This repository has been archived by the owner on May 12, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 374
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
runtime: added cloud hypervisor driver
Initial release of cloud hypervisor driver for kata-runtime Fixes: #2046 Signed-off-by: Johan Kuijpers <johan.kuijpers@ericsson.com>
- Loading branch information
Showing
9 changed files
with
1,718 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,212 @@ | ||
# Copyright (c) 2019 Ericsson Eurolab Deutschland GmbH | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
# | ||
|
||
# XXX: WARNING: this file is auto-generated. | ||
# XXX: | ||
# XXX: Source file: "@CONFIG_CLH_IN@" | ||
# XXX: Project: | ||
# XXX: Name: @PROJECT_NAME@ | ||
# XXX: Type: @PROJECT_TYPE@ | ||
|
||
[hypervisor.clh] | ||
path = "@CLHPATH@" | ||
kernel = "@KERNELPATH_CLH@" | ||
image = "@IMAGEPATH@" | ||
|
||
# Optional space-separated list of options to pass to the guest kernel. | ||
# For example, use `kernel_params = "vsyscall=emulate"` if you are having | ||
# trouble running pre-2.15 glibc. | ||
# | ||
# WARNING: - any parameter specified here will take priority over the default | ||
# parameter value of the same name used to start the virtual machine. | ||
# Do not set values here unless you understand the impact of doing so as you | ||
# may stop the virtual machine from booting. | ||
# To see the list of default parameters, enable hypervisor debug, create a | ||
# container and look for 'default-kernel-parameters' log entries. | ||
kernel_params = "@KERNELPARAMS@" | ||
|
||
# Default number of vCPUs per SB/VM: | ||
# unspecified or 0 --> will be set to @DEFVCPUS@ | ||
# < 0 --> will be set to the actual number of physical cores | ||
# > 0 <= number of physical cores --> will be set to the specified number | ||
# > number of physical cores --> will be set to the actual number of physical cores | ||
default_vcpus = 1 | ||
|
||
# Default maximum number of vCPUs per SB/VM: | ||
# unspecified or == 0 --> will be set to the actual number of physical cores or to the maximum number | ||
# of vCPUs supported by KVM if that number is exceeded | ||
# > 0 <= number of physical cores --> will be set to the specified number | ||
# > number of physical cores --> will be set to the actual number of physical cores or to the maximum number | ||
# of vCPUs supported by KVM if that number is exceeded | ||
# WARNING: Depending of the architecture, the maximum number of vCPUs supported by KVM is used when | ||
# the actual number of physical cores is greater than it. | ||
# WARNING: Be aware that this value impacts the virtual machine's memory footprint and CPU | ||
# the hotplug functionality. For example, `default_maxvcpus = 240` specifies that until 240 vCPUs | ||
# can be added to a SB/VM, but the memory footprint will be big. Another example, with | ||
# `default_maxvcpus = 8` the memory footprint will be small, but 8 will be the maximum number of | ||
# vCPUs supported by the SB/VM. In general, we recommend that you do not edit this variable, | ||
# unless you know what are you doing. | ||
default_maxvcpus = @DEFMAXVCPUS@ | ||
|
||
# Default memory size in MiB for SB/VM. | ||
# If unspecified then it will be set @DEFMEMSZ@ MiB. | ||
default_memory = @DEFMEMSZ@ | ||
|
||
# Default memory slots per SB/VM. | ||
# If unspecified then it will be set @DEFMEMSLOTS@. | ||
# This is will determine the times that memory will be hotadded to sandbox/VM. | ||
#memory_slots = @DEFMEMSLOTS@ | ||
|
||
# Path to vhost-user-fs daemon. | ||
virtio_fs_daemon = "@DEFVIRTIOFSDAEMON@" | ||
|
||
# cloud-hypervisor prefers virtiofs caching (dax) for performance reasons | ||
virtio_fs_cache = "always" | ||
|
||
# This option changes the default hypervisor and kernel parameters | ||
# to enable debug output where available. This extra output is added | ||
# to the proxy logs, but only when proxy debug is also enabled. | ||
# | ||
# Default false | ||
# enable_debug = true | ||
|
||
[proxy.@PROJECT_TYPE@] | ||
path = "@PROXYPATH@" | ||
|
||
# If enabled, proxy messages will be sent to the system log | ||
# (default: disabled) | ||
#enable_debug = true | ||
|
||
[shim.@PROJECT_TYPE@] | ||
path = "@SHIMPATH@" | ||
|
||
# If enabled, shim messages will be sent to the system log | ||
# (default: disabled) | ||
#enable_debug = true | ||
|
||
# If enabled, the shim will create opentracing.io traces and spans. | ||
# (See https://www.jaegertracing.io/docs/getting-started). | ||
# | ||
# Note: By default, the shim runs in a separate network namespace. Therefore, | ||
# to allow it to send trace details to the Jaeger agent running on the host, | ||
# it is necessary to set 'disable_new_netns=true' so that it runs in the host | ||
# network namespace. | ||
# | ||
# (default: disabled) | ||
#enable_tracing = true | ||
|
||
|
||
[agent.@PROJECT_TYPE@] | ||
# If enabled, make the agent display debug-level messages. | ||
# (default: disabled) | ||
#enable_debug = true | ||
|
||
# Enable agent tracing. | ||
# | ||
# If enabled, the default trace mode is "dynamic" and the | ||
# default trace type is "isolated". The trace mode and type are set | ||
# explicity with the `trace_type=` and `trace_mode=` options. | ||
# | ||
# Notes: | ||
# | ||
# - Tracing is ONLY enabled when `enable_tracing` is set: explicitly | ||
# setting `trace_mode=` and/or `trace_type=` without setting `enable_tracing` | ||
# will NOT activate agent tracing. | ||
# | ||
# - See https://github.com/kata-containers/agent/blob/master/TRACING.md for | ||
# full details. | ||
# | ||
# (default: disabled) | ||
#enable_tracing = true | ||
# | ||
#trace_mode = "dynamic" | ||
#trace_type = "isolated" | ||
|
||
|
||
[netmon] | ||
# If enabled, the network monitoring process gets started when the | ||
# sandbox is created. This allows for the detection of some additional | ||
# network being added to the existing network namespace, after the | ||
# sandbox has been created. | ||
# (default: disabled) | ||
#enable_netmon = true | ||
|
||
# Specify the path to the netmon binary. | ||
path = "@NETMONPATH@" | ||
|
||
# If enabled, netmon messages will be sent to the system log | ||
# (default: disabled) | ||
#enable_debug = true | ||
|
||
|
||
[runtime] | ||
# If enabled, the runtime will log additional debug messages to the | ||
# system log | ||
# (default: disabled) | ||
#enable_debug = true | ||
# | ||
# Internetworking model | ||
# Determines how the VM should be connected to the | ||
# the container network interface | ||
# Options: | ||
# | ||
# - bridged (Deprecated) | ||
# Uses a linux bridge to interconnect the container interface to | ||
# the VM. Works for most cases except macvlan and ipvlan. | ||
# ***NOTE: This feature has been deprecated with plans to remove this | ||
# feature in the future. Please use other network models listed below. | ||
# | ||
# | ||
# - macvtap | ||
# Used when the Container network interface can be bridged using | ||
# macvtap. | ||
# | ||
# - none | ||
# Used when customize network. Only creates a tap device. No veth pair. | ||
# | ||
# - tcfilter | ||
# Uses tc filter rules to redirect traffic from the network interface | ||
# provided by plugin to a tap interface connected to the VM. | ||
# | ||
internetworking_model="@DEFNETWORKMODEL_CLH@" | ||
|
||
# disable guest seccomp | ||
# Determines whether container seccomp profiles are passed to the virtual | ||
# machine and applied by the kata agent. If set to true, seccomp is not applied | ||
# within the guest | ||
# (default: true) | ||
disable_guest_seccomp=@DEFDISABLEGUESTSECCOMP@ | ||
|
||
# If enabled, the runtime will create opentracing.io traces and spans. | ||
# (See https://www.jaegertracing.io/docs/getting-started). | ||
# (default: disabled) | ||
#enable_tracing = true | ||
|
||
# If enabled, the runtime will not create a network namespace for shim and hypervisor processes. | ||
# This option may have some potential impacts to your host. It should only be used when you know what you're doing. | ||
# `disable_new_netns` conflicts with `enable_netmon` | ||
# `disable_new_netns` conflicts with `internetworking_model=bridged` and `internetworking_model=macvtap`. It works only | ||
# with `internetworking_model=none`. The tap device will be in the host network namespace and can connect to a bridge | ||
# (like OVS) directly. | ||
# If you are using docker, `disable_new_netns` only works with `docker run --net=none` | ||
# (default: false) | ||
#disable_new_netns = true | ||
|
||
# if enabled, the runtime will add all the kata processes inside one dedicated cgroup. | ||
# The container cgroups in the host are not created, just one single cgroup per sandbox. | ||
# The sandbox cgroup is not constrained by the runtime | ||
# The runtime caller is free to restrict or collect cgroup stats of the overall Kata sandbox. | ||
# The sandbox cgroup path is the parent cgroup of a container with the PodSandbox annotation. | ||
# See: https://godoc.org/github.com/kata-containers/runtime/virtcontainers#ContainerType | ||
sandbox_cgroup_only=@DEFSANDBOXCGROUPONLY@ | ||
|
||
# Enabled experimental feature list, format: ["a", "b"]. | ||
# Experimental features are features not stable enough for production, | ||
# They may break compatibility, and are prepared for a big version bump. | ||
# Supported experimental features: | ||
# 1. "newstore": new persist storage driver which breaks backward compatibility, | ||
# expected to move out of experimental in 2.0.0. | ||
# (default: []) | ||
experimental=@DEFAULTEXPFEATURES@ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.