MIRRORS/meta-virtualization
1
0
Fork 0
mirror of git://git.yoctoproject.org/meta-virtualization.git synced 2025-07-19 12:50:22 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,551 Commits 38 Branches 0 Tags 9.2 MiB
HTML 30.6%
BitBake 26.6%
C++ 17.6%
PHP 8.7%
Python 6.6%
Other 9.9%
299c418144
Go to file
Bruce Ashfield 299c418144 crun: update to latest 
Bumping crun to version 0.20.1-7-g7ef74c9, which comprises the following commits:

    b07c389 criu: fix error check
    09401bb linux: fix unitialized variable
    b222968 cgroup: fix a memory leak
    1182975 cgroup: honor memory swappiness set to 0
    38271d1 NEWS: tag 0.20.1
    923447b container: ignore resetting keyring SELinux label
    b26493f Dockerfile: install required python3-jinja2 package
    0d42f11 NEWS: tag 0.20
    9042ac5 seccomp: drop SECCOMP_FILTER_FLAG_LOG by default
    0f4156f cgroup: Refactor libcrun-cgroup-destory to support picking subsystems dynamically and clean custom controllers.
    d6be344 cgroup: ignore devices errors in a userns
    6e187fb cgroup: do not join empty controller
    badb23d seccomp: report correct action in error message
    5201956 container: apply SELinux label to keyring
    4b664e9 linux: attempt to open existing dev file first
    dd1c419 libocispec: sync from upstream
    5f74e2a Makefile.am: make sure libocispec uses main branch
    f0c76e1 utils: close_range fallbacks to close on EPERM
    1596ab1 Update crun manual with recently added flags
    1d84d62 Fix type for LinuxDeviceCgroup.linux.resources.devices.allow in default Spec
    62d251d container: call prestart hooks before rootfs is RO
    48bc33d Exec: Add --process-label and --apparmor to allow modifying selinux_label and apparmor_profile
    0e53e87 Exec: Add --no-new-privs to and adhere if noNewPriviledges is false in basespec config
    2de8b43 Fix SIGSEGV for rootless container caused by case when def->linux is defined but def->linux->cgroups_path is NULL
    54e77c2 Add support for spec --bundle
    ae11886 cgroup: fix regression in mode detection
    194b72d kill: fix race condition with pidfd_open
    2910d9b cgroup: add custom annotation run.oci.delegate-cgroup
    407eef9 cgroup: drop argument from function
    0485de6 cgroup: report error if the cgroup path was set
    bf5020a cgroup: improve error message
    a131715 cgroup: fix recursive cleanup
    6e95060 cgroup: kill procs in cgroup on EBUSY
    0274d6f tests: disable go modules
    1272eaf tests: skip podman create --pull
    04f1a6a container: read the error from the init process
    29afcd6 Update README.md
    9863a8e Update README.md
    55f5ed5 utils: use /proc/self/fd to open unix socket
    fa40930 contrib: fix warning from the rust compiler
    1535fed NEWS: tag 0.19.1
    227e0be spec: add cgroup ns if on cgroup v2
    3fbe777 libcrun: add const to spec_file
    eb34661 libcrun: annotate cgroup_mode < 0 checks
    92bcc81 tests: add fuzzing tests
    af3509d cgroup: support array of strings
    9effaeb On exec, honor additional_gids from the process spec, not the container definition

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2021-06-21 08:52:18 -04:00
classes cni: introduce cni networking bbclass 2021-03-15 23:15:42 -04:00
conf conf: drop gatesgarth from compatibility 2021-06-04 08:38:34 -04:00
docs docs: Add initial Xvisor doc 2020-08-16 21:18:21 -04:00
dynamic-layers xen: Remove deltask for setscene 2021-04-29 23:12:46 -04:00
files fs-perms-nagios.txt: add perms conf file 2018-09-06 12:45:17 -04:00
recipes-containers crun: update to latest 2021-06-21 08:52:18 -04:00
recipes-core initrd: bump busybox to 1.33.1 to match oe-core 2021-05-11 08:52:53 -04:00
recipes-devtools go-systemd: explicitly specify branch 2021-05-12 15:03:42 -04:00
recipes-extended libvmi: upadte to 0.14.0 2021-06-04 08:43:11 -04:00
recipes-graphics/xorg-xserver xorg-xserver: make changes conditional on xen distro feature 2020-01-22 16:07:51 +00:00
recipes-kernel/linux k8s/k3s: add kernel configuration features 2021-03-15 23:15:42 -04:00
recipes-networking cni: inhibit go.mod build for main cni 2021-06-15 10:33:41 -04:00
scripts/lib/wic/plugins/source wic: add support for bootable pcbios partition with Xen hypervisor 2020-02-27 16:59:22 -05:00
wic wic: add support for bootable pcbios partition with Xen hypervisor 2020-02-27 16:59:22 -05:00
.gitignore wic: add support for bootable pcbios partition with Xen hypervisor 2020-02-27 16:59:22 -05:00
COPYING.MIT Initial meta-xen layer documentation. 2012-06-21 15:51:11 -06:00
MAINTAINERS layer: Add MAINTAINERS file 2020-02-27 17:10:30 -05:00
meta-virt-roadmap.txt docs: roadmap: add missing workflow items 2019-10-28 11:56:10 -04:00
README README: update IRC to libera.chat 2021-06-04 08:43:12 -04:00

README

meta-virtualization

This layer provides support for building Xen, KVM, Libvirt, and associated packages necessary for constructing OE-based virtualized solutions.

The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line.

DISTRO_FEATURES_append = " virtualization"

If meta-virtualization is included, but virtualization is not enabled as a distro feature a warning is printed at parse time:

You have included the meta-virtualization layer, but
'virtualization' has not been enabled in your DISTRO_FEATURES. Some bbappend files
may not take effect. See the meta-virtualization README for details on enabling
virtualization support.

If you know what you are doing, this warning can be disabled by setting the following variable in your configuration:

SKIP_META_VIRT_SANITY_CHECK = 1

Depending on your use case, there are other distro features in meta-virtualization that may also be enabled:

  • xen: enables xen functionality in various packages (kernel, libvirt, etc)
  • kvm: enables KVM configurations in the kernel and autoloads modules
  • k8s: enables kubernets configurations in the kernel, tools and configuration
  • aufs: enables aufs support in docker and linux-yocto
  • x11: enable xen and libvirt functionality related to x11
  • selinux: enables functionality in libvirt and lxc
  • systemd: enable systemd services and unit files (for recipes for support)
  • sysvinit: enable sysvinit scripts (for recipes with support)
  • seccomp: enable seccomp support for packages that have the capability.

Dependencies

This layer depends on:

URI: git://github.com/openembedded/openembedded-core.git branch: master revision: HEAD prio: default

URI: git://github.com/openembedded/meta-openembedded.git branch: master revision: HEAD layers: meta-oe meta-networking meta-filesystems meta-python

BBFILE_PRIORITY_openembedded-layer = "4"

Required for Xen XSM policy: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default

Required for Ceph: URI: git://git.yoctoproject.org/meta-cloud-services branch: master revision: HEAD prio: default

Required for cri-o: URI: git://github.com/advancedtelematic/meta-updater URI: git://git.yoctoproject.org/meta-selinux URI: git://git.yoctoproject.org/meta-security branch: master revision: HEAD prio: default

Community / Colaboration

Repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/ Mailing list: https://lists.yoctoproject.org/g/meta-virtualization IRC: libera.chat #meta-virt channel

Maintenance

Send pull requests, patches, comments or questions to meta-virtualization@lists.yoctoproject.org

Maintainer: Bruce Ashfield bruce.ashfield@gmail.com see MAINTAINERS for more specific information

When sending single patches, please using something like: $ git send-email -1 -M --to meta-virtualization@lists.yoctoproject.org --subject-prefix='meta-virtualization][PATCH'

License

All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.