290339da6b9d094a8c73e1252ccafa42ca75c6b1
   OCI specs: 1.0.1-dev
backward_test
2e5df935b811a68313791814863eb777f79119836251b6d2dd8ff52c3775c8a9
/run/vc/sbs/
└── 2e5df935b811a68313791814863eb777f79119836251b6d2dd8ff52c3775c8a9
    ├── 2e5df935b811a68313791814863eb777f79119836251b6d2dd8ff52c3775c8a9
    │   └── persist.json
    ├── persist.json
    └── proxy.sock

2 directories, 3 files
backward_test

PR kata-runtime 290339da6b9d094a8c73e1252ccafa42ca75c6b1 is backward compatible to master 3ea3d3201b3a0b6fc35dea48192e73a021b4734b

WeiZhang555

comment created time in 15 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

@devimc I can see there is foreward compatibility test in your PR, it's good but I have no idea how to pass it, because that means you need to let old kata-runtime recognize new persist storage structure. I believe it will fail for this one at least.

One solution I can find is that we add the feature in one release but not enable it, then enable it in the following release...But I hope we can get this in earlier :-(

WeiZhang555

comment created time in 18 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

@devimc It's not? I tried in my local machine, new kata-runtime can clean old containers started with old kata-runtime.

My opinion is the new store is added for better keep backward compatibility, because it's so easy to break with old store, so the earlier we merge this, the more benefit we can enjoy.

I did a lots of cleanup work to remove old storage, but if we want to keep the compatibility, we have to add them back, this could make the code base kind of messy and hard to maintain.

WeiZhang555

comment created time in 18 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test

WeiZhang555

comment created time in 18 days

push eventWeiZhang555/runtime

Wei Zhang

commit sha 290339da6b9d094a8c73e1252ccafa42ca75c6b1

compatibility: keep oldstore for compatibility Keep old store restore functions for keeping backward compatibility, if old store files are found from disk, restore them with old store first. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in 19 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test

WeiZhang555

comment created time in 19 days

push eventWeiZhang555/runtime

Wei Zhang

commit sha b95052b114ed4949fa05d44ab4a04703e686eaad

compatibility: keep oldstore for compatibility Keep old store restore functions for keeping backward compatibility, if old store files are found from disk, restore them with old store first. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in 19 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test

WeiZhang555

comment created time in 19 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

@kata-containers/architecture-committee

Add one commit https://github.com/kata-containers/runtime/pull/2239/commits/2270c135062839d0ed7a5ac6cde9e641d12f56ff for fixing the backward compatibility with some redundant codes, now it should be safe to move from old store to new store, it won't break any running workloads any more.

WeiZhang555

comment created time in 19 days

push eventWeiZhang555/runtime

Wei Zhang

commit sha d33b154dd7582363f457f665e95102cb5f66d5d3

persist: add interface for global read/write Add two interfaces for fs storage driver for supporting global writing and reading, which is used by ACRN. Signed-off-by: Wei Zhang <weizhang555@gmail.com>

view details

Wei Zhang

commit sha 4a298cb9b74c02852b36257ce3dca6c3419c0f0d

persist: address comments Address some comments. Signed-off-by: Wei Zhang <weizhang555@gmail.com>

view details

Wei Zhang

commit sha 2270c135062839d0ed7a5ac6cde9e641d12f56ff

compatibility: keep oldstore for compatibility Keep old store restore functions for keeping backward compatibility, if old store files are found from disk, restore them with old store first. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in 19 days

delete branch WeiZhang555/runtime

delete branch : test

delete time in 20 days

PR closed kata-containers/runtime

[DNM] test: test FC CI stability

Fixes #803

Test if FC Jenkins job is stable or not.

Signed-off-by: Wei Zhang weizhang555.zw@gmail.com

+1 -2

5 comments

2 changed files

WeiZhang555

pr closed time in 20 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test-fc

WeiZhang555

comment created time in 20 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test-fc

WeiZhang555

comment created time in 20 days

pull request commentkata-containers/runtime

[DNM] test: test FC CI stability

/test-fc

WeiZhang555

comment created time in 20 days

push eventWeiZhang555/runtime

Wei Zhang

commit sha 589157dd6848702205979e9d4e44ea8af8f595d1

test: test FC CI stability Fixes #803 Test if FC Jenkins job is stable or not. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in 20 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test-fc

WeiZhang555

comment created time in 20 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test-fc

WeiZhang555

comment created time in 20 days

pull request commentkata-containers/runtime

[DNM] test: test FC CI stability

/test-fc

WeiZhang555

comment created time in 20 days

pull request commentkata-containers/runtime

[DNM] test: test FC CI stability

/test

WeiZhang555

comment created time in 21 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test-fc

WeiZhang555

comment created time in 21 days

pull request commentkata-containers/runtime

[DNM] test: test FC CI stability

/test-fc

WeiZhang555

comment created time in 21 days

PR opened kata-containers/runtime

[DNM] test: test FC CI stability

Fixes #803

Test if FC Jenkins job is stable or not.

Signed-off-by: Wei Zhang weizhang555.zw@gmail.com

+1 -1

0 comment

1 changed file

pr created time in 21 days

push eventWeiZhang555/runtime

Wei Zhang

commit sha b5ab14b95c0de88fb9a7406759119e959f77e685

test: test FC CI stability Fixes #803 Test if FC Jenkins job is stable or not. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in 21 days

create barnchWeiZhang555/runtime

branch : test

created branch time in 21 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test

WeiZhang555

comment created time in 21 days

push eventWeiZhang555/runtime

Wei Zhang

commit sha d37794357373cbdef3faf502a3fd374d26f9c112

persist: address comments Address some comments. Signed-off-by: Wei Zhang <weizhang555@gmail.com>

view details

push time in 21 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test

WeiZhang555

comment created time in 21 days

push eventWeiZhang555/runtime

Wei Zhang

commit sha 6fd6feb11c72ef6654c583bc14da1029d1a28961

persist: address comments Address some comments. Signed-off-by: Wei Zhang <weizhang555@gmail.com>

view details

push time in 21 days

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test

WeiZhang555

comment created time in 25 days

push eventWeiZhang555/runtime

Wei Zhang

commit sha d28ded760e2b40b7938ba2ab32f140d593029a6f

persist: address comments Address some comments. Signed-off-by: Wei Zhang <weizhang555@gmail.com>

view details

push time in a month

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test

WeiZhang555

comment created time in a month

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test

WeiZhang555

comment created time in a month

push eventWeiZhang555/runtime

Wei Zhang

commit sha 110c061ed8bd8640b837a8a69034f895a649d7a4

persist: address comments Address some comments. Signed-off-by: Wei Zhang <weizhang555@gmail.com>

view details

push time in a month

issue commentfalcosecurity/falco

SSL server failed to start

The bug still exists for me after I changed the port to 8765

$ kubectl get svc
NAME            TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)    AGE
falco-service   ClusterIP   10.68.60.248   <none>        8765/TCP   8m39s

$ kubectl logs -f falco-daemonset-m79qf
* Setting up /usr/src links from host
* Mounting debugfs
Found kernel config at /host/boot/config-4.15.0-65-generic
* Trying to compile BPF probe falco-probe-bpf (falco-probe-bpf-0.18.0-x86_64-4.15.0-65-generic-0f4107e0067519c431f6d4e50493a152.o)
**********************************************************
** BPF doesn't have JIT enabled, performance might be   **
** degraded. Please ensure to run on a kernel with      **
** CONFIG_BPF_JIT enabled and/or use --net=host if      **
** running inside a container.                          **
**********************************************************
* BPF probe located, it's now possible to start sysdig
Tue Dec 31 03:55:44 2019: Falco initialized with configuration file /etc/falco/falco.yaml
Tue Dec 31 03:55:44 2019: Loading rules from file /etc/falco/falco_rules.yaml:
Tue Dec 31 03:55:44 2019: Loading rules from file /etc/falco/falco_rules.local.yaml:
Tue Dec 31 03:55:44 2019: Loading rules from file /etc/falco/k8s_audit_rules.yaml:
Tue Dec 31 03:55:44 2019: Starting internal webserver, listening on port 8765 (SSL)
Tue Dec 31 03:55:44 2019: Runtime error: Could not create embedded webserver: null context when constructing CivetServer. Possible problem binding to port.. Exiting.

$ sudo netstat -lnp | grep 8765
<nothing output>

I'm sure no other process is binding to 8765.

WeiZhang555

comment created time in a month

push eventWeiZhang555/runtime

Wei Zhang

commit sha a4ebac6264022fba298ba07342445b4d4f51312c

persist: address comments Address some comments. Signed-off-by: Wei Zhang <weizhang555@gmail.com>

view details

push time in a month

push eventWeiZhang555/runtime

Wei Zhang

commit sha d60b32629952eee7d8d87f5842363b23e397f0fc

persist: address comments Address some comments. Signed-off-by: Wei Zhang <weizhang555@gmail.com>

view details

push time in a month

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test

WeiZhang555

comment created time in a month

push eventWeiZhang555/runtime

Wei Zhang

commit sha 9417f27b8acb0b377d6ce4c4ee877a7b86c1a1a9

persist: address comments Address some comments. Signed-off-by: Wei Zhang <weizhang555@gmail.com>

view details

push time in a month

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test

WeiZhang555

comment created time in a month

push eventWeiZhang555/runtime

Peng Tao

commit sha dd5b4469977babe92c3a542abc482107834d244b

qemu: refactor appendImage Do not implement in each arch code. We should have a generic implementation instead. -. amd64 and arm64 uses nvdimm -. ppc64le and s390x uses virtio-blk Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Peng Tao

commit sha a8717286cac32a7cfd898871cabafa493def6112

qemu: add disalbe_image_nvdimm option To control whether an image rootfs is used as nvdimm device or just plain virtio-block device. Fixes: #2372 Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Peng Tao

commit sha 652bb76ddeb87b1f1405c24cb63b1b8604bc8d36

cli: syscall return value check is wrong ret is uintptr and always >= 0. errno is enough for error checking. This is causing lint error: /home/vagrant/workplace/golang/src/github.com/kata-containers/runtime/virtcontainers/utils cli/kata-check.go:446:20: SA4003: no value of type uintptr is less than 0 (staticcheck) if errno != 0 || ret <= 0 { ^ Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Peng Tao

commit sha 7c7a4a3b116ec62098ba0635071ac5a9d1a846ae

annotations: add disable_image_nvdimm So that users can use annotations to set it. Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Penny

commit sha b9120b2bb1cfdfb2622c226079ec8ec68482a7f9

Merge pull request #2373 from bergwolf/image qemu: add disable_image_nvdimm option

view details

Peng Tao

commit sha f56d70ccd65a45a0cab5cf4b23b54219850695b8

vc: UT should set VCStorePrefix Otherwise we fail to run it with non-root user with errors like: `mkdir /var/lib/vc/uuid: permission denied` Fixes: #2370 Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Peng Tao

commit sha 3deb24e5de6369263fa8e353a16e934baf6a412a

cli: flush coverage report in defer function Do not flush it atexit(), where the test report file might be already closed and it causes go test failure like: PASS testing: can't write /tmp/go-build146132196/b001/testlog.txt: close /tmp/go-build146132196/b001/testlog.txt: file already closed FAIL github.com/kata-containers/runtime/cli 4.256s Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Peng Tao

commit sha 4c35d0911a28a7b80ff780d5477fb72a0d7e7b29

vc: set store RunVMStoragePath for ut Otherwise we fail ut on failures like: === RUN TestCloudHypervisorCleanupVM --- FAIL: TestCloudHypervisorCleanupVM (0.00s) clh_test.go:191: cloudHypervisor.cleanupVM() expected error != open /run/vc/vm: permission denied clh_test.go:200: Unexpected error = stat /run/vc/vm/cleanVMID: permission denied === RUN TestClhCreateSandbox --- PASS: TestClhCreateSandbox (0.00s) === RUN TestClooudHypervisorStartSandbox time="2019-12-25T00:48:47-08:00" level=error msg="trace called before context set" source=virtcontainers subsystem=cloudHypervisor type=bug --- FAIL: TestClooudHypervisorStartSandbox (0.00s) Error Trace: clh_test.go:266 Error: Received unexpected error: mkdir /run/vc/vm: permission denied Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Peng Tao

commit sha 9bf0d67fdd76038097e185278488080d1a64b555

ut: direct factory needs to set VCStorePrefix Otherwise it fails with permission errors. Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Peng Tao

commit sha e5b04a5bf256e22bf5fbe6a6168643b7ac974b38

ut: fs test should set RunStoragePath Otherwise it failes with permission errors. Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Peng Tao

commit sha 5617120649e916a636250b0f69ad7cd9e06fdae3

nsenter: skip ut on non-root nsenter needs root privilege to run. Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Peng Tao

commit sha 3ed472dc8d690674be5a19a64b0a7d79eb3abb14

store: UT tmp path should be random Otherwise we might end up using the previously created store instead. Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Fupan Li

commit sha 3ea3d3201b3a0b6fc35dea48192e73a021b4734b

Merge pull request #2371 from bergwolf/ut ut: fix make test failures

view details

Wei Zhang

commit sha 687f2dbe84e06c1e3430755e4b2f6711725fa9d0

persist: move "newstore" out of experimental Fixes #803 Move "newstore" features out of experimental feature list, from this commit "newstore" will be default enabled. Signed-off-by: Wei Zhang <weizhang555@gmail.com>

view details

Wei Zhang

commit sha 633748aa763ed82589e7fa195ea6fbe8d7e68673

persist: remove VCStore from hypervisor Remove usage of VCStore from hypervisors. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

Wei Zhang

commit sha 29b55ab88b0b6e9fee91e4938428bcb0c9c94179

persist: remove VCStore from container Remove VCStore from container struct. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

Wei Zhang

commit sha 508101bc0fcd9f73a48566ba9795273b9dba36f2

persist: fix vmtemplate storage leak Fix VM template storage leak by adding delete operations, we need to delete sandbox storage dirs when stop VM. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

Wei Zhang

commit sha b63e517f6d8ec79fe9df5d878b3ae9075691dee1

persist: replace sandbox lock with newstore.Lock Replace rLockSandbox and rwLockSandbox with new store lock functions. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

Wei Zhang

commit sha 01b4a64be2130c21091056fdeedf28fdf32a3cc9

persist: remove VCStore from sandbox/apis Remove VCStore usage from sandbox. Signed-off-by: Wei Zhang <weizhang555@gmail.com>

view details

Wei Zhang

commit sha 8e88859ee45d5e9f496455980a8686ec328411f1

persist: remove all usage of VCStore Remove VCStore usage from all modules Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in a month

issue commentZ3Prover/z3

Go language API bindings

@NikolajBjorner Thanks for your interest! :-)

I've made some parts working, and currently I'm working on a new internal project based on the Golang Z3 binding, and keep improving the APIs in this process.

I'll make a pull request once it's completed and get open source permissions from my employer, but I guess it will take some time(maybe several months sadly...)

WeiZhang555

comment created time in a month

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test

WeiZhang555

comment created time in a month

push eventWeiZhang555/runtime

Peng Tao

commit sha 743309cdc944e91c9673aac370933262325591b7

vc: stop container should change container state at last Otherwise if we fail to stop it, container state is set as StateStopped. And future force stop will just be ignored. Then when we force delete the container, we are deleting it without actually cleaning up container resources especially the host shared mounts, which would be removed by agent cleanup code and we endup removing container volume contents unexpectedly. Fixes: #2345 Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Peng Tao

commit sha 6eae033f489b1f357fa926952caa704ac59fd040

shimv2: cleanup container if not found Shutdown API relies on it being cleaned up in order to proceed. Otherwise it fails silently and shimv2 process never quits. This can be triggered by killing the vmm while pod is running. Fixes: #2345 Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Jose Carlos Venegas Munoz

commit sha 553237884a6859906dfd2b9bc59a507d949aa3a8

versions: update clh to v0.4.0 Update to latest master code. Changes: fa0fdc6 cargo: Update Cargo.lock for the 0.4.0 release cec884e release: v0.4.0 6444e29 docs: Add CPU hot plug documentation a002093 build(deps): bump anyhow from 1.0.23 to 1.0.25 43f0478 build(deps): bump thiserror from 1.0.6 to 1.0.9 664431f vsock: vhost_user: vfio: Fix potential host memory overflow 1e97d14 README: Update for newer distribution support e8e21ae README: Update the --cpus command line examples a40a70a ci: Rely on latest virtiofsd version f0b7412 vmm: device_manager: Add all virtio devices to the migratable list 37557c8 vmm: vm: Implement the Pausable trait 9756fc2 vmm: cpu_manager: Implement the Pausable trait 35dd152 vmm: device_manager: Implement the Pausable trait a122da4 vm-virtio: vhost: Implement the Pausable trait for all vhost-user devices dae0b2e vm-virtio: Implement the Pausable trait for all virtio devices 35d7721 vmm: Convert virtio devices to Arc<Mutex<T>> 5450de0 cargo: Do not run fmt on anyhow's build code 0361df4 vm-device: Initial Migratable trait 36daf9c ci: Skip testing RFC or WIP PRs 64c5e3d vmm: api: Adjust FsConfig for OpenAPI 4bfd51c vmm: api: Match VhostUserBlkConfig defaults between CLI and HTTP API 1c2587f vmm: api: Match VhostUserNetConfig defaults between CLI and HTTP API 5e0bbf9 vmm: Don't factorize vhost-user configurations 793327c vmm: api: Make ConsoleConfig default match between CLI and HTTP API cc08c44 vmm: api: Make MemoryConfig default match between CLI and HTTP API 5a72225 vmm: api: Update CpuConfig name to match the internal name f7c215d cli: Fix default CPU argument 59ae01f ci: Cancel older builders on Jenkins c61104d vmm: Port to latest vmm-sys-util 4c92f89 ci: Add OpenAPI validation 93bd88e ci: Simplify travis.yml d42ef18 ci: Offload cargo tests to the worker node VM ee528ae vmm: api: Make FsConfig defaults match between CLI and HTTP API befd342 vmm: api: Make NetConfig defaults match between CLI and HTTP API eff78f7 resources: Prevent kernel config interactive shell from showing up 99e608c openapi: Fix schema f994665 vmm: Reduce the minimum IRQ constant ba59c62 vmm, devices: Remove hardcoded IRQ number for GED device ce1bd9c resources: turn on CONFIG_ACPI_REDUCED_HARDWARE_ONLY 0374c3d build(deps): bump ssh2 from 0.5.0 to 0.6.0 aa94e9b Revert "vmm: api: Modify FsConfig to be OpenAPI friendly" 9b1ba14 vmm: Delegate device related ACPI DSDT table work to DeviceManager 60e6609 vmm: Delegate CPU related ACPI tables to CpuManager defc5dc vmm: api: Modify FsConfig to be OpenAPI friendly 66e00ce ci: Extend VFIO integration test 59d0171 vmm: Remove kernel based IOAPIC handling from the device manager afea6a1 vmm: Stop initialising kernel based IOAPIC/PIC 9b1cb96 vmm: Remove pin based interrupt setup for virtio devices 72fb687 vmm: Check for required capabilities 904b1ea build(deps): bump unicode-width from 0.1.6 to 0.1.7 fcf92d8 tests: Add rebooting to the CPU hotplug test f98b16f vmm: Update the configuration to preserve hot-plug CPUs after reboot 1722708 vmm: Switch to storing VmConfig inside an Arc<Mutex<>> c063bb8 vmm: acpi: Make GED interrupt edge triggered e1af17d vmm: Restore tty to canonical mode when SIGTERM or SIGINT received 44d026b build(deps): bump serde_json from 1.0.43 to 1.0.44 a1285ea build(deps): bump cc from 1.0.47 to 1.0.48 23929f4 vfio: Don't override MSI Enable bit through VFIO ioctl 1dfd60b vfio: use correct flags to disable interrupts 5208ff8 vmm: Detect and handle AMD SME (Secure Memory Encryption) dcfd6ff build(deps): bump serde_json from 1.0.42 to 1.0.43 08258d5 vfio: pci: Allow multiple devices to be passed through 4115fa8 vfio: pci: Update irqfd registration 1379abb pci: msi: Fix MSG_CTL update through 32 bits write c81e808 docs: Update instructions regarding virtiofsd 17badfb vmm: cpu: Call vcpu configure() on the vCPU thread 1350306 api: Fix OpenAPI specification entries e1ff142 tests: Remove MSI only test from test_serial_off e083064 tests: Add integration test for hotplugging vCPUs 66a31c1 vmm: acpi: Upon GED interrupt notify on all vCPUs 48bf141 vmm: Trigger a hotplug device notification when resizing b629727 vmm: acpi: Add a CTFY method to notify on all CPU objects ae9359c vmm: acpi: Create the CPU entries in the DSDT for all vCPUs 791ca33 vmm: device_manager: Add ability to notify via GED device 623755c devices: Add ACPI GED device 7ad68d4 vmm: device_manager: Allocate I/O port for ACPI shutdown device 86339b4 vmm: Add HTTP API to resize the VM e7d4eae vmm: cpu: Add support for starting more vCPU threads 0ef9999 vmm: cpu: Support only partially configuring the vCPU c8b3041 vmm: openapi: Update OpenAPI for CpuConfig struct b6801e3 vmm: cpu: Refactor vCPU thread starting 66d5163 vmm: cpu: Encapsulate vCPU state into its own struct ea19bb0 tests: Add a test to check that the boot vs max cpus work 1bbe48b vmm: acpi: Mark non-boot vCPUs as disabled in the MADT table 4bc8635 tests: Use new "--cpus" syntax for integration tests 82bc07c vmm: Add boot and max vCPU handling to command line parser 7543e00 vmm: Use new CpuManager accessor to get boot vCPUs df09078 vmm: cpu: Introduce concept of maximum vs boot vCPUs in CpuManager 669d9a8 vhost_user_backend: fix memory region offsetting d378da6 build(deps): bump vcpkg from 0.2.7 to 0.2.8 b1cfdc7 build(deps): bump syn from 1.0.9 to 1.0.11 0f21781 cargo: Bump the kvm and vmm-sys-util crates Fixes: #2343 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>

view details

Jose Carlos Venegas Munoz

commit sha 1a7539c1f5aac905e6e6b5c552d580f2264ec387

clh: update client update api based latest master. Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>

view details

Jose Carlos Venegas Munoz

commit sha e9a852dd79310b3d8b8ab0f0c9d035ce0f582f86

clh: update api calls for latest master cpu api changed, update to latest API Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>

view details

Jose Carlos Venegas Munoz

commit sha 9c3151e5ed23e8829cd182e429a9595baf8dc5f0

clh: remove not requried values - ip and mask are not needed anymore. - fs queues are set by cloud-hypervisor. Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>

view details

GabyCT

commit sha 449a3a9a14344601e0cebc5b8c070e09b230e74d

Merge pull request #2344 from jcvenegas/test-api-fixes-clh clh: update to latest master

view details

Hui Zhu

commit sha 6cd9b3b0b63c707d11863d1eb517eb3ecbb8c33c

vendor: Update golang.org/x/sys Update golang.org/x/sys to ac767d655b305d4e9612f5f6e33120b9176c4ad4 that same with agent. Shortlog for golang.org/x/sys: ac767d6 windows/svc/mgr: add ability to set a reboot message and command when a service fails 1b2967e unix: implement RFCOMM sockets on Linux 7b495ad unix: update Dockerfile to Go 1.11beta1 3c6ecd8 windows: add missing file attributes ce36f38 unix: regenerate syscall wrappers for linux/ppc64{,le} 151529c windows, windows/svc/mgr: add ability to modify service recovery settings. 7138fd3 unix: do not return non-nil error for 0 errno in FcntlInt c4afb3e unix: fix TestUtimesNanoAt for filesystems with 1-second resolution time stamps a200a19 unix: don't check atime in TestUtimesNanoAt 63fc586 unix: use private copy of ustat_t on Linux ad87a3a unix: check faccessat flags parameter on Linux fc8bd94 unix: don't use deprecated syscalls on linux/arm64 f24d3d4 unix: add Faccessat on Solaris 6c888cc windows: replace uintptr in crypto structs 8014b7b windows: follow convention for generated code comment 8883426 plan9: follow convention for generated code comment 9e6071e unix: follow convention for generated code comment 56ede36 unix: add rtc defines and types 8ee9f3e unix: add Faccessat on NetBSD f4b713d unix: add Faccessat on OpenBSD a9e25c0 unix: update Dockerfile to Ubuntu 18.04, Linux 4.17, and Go 1.10.3 bff228c windows: update TOKEN_ALL_ACCESS according to WinNT.h 24c297a unix: support compiling with gccgo on linux/386 7c1e4f3 unix: drop use function stub for gccgo 9527bec cpu: fix gccgo build bc2ef10 cpu: add gccgo implementation 538ab54 cpu: introduce and export type CacheLinePad c11f84a unix: don't check atime in TestStatx d4cedef unix: make Nfgenmsg a type definition 3135538 unix: add nftables defines and types b269ba2 unix: fix TestXattr on android 04b8398 unix: fix or skip failing tests on android and iOS e2c7578 unix: delete TestDevices for *BSD and Darwin 56ad15c windows: add QueryServiceStatusEx function 77b0e43 unix: add symlink-safe *xattr functions on darwin f3b0f5f unix: skip TestStatx if the operation is not permitted 028bb33 unix: delete TestDevices test for Solaris 88eb85a unix: add tests for *xattr functions dc67e5b windows: address error reported by vet 0b6bef9 unix: add {get,set,remove,list}xattr on darwin 7f59abf unix: update openbsd/amd64 to OpenBSD 6.3 89da893 unix: exclude AUDIT_RECORD_MAGIC constant on darwin 7c87d13 unix: add tpacket types and constants on Linux d0faeb5 unix: fix TestSCMCredentials to not fail when root 9950ad1 unix: add statfs and filesystem magic constants on Linux 7dfd129 windows: address vet reports 64746a4 unix: address vet's finding of wrong argument size 7db1c3b cpu: use t.Fatal instead of t.Fatalf 6f686a3 unix: add ErrnoName and SignalName 78d5f26 windows/svc: correct MOVL instruction in sys_amd64.s 4adea00 cpu: new package f67ecc1 unix: use Fstatat for Stat on linux/amd64 cbbc999 unix: use pselect on amd64 to satisfy Android bb9c189 unix: 32-bit MIPS splice system call returns int, not int64 79b0c68 unix: add Linux block device ioctl types and constants a2a4594 unix: avoid extra syscall on send/recvmsg on Linux 3ccc7e5 unix: fix typos in linux/types.go. 9b00609 unix: add tcp_md5sig on Linux b126b21 unix: re-export Fsid and Sigset_t Val member on Linux ecfd8b5 unix: implement getrtable/setrtable syscalls on OpenBSD 2f57af4 unix: add wrapper around perf_event_open on Linux 2281fa9 unix: don't export any padding/alignment fields on all platforms f6f3529 unix: add a step to mkall.go that generates ABI headers to be referenced from types.go 3b87a42 unix: update Dockerfile to Linux 4.16 and Go 1.10.1 1d206c9 unix: add FcntlInt fcb792c unix: unify Getsockopt* f67933e unix: solicit EPERM via wrong PID in creds test. 378d26f unix: add CRTSCTS on netbsd and openbsd 2de2067 unix: add sendfile support on Solaris 13d03a9 unix: add GetsockoptLinger and GetsockoptTimeval 91ee8cd unix: use strings.IndexByte instead of for loops 1e3c777 unix: don't export padding fields on Darwin c488ab1 unix: add Fadvise on linux/{arm64,mipsx.mips64x,ppx64x,sparc64} ee8db00 unix: add Fadvise on NetBSD bb729a5 unix: fix TestFchmodat on Illumos 6416052 unix: enable TestFchmodat for all Unices dd203b8 unix: add Fchmodat on NetBSD 7ceb54c unix: add Fchmodat on DragonflyBSD f8f1a95 unix: add Fchmodat on OpenBSD d8e400b unix: fix example 01acb38 plan9, unix, windows: add paragraph breaks in docs 0deb464 unix: add Exec call 2f1e207 unix: add IFLA attributes on linux/sparc64 cc7307a unix: add Fstatat on Darwin 5c2edb5 unix: add Fstatat on OpenBSD 89ac7f2 CONTRIBUTING.md: remove note about not accepting Pull Requests 932fb22 unix: add Fstatat on NetBSD 2477406 unix: add Fstatat on FreeBSD bcaab34 unix: don't export padding fields on DragonflyBSD 0edb963 unix: add Fstatat on DragonflyBSD 6035cb0 unix: don't export padding fields on Solaris 591c159 unix: add Fstatat on Solaris 8c0ece6 unix: extend rlimit test on Linux c28acc8 unix: fix seek while compiling with gccgo under arm and 386 7dca6fe plan9: use bytes.IndexByte instead of a for loop e64a828 unix: use bytes.IndexByte instead of a for loop 349b81f unix: skip SchedAffinity test on single CPU system dd2ff4a unix: fix nil pointer dereference in Select on linux/{arm64,mips64x} f6cff07 windows/registry: improve ReadSubKeyNames permissions Fixes: #2284 Signed-off-by: Hui Zhu <teawater@antfin.com>

view details

Peng Tao

commit sha 1c11fe20ba3497bd8cf3082169a09d8ff21cbae7

shimv2: support runtime config path via annotation So that user can have per pod runtime config which is easiler to manage in some cases. Fixes: #2332 Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Xu Wang

commit sha af3a710921975665849c763afb5b32bce3a16519

Merge pull request #2356 from teawater/update_sys vendor: Update golang.org/x/sys

view details

Hui Zhu

commit sha 68fc9abc5efe28aab82e555044484b314582366e

Merge pull request #2346 from bergwolf/hostdir shimv2: clean up properly if vmm quits unexpectedly

view details

Xu Wang

commit sha 39d7a144a9a19bff0f9eea33988d0aa23684745e

Merge pull request #2333 from bergwolf/configpath shimv2: support runtime config path via annotation

view details

Hui Zhu

commit sha a215f87e2314ba9bbdfbd6da98a1c273e9a05e9b

vendor: Update github.com/kata-containers/agent to handle hvsock issue Update github.com/kata-containers/agent to handle hvsock issue. Shortlog: 33f3208 client.go: HybridVSockDialer: Close dup fd after receive packet 74a3b95 release: Kata Containers 1.10.0-rc0 afd0871 ci: install docker before configure c502552 client.go: HybridVSockDialer: Check return size n of unix.Recvfrom f8e4ce8 client.go: HybridVSockDialer: Change Read EOT to recv peek 5b64d42 agent: get current cpuset from /sys/devices/system/cpu/online 183a24a release: Kata Containers 1.10.0-alpha1 1ee8516 config: add option to control hotplug timeout of block devices 40567f6 release: Kata Containers 1.10.0-alpha0 19bee57 agent: connect debugging console in a specific vsock port 8361150 docs: Add enable services and installation steps for TRACING.md a4f7373 agent: fix pause bin on musl f9f129a docs: Add missing steps at TRACING.md d3e66bf tracing: Wrapper for tracing functions 7a7dba7 network: ensure parent directories exist 455f728 tracing: Generate an alias for opentracing.Span 5f302e5 agent: Revert "client: remove the parameter of 'enableYamux'" 717ee24 client: remove the parameter of 'enableYamux' d387c77 vendor: Update github.com/syndtr/gocapability/capability b3d737b vendor: update libcontainer to 1.0.0-rc9 6eac713 release: Kata Containers 1.9.0-rc0 Fixes: #2284 Signed-off-by: Hui Zhu <teawater@antfin.com>

view details

Peng Tao

commit sha 3de4bdd508b36fcb089dd4e0c7ba2cf67f1e1ffa

Merge pull request #2285 from teawater/update_a vendor: Update github.com/kata-containers/agent

view details

Archana Shinde

commit sha b96c7e5abea545d19c39e0eeff3af24b9cb77585

rootless: fix rootless for case net=none When kata-runtime was invoked as rootless by podman with net=none, an empty net namespace path is provided. kata-runtime was then trying to create a new network namespace and bind-mounting it under /var/run/netns, resulting in a permission error. Instead, with this commit, the runtime checks if it is running rootless and instead creates network namespace bind mount under rootless directory instead. Fixes #2319 Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>

view details

Archana Shinde

commit sha 3ea682d6e0c42b46502e0c4bf839dc975c094fec

Merge pull request #2320 from amshinde/fix-rootless-net-none rootless: fix rootless for case net=none

view details

Gabriela Cervantes

commit sha 661956f5bcd617758efdb786d475f83f41e54a44

versions: Update cloud hypervisor url This updates the cloud hypervisor url. Fixes #2365 Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>

view details

Jose Carlos Venegas Munoz

commit sha a198efcf1debc6843f5329377b314e11b457b75c

Merge pull request #2366 from GabyCT/topic/updateurl versions: Update cloud hypervisor url

view details

Jose Carlos Venegas Munoz

commit sha 8a439eab9d413ff70cb1a934eae56054743ae29f

clh: add Client Interface and bootVM test Add interface with the same methods of client, this will help to decouple the implementation and help use to do mock testing. Add Mock client and add bootVM unit test Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>

view details

Jose Carlos Venegas Munoz

commit sha 6a10cd960d81828a9f185977d4656db52b41241b

clh: test: add unit test Add unit test for clh. - Check endpoint has valid values for CH. - Add unit tests - Add force flag to ignore cleanup errors. - Add unit tests. - Fail if hypervisor ID is empty. - Add createSandbox uni test Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>

view details

push time in a month

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

ping @kata-containers/architecture-committee @gnawux @lifupan @sboeuf @devimc

WeiZhang555

comment created time in a month

issue openedWeiZhang555/weizhang555.github.io

Kata Containers介绍,附上演讲ppt

https://weizhang555.github.io/2018/04/kata-containers-introduction/

created time in a month

issue openedWeiZhang555/weizhang555.github.io

Kernel调试基础--制作initramfs

https://weizhang555.github.io/2018/04/make-initramfs-for-qemu-start/

created time in a month

issue openedWeiZhang555/weizhang555.github.io

创建kata的K8s集群

https://weizhang555.github.io/2018/08/create-k8s-cluster-with-kata/

created time in a month

issue openedWeiZhang555/weizhang555.github.io

Notary介绍

https://weizhang555.github.io/2018/12/Notary%E4%BB%8B%E7%BB%8D/

created time in a month

issue openedWeiZhang555/weizhang555.github.io

docker-runc主机逃逸漏洞复现:CVE-2019-5736

https://weizhang555.github.io/2019/12/runc%E4%B8%BB%E6%9C%BA%E9%80%83%E9%80%B8%E6%BC%8F%E6%B4%9E%E5%A4%8D%E7%8E%B0/

created time in a month

issue openedWeiZhang555/weizhang555.github.io

kubernetes安装指南

https://weizhang555.github.io/2019/12/kubrenetes%E5%AE%89%E8%A3%85%E6%8C%87%E5%8D%97/

created time in a month

issue openedWeiZhang555/weizhang555.github.io

containerd源码阅读(1)--框架篇

https://weizhang555.github.io/2017/09/containerd-code-analysis/

created time in a month

issue openedWeiZhang555/weizhang555.github.io

runc源码阅读

https://weizhang555.github.io/2017/09/runc-code-analysis/

created time in a month

issue closedWeiZhang555/weizhang555.github.io

起个头

https://weizhang555.github.io/2017/09/first-page/

closed time in a month

WeiZhang555

issue commentWeiZhang555/weizhang555.github.io

起个头

test

WeiZhang555

comment created time in a month

issue openedWeiZhang555/weizhang555.github.io

起个头

https://weizhang555.github.io/2017/09/first-page/

created time in a month

push eventWeiZhang555/weizhang555.github.io

Wei Zhang

commit sha 8b9bd192e7fb8441fb74442117af69ee0cb4d648

Update comments system Update comments system, hope it works. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in a month

issue commentWeiZhang555/weizhang555.github.io

起个头

test

WeiZhang555

comment created time in a month

issue commentWeiZhang555/weizhang555.github.io

起个头

测试gitment评论系统

WeiZhang555

comment created time in a month

issue openedWeiZhang555/weizhang555.github.io

起个头

https://weizhang555.github.io/2017/09/first-page/

created time in a month

push eventWeiZhang555/weizhang555.github.io

Wei Zhang

commit sha f6b2a8fccebb4da68c7d0ab97ae48edfa4248922

Update comments system Update comments system, hope it works. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in a month

push eventWeiZhang555/weizhang555.github.io

Wei Zhang

commit sha 20b1b2f9411ef114d64a570a853a3a3159541897

Update comments system Update comments system, hope it works. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in a month

push eventWeiZhang555/weizhang555.github.io

Wei Zhang

commit sha 9470e3a2b58d8c763d8409705053b89e9b01a839

Update comments system Update comments system, hope it works. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in a month

pull request commentkata-containers/runtime

Land experimental "newstore" as formal feature

/test

WeiZhang555

comment created time in a month

push eventWeiZhang555/runtime

Penny Zheng

commit sha 3d8ffe41200dcc64264ab2fff8bab6e479ad7684

cache-factory: fix nil pointer runtime panic For now, when we're using cache factory to launch kata containers, we would encounter nil pointer runtime panic. Fixes: #2272 Signed-off-by: Penny Zheng <penny.zheng@arm.com>

view details

Penny Zheng

commit sha 837a0ee0aed93ddc2c894ff33863c73c8a749d41

cache-factory: set bridge info when creating vm For now, we will encounter `failed to get available address from bridges` error when launching kata containers from cache factory. Although we've already passed bridges info to clients from cache factory server, we still missed the setting part when creating vm. Fixes: #2272 Signed-off-by: Penny Zheng <penny.zheng@arm.com>

view details

Jianyong Wu

commit sha cc25216b1115881dfab8ec24f421273c687f2afe

virtiofs: add default value for virtioFsCache type. If no virtioFsCache type set in configuration file, virtiofsd will not starts, which makes kata-container start fail if virtio-fs as its shared file system. Fixes: #2279 Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>

view details

Penny Zheng

commit sha 9ce2113535a043b34520b332089dd73e403c44bd

FC: remove API Ready state Since we decide to adopt config file to configure, we could bypass API Ready state. Here, we also create a new config ready state: `cfReady`, to represent configuration part is done. Fixes: #2199 Signed-off-by: Penny Zheng <penny.zheng@arm.com>

view details

Penny Zheng

commit sha f2d8d715d3e0cd062a61d0f9ac8f5bc248b65f53

FC: func checkVersion should be more independent func checkVersion could be called anywhere, not always after DescribeInstance `\` API request, so it should be more independent. We could also get version number from `firecracker --version` command. Fixes: #2199 Signed-off-by: Penny Zheng <penny.zheng@arm.com>

view details

Penny Zheng

commit sha 8f6d0ab16597535b0be17b8483a31c7ddaaf2deb

FC: introduce `--config-file` to replace API configure request New command-line parameter for firecracker v0.19.0, named `--config-file`, which represents the path to a file that contains a JSON which can be used for configuring and starting a microVM without sending any API requests. Fixes: #2199 Signed-off-by: Penny Zheng <penny.zheng@arm.com>

view details

Ted Yu

commit sha 9a15457064df10a396aedbbfaf5aec0fcbaacd5f

vc: Check error return from storeState Fixes #2324 This achieves parity with the check on line 293. Signed-off-by: Ted Yu yuzhihong@gmail.com

view details

Jose Carlos Venegas Munoz

commit sha ab2088f7d528926ca7e40d446b0f3b07c8769356

makefile: honor virtiofs config for default config Fix config used when qemu-virtiofs is set as default. Fixes: #2327 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>

view details

Peng Tao

commit sha 810c2c93d655db21f0d585ebcc5b9ffead74d2d8

versions: bump firecracker version To include the latest fix for CVE-2019-18960. Fixes: #2334 Signed-off-by: Peng Tao <bergwolf@hyper.sh>

view details

Eric Ernst

commit sha 5baacae0ff07db61a62cb406811f6a7f3b66105e

Merge pull request #2335 from bergwolf/fc versions: bump firecracker version

view details

katacontainersbot

commit sha abaa45068fdb98ef92e60f1c957250efcbce4ea9

release: Kata Containers 1.10.0-rc0 - versions: bump firecracker version - clh: use http client - rootless: Disable vhost-net for rootless - compatoci: Add a SetLogger call - virtiofs: stop sandbox when virtiofsd quits - vc: Remove device when AddDevice encounters error - kernel: update to 4.19.83 - Cloud Hypervisor: driver update number 2 - vc: Use map to represent ignoredMounts - Fc comment - vc: Check return value from os.MkdirAll in virtiofsdArgs - vc: Drop Sandbox#Pause and Sandbox#Resume - vc: Use map built-in accessor to find container in Sandbox#GetContainer - Makefile: fix suspicious line - k8s: fix wrong number cpus after killing a container - vc: Utilize map for newMounts to speed up replaceOCIMountSource - vc: Sandbox#getAndSetSandboxBlockIndex shouldn't alter BlockIndex in case of error - virtcontainers: rename GetOCISpec to GetPatchedOCISpec - tracing: Unbreak tracing test - fc.go: Set firecracker log level to debug if hypervisor.enable_debug … - virtcontainers: honour ContainerConfig struct comment and don't save OCI spec - virtcontainers: improve algorithm to find containers - Merge #3 of kata-containers/runtime - FC: extract error info from firecracker built-in log and metrics scheme - gitignore: include cloud hypervisor configuration toml - Respect containerd's debug config - Clh driver: removed hard-coded vsock contextid (cid) - vc: Persist file handle may leak in FS#ToDisk - vc: Clean up directories in case MkdirAll fails - vc: Restore sandbox state when there is error starting containers - vc: Persist file handle may leak in FS#FromDisk - sync fork after merge clh driver #1 810c2c9 versions: bump firecracker version 0afeb52 clh: clh http unit test 42061f6 clh: cleanup VM dir c688a15 version: CH bump to master 9f15dd2 clh: remove cli builder f73723a clh: use http client 0babd38 rootless: Disable vhost-net for rootless 6010218 clh: Implement check() a10da3e vendor: update openapi deps 1836226 clh: generate client code dcac021 clh: Add Generation tools for API client abbb536 virtiofs: stop sandbox when virtiofsd quits 9c0872d vc: Remove device when AddDevice encounters error 67f203f compatoci: Add a SetLogger call bec46bb vc: Use map to represent ignoredMounts 628799a vc: Check return value from os.MkdirAll in virtiofsdArgs 9dd3f13 Makefile: Move the .git-commit: rule block to below the all: rule 7bcce3d Makefile: do not use tabs in if/else blocks 38224e8 vc: Use map built-in accessor to find container in Sandbox#GetContainer 544730b vc: Drop Sandbox#Pause and Sandbox#Resume d4be097 Makefile: fix suspicious line e8cc87b clh: basic/unit tests for clh driver 0697124 fc: update comments for startSandbox 3ef8f6c clh: fixes erroneous killing of virtiofsd 6af127f clh: improve driver logging for failed hypervisor c58e6f9 kernel: update to 4.19.86 b7731e9 virtcontainers: don't consider non-running container resources 43f0513 virtcontainers: update resources after adding container to sandbox 613fd0f virtcontainers: rename GetOCISpec to GetPatchedOCISpec 330cc72 tracing: Unbreak tracing test 191ee63 fc.go: Set fc log level to debug if hypervisor.enable_debug is true 336edf7 virtcontainers: honour ContainerConfig struct comment and not save Spec 7f67b9f virtcontainers: improve algorithm to find containers 0ac4355 gitignore: include cloud hypervisor configuration toml 1abe52a clh: removed hard-coded vsock contextid (cid) c833ac2 vc: BlockIndex should not be altered in case of error b8b6733 vc: Persist file handle may leak in FS#ToDisk 03478d4 vc: Clean up directories in case MkdirAll fails 51d7c23 shim: Respect containerd's debug config 93a0336 vc: Restore sandbox state when there is error starting containers 2331e87 vc: Persist file handle may leak in FS#FromDisk 9a4ee4f vc: Utilize map for newMounts to speed up replaceOCIMountSource daae1db log: extract error info from firecracker built-in log and metrics scheme Signed-off-by: katacontainersbot <katacontainersbot@gmail.com>

view details

GabyCT

commit sha 9049395de8bb23e6c818d64aebfd066c9346584a

Merge pull request #2338 from katabuilder/1.10.0-rc0-branch-bump # Kata Containers 1.10.0-rc0

view details

Julio Montes

commit sha d0e30ef11f8e7cb9dbeb160cf98804b3e3760e39

Merge pull request #2280 from jongwu/cache_mode virtiofs: add default value for virtioFsCache type.

view details

Jose Carlos Venegas Munoz

commit sha efb611aa6512e8b61c4ea8e2c75ab6cd995adcd2

clh: client: update acording to versions.yaml Instead of point to master use the version defined in versions.yaml Fixes: #2341 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>

view details

GabyCT

commit sha 9ddf91d1f2e25940319c4a4666f09b3d430953d1

Merge pull request #2328 from jcvenegas/2327-fix makefile: honor virtiofs config for default config

view details

Archana Shinde

commit sha 810a5280969ca360909c3ed7ffcc5cbbc67ccedf

Merge pull request #2325 from tedyu/store-state-err vc: Check error return from storeState

view details

Salvador Fuentes

commit sha e3115e344ece9db4449bf8db2411d618bca4c5f8

Merge pull request #2342 from jcvenegas/clh-update-client-using-versions clh: client: update acording to versions.yaml

view details

Fupan Li

commit sha d10adfdc0314efb4530f604c3c6fffe76d9aac14

Merge pull request #2200 from Pennyzct/fc_launch_on_config FC: introduce `--config-file` to bypass API ready state

view details

James O. D. Hunt

commit sha 76f9b34b597bd10dafe530bedb6c33c9b8c0a3ca

Merge pull request #2273 from Pennyzct/cache_server cache-factory: a few bug fix

view details

Wei Zhang

commit sha 8f25fde23122286eb76381a3043b11e86a0f43db

persist: move "newstore" out of experimental Fixes #803 Move "newstore" features out of experimental feature list, from this commit "newstore" will be default enabled. Signed-off-by: Wei Zhang <weizhang555@gmail.com>

view details

push time in a month

pull request commentkata-containers/runtime

[WIP]vc: Use BlockIndexMap instead of BlockIndex

/test

darfux

comment created time in 2 months

pull request commentkata-containers/runtime

[WIP]vc: Use BlockIndexMap instead of BlockIndex

/re-test

darfux

comment created time in 2 months

push eventWeiZhang555/weizhang555.github.io

Wei Zhang

commit sha f65a34fcee31e4aa57647b247e7e4e80133a67c6

Update comments system Update comments system, hope it works. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

Wei Zhang

commit sha 301c7a16567fd1de024e820af00be812b41c5861

Update comments system Update comments system, hope it works. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

Wei Zhang

commit sha dd2826b4422d9cd1f631548d8b6b5c5dc9822ba4

Add comments system Add comments system and post old blog file. Signed-off-by: Wei Zhang <weizhang555.zw@gmail.com>

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

zhangwei_cs

commit sha 2fe636fc855886d80abf3a7524b7e6b90240651d

Update 2019-12-11-runc主机逃逸漏洞复现.md

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

zhangwei_cs

commit sha f09533ac137aabe38199025eab10320baea8075a

Update 2019-12-11-Notary介绍.md

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

zhangwei_cs

commit sha c278c0a78746fa843d705294ea537d783e0c1b3d

Create 2019-12-11-runc主机逃逸漏洞复现.md post blog for runc exploit CVE reproduction

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

zhangwei_cs

commit sha ef2c756be1dafafc3ec1054da4963a5c1f4ecb27

Create 2019-12-11-Notary介绍.md post new blog for Notary introduction

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

zhangwei_cs

commit sha 0f2f166254fc74a391afdd68dc9d614b0322319d

Update 2019-12-11-kubrenetes安装指南.md

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

zhangwei_cs

commit sha 05cdaa06e6dfeb9d25a28cd7e34aed27ef15858a

Rename 2019-12-11-kubrenetes安装指南 to 2019-12-11-kubrenetes安装指南.md

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

zhangwei_cs

commit sha e1cb0f6f8006b950c2d9ff7eb477e777728c8513

Update 2019-12-11-kubrenetes安装指南 udpate

view details

push time in 2 months

push eventWeiZhang555/weizhang555.github.io

zhangwei_cs

commit sha f107a2b0ca2e06167f00f661a2f686c42a4452d5

Create 2019-12-11-kubrenetes安装指南 post new blog for kubernetes install

view details

push time in 2 months

more