diff --git a/1001-upcall-omit-upcall-patch-first.patch b/1001-upcall-omit-upcall-patch-first.patch new file mode 100644 index 0000000000000000000000000000000000000000..976a35ba7063bfeb11051c8f40e244115192a496 --- /dev/null +++ b/1001-upcall-omit-upcall-patch-first.patch @@ -0,0 +1,37 @@ +From 29b4e3f34bda8c42cd9937b0d5de0ead457259ce Mon Sep 17 00:00:00 2001 +From: Chao Wu +Date: Tue, 18 Oct 2022 18:06:51 +0800 +Subject: [PATCH 1/2] upcall: omit upcall patch first + +3.0.0 has not supported upcall in Dragonball yet. So we delete dbs-upcall from the Cargo.toml. + +Signed-off-by: Chao Wu +--- + src/dragonball/Cargo.toml | 1 - + src/runtime-rs/Cargo.toml | 1 - + 2 files changed, 2 deletions(-) + +diff --git a/src/dragonball/Cargo.toml b/src/dragonball/Cargo.toml +index df8286bfe..772aa539e 100644 +--- a/src/dragonball/Cargo.toml ++++ b/src/dragonball/Cargo.toml +@@ -58,7 +58,6 @@ virtio-fs = ["dbs-virtio-devices/virtio-fs", "virtio-queue", "atomic-guest-memor + dbs-device = { git = "https://github.com/openanolis/dragonball-sandbox.git", rev = "7a8e832b53d66994d6a16f0513d69f540583dcd0" } + dbs-interrupt = { git = "https://github.com/openanolis/dragonball-sandbox.git", rev = "7a8e832b53d66994d6a16f0513d69f540583dcd0" } + dbs-legacy-devices = { git = "https://github.com/openanolis/dragonball-sandbox.git", rev = "7a8e832b53d66994d6a16f0513d69f540583dcd0" } +-dbs-upcall = { git = "https://github.com/openanolis/dragonball-sandbox.git", rev = "7a8e832b53d66994d6a16f0513d69f540583dcd0" } + dbs-utils = { git = "https://github.com/openanolis/dragonball-sandbox.git", rev = "7a8e832b53d66994d6a16f0513d69f540583dcd0" } + dbs-virtio-devices = { git = "https://github.com/openanolis/dragonball-sandbox.git", rev = "7a8e832b53d66994d6a16f0513d69f540583dcd0" } + dbs-boot = { git = "https://github.com/openanolis/dragonball-sandbox.git", rev = "7a8e832b53d66994d6a16f0513d69f540583dcd0" } +diff --git a/src/runtime-rs/Cargo.toml b/src/runtime-rs/Cargo.toml +index 470b29a64..c0dc0dfc3 100644 +--- a/src/runtime-rs/Cargo.toml ++++ b/src/runtime-rs/Cargo.toml +@@ -11,4 +11,3 @@ dbs-legacy-devices = { git = "https://github.com/openanolis/dragonball-sandbox.g + dbs-virtio-devices = { git = "https://github.com/openanolis/dragonball-sandbox.git", rev = "7a8e832b53d66994d6a16f0513d69f540583dcd0" } + dbs-boot = { git = "https://github.com/openanolis/dragonball-sandbox.git", rev = "7a8e832b53d66994d6a16f0513d69f540583dcd0" } + dbs-arch = { git = "https://github.com/openanolis/dragonball-sandbox.git", rev = "7a8e832b53d66994d6a16f0513d69f540583dcd0" } +-dbs-upcall = { git = "https://github.com/openanolis/dragonball-sandbox.git", rev = "7a8e832b53d66994d6a16f0513d69f540583dcd0" } +-- +2.31.1 + diff --git a/1002-toml-add-LifseaOS-introduction-in-Kata-config-toml.patch b/1002-toml-add-LifseaOS-introduction-in-Kata-config-toml.patch new file mode 100644 index 0000000000000000000000000000000000000000..8f8e57b9ff5befba4815c32f25819403e0ea8065 --- /dev/null +++ b/1002-toml-add-LifseaOS-introduction-in-Kata-config-toml.patch @@ -0,0 +1,46 @@ +From f80bf1718fdb9b514defcfd8b5fb22993c1153d8 Mon Sep 17 00:00:00 2001 +From: Chao Wu +Date: Tue, 18 Oct 2022 18:12:34 +0800 +Subject: [PATCH 2/2] toml: add LifseaOS introduction in Kata config toml + +Signed-off-by: Chao Wu +--- + src/runtime-rs/config/configuration-dragonball.toml.in | 5 +++++ + src/runtime/config/configuration-qemu.toml.in | 5 +++++ + 2 files changed, 10 insertions(+) + +diff --git a/src/runtime-rs/config/configuration-dragonball.toml.in b/src/runtime-rs/config/configuration-dragonball.toml.in +index cb8d7aeee..8cb07dc1b 100644 +--- a/src/runtime-rs/config/configuration-dragonball.toml.in ++++ b/src/runtime-rs/config/configuration-dragonball.toml.in +@@ -15,6 +15,11 @@ + path = "@DBPATH@" + ctlpath = "@DBCTLPATH@" + kernel = "@KERNELPATH_DB@" ++# We use LifseaOS as default rootfs and LifseaOS is introduced by OpenAnolis with lots of optimizations on container workload. ++# We recommand you to try Lifsea0S but if you want to switch to other rootfs, please remember to delete ++# init=/ostree/boot.1/Lifsea0S/latest/0/usr/lib/ostree/ostree-prepare-root ostree=/ostree/boot.1/Lifsea0S/latest/0 varetc-ro ++# from the kernel_params configuration part down below. ++# Also, you could tell us why you switch in OpenAnolis Community and we'll promise to follow up with the issues. + image = "@IMAGEPATH@" + + # List of valid annotation names for the hypervisor +diff --git a/src/runtime/config/configuration-qemu.toml.in b/src/runtime/config/configuration-qemu.toml.in +index d0a711dcf..bfd178361 100644 +--- a/src/runtime/config/configuration-qemu.toml.in ++++ b/src/runtime/config/configuration-qemu.toml.in +@@ -15,6 +15,11 @@ + path = "@QEMUPATH@" + kernel = "@KERNELPATH@" ++# We use LifseaOS as default rootfs and LifseaOS is introduced by OpenAnolis with lots of optimizations on container workload. ++# We recommand you to try Lifsea0S but if you want to switch to other rootfs, please remember to delete ++# init=/ostree/boot.1/Lifsea0S/latest/0/usr/lib/ostree/ostree-prepare-root ostree=/ostree/boot.1/Lifsea0S/latest/0 varetc-ro ++# from the kernel_params configuration part down below. ++# Also, you could tell us why you switch in OpenAnolis Community and we'll promise to follow up with the issues. + image = "@IMAGEPATH@" + machine_type = "@MACHINETYPE@" + + # Enable confidential guest support. +-- +2.31.1 + diff --git a/kata-containers-3.0.0-vendor.tar.gz b/kata-containers-3.0.0-vendor.tar.gz index eb104a2112dcdd73277023469e8c4e74bc1dc138..95b1a6808275192483a38284b5d7139b9ee1a990 100644 Binary files a/kata-containers-3.0.0-vendor.tar.gz and b/kata-containers-3.0.0-vendor.tar.gz differ diff --git a/kata-containers-3.0.0.tar.gz b/kata-containers-3.0.0.tar.gz index 1f5a1dc645fe1ba01f5ea28a86c70e17681368b9..e8fbd4ce6d547934c47463571b4cff4b67bcdf79 100644 Binary files a/kata-containers-3.0.0.tar.gz and b/kata-containers-3.0.0.tar.gz differ diff --git a/kata-containers.img b/kata-containers.img index 48ef3a581e1295c88d65bbe5b2ffd67f985dfa29..f12916853c67d489249529c9e57498d8dc7ae354 100644 Binary files a/kata-containers.img and b/kata-containers.img differ diff --git a/kata-containers.spec b/kata-containers.spec index 0fc1882acc1ad8838406e78afcc9035b17afa25d..06e31daa17351a860036ef135f2015497b75e72a 100644 --- a/kata-containers.spec +++ b/kata-containers.spec @@ -1,4 +1,4 @@ -%define anolis_release 1 +%define anolis_release 2 %global have_go_rpm_macros 0 @@ -64,6 +64,9 @@ Source1: https://%{download}/releases/download/%{version}/%{repo}-%{version}% Source2: kata-containers.img Source3: vmlinux.container +Patch1001: 1001-upcall-omit-upcall-patch-first.patch +Patch1002: 1002-toml-add-LifseaOS-introduction-in-Kata-config-toml.patch + %if 0%{?have_go_rpm_macros} BuildRequires: go-rpm-macros %else @@ -126,6 +129,7 @@ BuildRequires: crate(ttrpc/default) >= 0.0.0 Requires: dracut Requires: kernel +Requires: qemu-kvm-core >= 15:4.2.0 Conflicts: kata-agent Conflicts: kata-ksm-throttler @@ -134,10 +138,8 @@ Conflicts: kata-proxy Conflicts: kata-runtime Conflicts: kata-shim -# The following architectures lack the required qemu support -# s390 fail to build: https://github.com/kata-containers/kata-containers/issues/1204 -ExcludeArch: %{arm} %{ix86} s390 s390x - +# Currently we only support x86_64, we will add aarch64 support in the future. +ExclusiveArch: x86_64 %description %{common_description} @@ -149,6 +151,8 @@ ExcludeArch: %{arm} %{ix86} s390 s390x # The machine type uses a modern default # The kernel parameters workaround an issue with cgroupsv2 after kernel 5.3 # To-do: add BUILDFLAGS=gobuildflags when the macro becomes available +%global qemu qemu-kvm +%global qemupath %{_libexecdir}/%{qemu} # The machine type to be used is architecture specific: # aarch64: virt @@ -169,7 +173,7 @@ ExcludeArch: %{arm} %{ix86} s390 s390x %global kataagentdir %{katalibexecdir}/agent %global kataosbuilderdir %{katalibexecdir}/osbuilder -%global runtime_make_vars KERNELTYPE="compressed" \\\ +%global runtime_rs_make_vars KERNELTYPE="compressed" \\\ DEFSHAREDFS="virtio-fs" \\\ DEFVIRTIOFSDAEMON=%{_libexecdir}/"virtiofsd" \\\ DEFVIRTIOFSCACHESIZE=0 \\\ @@ -178,15 +182,29 @@ ExcludeArch: %{arm} %{ix86} s390 s390x MACHINETYPE=%{machinetype} \\\ SCRIPTS_DIR=%{_bindir} \\\ DESTDIR=%{buildroot} \\\ - PREFIX=/usr \\\ DEFAULTSDIR=%{katadefaults} \\\ CONFDIR=%{katadefaults} \\\ FEATURE_SELINUX="yes" \\\ DEFENABLEANNOTATIONS=['\\\".*\\\"'] \\\ LIBC=gnu -%global agent_make_vars LIBC=gnu \\\ - DESTDIR=%{buildroot}%{kataagentdir} +%global runtime_make_vars QEMUPATH=%{qemupath} \\\ + KERNELTYPE="compressed" \\\ + DEFSHAREDFS="virtio-fs" \\\ + DEFVIRTIOFSDAEMON=%{_libexecdir}/"virtiofsd" \\\ + DEFVIRTIOFSCACHESIZE=0 \\\ + DEFSANDBOXCGROUPONLY=true \\\ + SKIP_GO_VERSION_CHECK=y \\\ + MACHINETYPE=%{machinetype} \\\ + SCRIPTS_DIR=%{_bindir} \\\ + DESTDIR=%{buildroot} \\\ + PREFIX=/usr/runtime-go \\\ + IMAGEPATH=%{katadatadir}/kata-containers.img \\\ + KERNELPATH=%{katadatadir}/vmlinux.container \\\ + DEFAULTSDIR=%{katadefaults} \\\ + CONFDIR=%{katadefaults} \\\ + FEATURE_SELINUX="yes" \\\ + DEFENABLEANNOTATIONS=['\\\".*\\\"'] %prep %autosetup -S git -p1 -n %{repo}-%{version}%{?rcstr} @@ -204,13 +222,12 @@ mkdir -p go/src/%{domain}/%{org} ln -s $(pwd)/../%{repo}-%{version}%{?rcstr} go/src/%{importname} cd go/src/%{importname} -pushd src/runtime-rs +pushd src/runtime %make_build %{runtime_make_vars} popd -pushd src/agent -%make_build %{agent_make_vars} -touch kata-agent +pushd src/runtime-rs +%make_build %{runtime_rs_make_vars} popd # Not using gopkginstall here in order to stick to how upstream builds @@ -222,20 +239,25 @@ cd go/src/%{importname} install -m 0644 -D -t %{buildroot}%{katalibexecdir} VERSION -pushd src/runtime-rs +pushd src/runtime %make_install %{runtime_make_vars} popd -pushd src/agent -%make_install %{agent_make_vars} +pushd src/runtime-rs +%make_install %{runtime_rs_make_vars} popd +# Add kernel_params for LifseaOS +sed -i '/kernel_params/s/\"$/ init=\/ostree\/boot.1\/LifseaOS\/latest\/0\/usr\/lib\/ostree\/ostree-prepare-root ostree=\/ostree\/boot.1\/LifseaOS\/latest\/0 varetc-ro\"/g' %{buildroot}%{katadefaults}/configuration-dragonball.toml +sed -i '/kernel_params/s/\"$/ init=\/ostree\/boot.1\/LifseaOS\/latest\/0\/usr\/lib\/ostree\/ostree-prepare-root ostree=\/ostree\/boot.1\/LifseaOS\/latest\/0 varetc-ro\"/g' %{buildroot}%{katadefaults}/configuration-qemu.toml + install -m 0755 -D -t %{buildroot}%{katadatadir} %{SOURCE2} install -m 0755 -D -t %{buildroot}%{katadatadir} %{SOURCE3} %files # runtime -%{_bindir}/containerd-shim-kata-v2 +/usr/local/bin/containerd-shim-kata-v2 +/usr/runtime-go/bin/containerd-shim-kata-v2 %dir %{katalibexecdir} %{katalibexecdir}/VERSION %dir %{katadatadir} @@ -246,11 +268,18 @@ install -m 0755 -D -t %{buildroot}%{katadatadir} %{SOURCE3} %doc README.md CONTRIBUTING.md %{katadatadir}/kata-containers.img %{katadatadir}/vmlinux.container - -#agent -%dir %{kataagentdir} -%{kataagentdir}/* +/usr/runtime-go/bin/kata-monitor +/usr/runtime-go/bin/kata-runtime +/usr/runtime-go/share/bash-completion/completions/kata-runtime +%{katadefaults}/configuration-acrn.toml +%{katadefaults}/configuration-clh.toml +%{katadefaults}/configuration-fc.toml +%{katadefaults}/configuration-qemu.toml +%{_bindir}/kata-collect-data.sh %changelog +* Wed Oct 12 2022 Chao Wu - 3.0.0-2 +- support the release version of Kata Containers 3.0.0 containing both rust runtime and go runtime. + * Wed Aug 17 2022 Chao Wu - 3.0.0-1 - support Kata Containers 3.0.0 which is introduced by Open Anolis. diff --git a/vmlinux.container b/vmlinux.container old mode 100644 new mode 100755 index 29183806bc7d4e53bd0a8b9b2fe31c4f18ccfdec..5888b9c08d86a4ab022f461b266d32ce1daf430c Binary files a/vmlinux.container and b/vmlinux.container differ