5cbd89ca26
Along with the updates, there seems to be an interaction with our
configuration that is causing generation issues for APIs. We do
some tweaks to the script to work in our environment.
Bumping crun to version 1.24-19-g64611d7a, which comprises the following commits:
a9187097 Reset the inherited cpu affinity
d41a45ce Add .editorconfig
1188a679 configure.ac: check if error function is available
a569c2e7 cgroup, systemd: improved "same bpf" check
ccbf0d96 tests: Replace sprintf with snprintf for security
fc084fdf chroot_realpath: Replace sprintf with snprintf
b2032647 tests: fix compiler error
7417ead6 Add tmt integration plan
54693209 NEWS: tag 1.24
676c2c12 linux: fix array bounds warning in libcrun_configure_network
d8a88c06 criu: checkpoint correctly the shared empty directory path
6ead5130 linux: add support for numa set_mempolicy(2)
05b9f561 container: add missing crun_make_error
7f9447ec Revert "cgroup: do not create a sub-cgroup by default"
275305f8 intelrdt: honor default closID
e9711231 intelrdt: factor common code in a new function
dfdcf776 intelrdt: add support for EnableMonitoring
6c10fb5b intelrdt: check that schemata is not empty before failing
a9affe5d status: fix error check
a1119953 cgroup, systemd: validate ebpf is loaded
7160e31b libocispec: sync
4004e5be linux: optimize masked paths with shared empty directory
13d4770d contrib: format contrib files
8aa7545e krun: avoid failing if sev/nitro are not available
1556c13f src/libcrun: limit tmpfs memory usage for masked paths
28d60d87 krun: ensure spec->linux->resources->devices exists
e486eeab linux: fix regression mounting within userns
146fdcfe tests: remove unused debug_on_error option
37f702b7 tests: add ability to set debug=True
2aac0f56 Fix BOF
d417e0a4 Fixed BOF
cfedf930 build(deps): bump actions/checkout from 4 to 5
eb9912e0 build: add check for static builds
262d6ac3 cgroup: do not create a sub-cgroup by default
Bumping libocispec to latest, which comprises the following commits:
345279c runtime-spec: update from upstream
c3e5101 image-spec: update from upstream
92656e9 runtime-spec: update from upstream
19d5aeb runtime-spec: update from upstream
3c98525 image-spec: update from upstream
9d1955f sources.py: fix unconditional return in map value clone
Bumping runtime-spec to version v1.2.1-39-g5610abd, which comprises the following commits:
d7de8c0 ci: bump golangci-lint to v2.5
9758011 ci: add codespell job, fix existing issues
9efd9f2 schema/defs-linux.json: fix max for FileMode
09ec668 config-linux,schema: fix FileMode description
87f15fb schema: fix json
869b2d5 linux: clarify pids cgroup settings
a6c310a config-linux: clarify when the RDT sub-directory should be removed.
b280c07 config-linux: clarify the "MB:"-line filtering in RDT.
84b6c2c docs: fix and elaborate the nodes field in Linux memory policy
0758679 features-linux: expose IntelRdt monitoring support
e51a839 config-linux: define default clos for linux.intelRdt
642344a specs-go/features: add linux.intelRdt.schemata field
34a39b9 config-linux: add intelRdt.enableMonitoring (#1287)
afd830f principles: fix typo
57c9495 Add support for Linux memory policy
c6b3b08 runtime: fail when a poststart hook fails
af0d16d config: Add Hardware description object to the VM configuration
Bumping image-spec to version v1.1.1-22-g6519a62, which comprises the following commits:
02ba6e2 Descriptor size cannot be negative
cee899b Fix: Add entry to schema/go.sum
558802d Docs: Update pandoc for rendering documentation
693d8d7 Update to github.com/russross/blackfriday/v2
cbb69e2 Update to github.com/santhosh-tekuri/jsonschema/v6
d0e1005 Split github.com/opencontainers/image-spec/schema into a separate Go module
84ee56d Fix: correct a broken link to "applying changesets"
0bb67c2 Update GitHub Actions configuration
ab50866 Chore: Remove GOPATH from GitHub Actions
4fecf47 Add blake3 as a registered/supported hash algorithm
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|---|---|---|
| classes | ||
| conf | ||
| docs | ||
| dynamic-layers | ||
| files | ||
| lib/oeqa/runtime/cases | ||
| recipes-containers | ||
| recipes-core | ||
| recipes-demo | ||
| recipes-devtools | ||
| recipes-extended | ||
| recipes-graphics/xorg-xserver | ||
| recipes-kernel | ||
| recipes-networking | ||
| scripts | ||
| wic | ||
| .gitignore | ||
| COPYING.MIT | ||
| MAINTAINERS | ||
| meta-virt-roadmap.txt | ||
| README.md | ||
| SECURITY.md | ||
meta-virtualization
The meta-virtualization layer is the authoritative resource for virtualization technologies in OpenEmbedded / Yocto built distributions. It provides support or both hypervisor-based virtualization (such as KVM, Xen, and QEMU) and system-level virtualization (Linux containers), along with the host and guest technologies required to build complete solutions ranging from embedded systems to full deep CNCF stack deployments.
The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line.
DISTRO_FEATURES:append = " virtualization"
If meta-virtualization is included, but virtualization is not enabled as a distro feature a warning is printed at parse time:
You have included the meta-virtualization layer, but
'virtualization' has not been enabled in your DISTRO_FEATURES. Some bbappend files
may not take effect. See the meta-virtualization README for details on enabling
virtualization support.
If you know what you are doing, this warning can be disabled by setting the following variable in your configuration:
SKIP_META_VIRT_SANITY_CHECK = 1
Depending on your use case, there are other distro features in meta-virtualization that may also be enabled:
- xen: enables xen functionality in various packages (kernel, libvirt, etc)
- kvm: enables KVM configurations in the kernel and autoloads modules
- k8s: enables kubernetes configurations in the kernel, tools and configuration
- aufs: enables aufs support in docker and linux-yocto
- x11: enable xen and libvirt functionality related to x11
- selinux: enables functionality in libvirt and lxc
- systemd: enable systemd services and unit files (for recipes for support)
- sysvinit: enable sysvinit scripts (for recipes with support)
- seccomp: enable seccomp support for packages that have the capability.
Dependencies
This layer depends on:
URI: git://github.com/openembedded/openembedded-core.git branch: master revision: HEAD prio: default
URI: git://github.com/openembedded/meta-openembedded.git branch: master revision: HEAD layers: meta-oe meta-networking meta-filesystems meta-python
Required for Xen XSM policy: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Required for Ceph: URI: git://git.yoctoproject.org/meta-cloud-services branch: master revision: HEAD prio: default
Required for cri-o: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Community / Collaboration
Repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/ Mailing list: https://lists.yoctoproject.org/g/meta-virtualization IRC: libera.chat #meta-virt channel
Maintenance
Send pull requests, patches, comments or questions to meta-virtualization@lists.yoctoproject.org
Maintainer: Bruce Ashfield bruce.ashfield@gmail.com see MAINTAINERS for more specific information
When sending single patches, please using something like: $ git send-email -1 -M --to meta-virtualization@lists.yoctoproject.org --subject-prefix='meta-virtualization][PATCH'
License
All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.