755520c5fd
Bumping crun to version 1.18.2-17-g52ed5880, which comprises the following commits:
fd69065d test: add new test for exec-cpu-affinity
b941d6c5 linux: move reset cpu affinity to scheduler
ef33259c linux: honor exec cpu affinity mask
047b7485 src: move cpuset_string_to_bitmask to utils
2c8088c4 libocispec: sync
42b959b5 container: initialize max caps before accessing process block
46bd62b1 cgroup: do not stop process on exec
19bbd8da utils: silence compiler warning
8a0ee4b5 src: use mount API to self-clone
85d4db3d crun: check for integer overflow
10b2146e linux: add check before deref
2525752d cgroup: drop unuseful check
1ae190b0 src: run make clang-format
00ab38af NEWS: tag 1.18.2
5bc6b50e cgroup, systemd: fix first rule selection for systemd
c41f034f NEWS: tag 1.18.1
6628d7a3 utils: check for snprintf truncation
7c4a3f9c cgroup: skip DevicePolicy if all devices are allowed
ef60ec90 libcrun: deprecate cgroup v1
77e4233a cgroup, systemd: ignore rules before a default deny one
8a30a57a cgroup: ignore redundant deny dev cgroup rules
369dd95b CONTRIBUTING.md: new file
3647ecab linux: copy map_file before tokenizing in uidgidmap_helper
8656b254 NEWS: tag 1.18
bf0a3516 rpm: use embedded yajl in RHEL builds
41461290 crun.1.md: add lsm-profile and lsm-mount-context
ed642593 criu: load lsm functions
ce89aa66 restore: add lsm-mount-context option
9efd6a87 restore: add lsm-profile option
aee13711 github: update run-on-arch-action
c4a65aad cgroup: split lines when writing raw unified files
dd7adb22 cgroup: write_cgroup_file_or_alias uses write_cgroup_file
22b018d0 cgroup: convert block_io devices to IODeviceWeight
c7745e9a cgroup, systemd: add support for IODeviceWeight
8e3e693e cgroup: refactor handling of io.weight
7d0e2cdb cgroup: report errors if value contains not parsed data
efae52ab cgroup: add support for the misc controller
d55194b2 cgroup systemd: ignore unsupported properties
500cf802 cgroup, systemd: honor cpu.idle
5f64da6a linux: pass down state_root to the cgroup handler
80d9677b cgroup, systemd: honor memory.zswap.max
01fa4993 cgroup: specify devices rules to systemd
667442e4 cgroup: move standard devs definition in a common place
335d8cfb cgroup: specify TasksMax to systemd
f6d8373f cgroup: specify MemorySwapMax to systemd
1a04566d cgroup: specify MemoryLow|MemoryHigh|MemoryMin to systemd
8d90eb3a cgroup: use macro to refactor common pattern
34061ab5 add duplicate namespace detection
b29ccd7e cgroup: rename function
af034b91 cgroup: special handle value "max"
2825a579 cgroup: set io weight on systemd owned cgroup
6cf5324b Packit: constrain koji and bodhi jobs to the fedora package
7140aea1 nix: replace gitMinimal with git
27b5a2f6 Fix running on kernel without user namespaces
b5ff44f2 nix: update list of packages
3b40d773 build: specify --extra-experimental-features to nix
da616875 release.sh: update nix image
dee824e6 Fix segfault in `crun features`
4ea62f25 Disable criu support on riscv64
Bumping libocispec to latest, which comprises the following commits:
ed23e6a runtime-spec: sync from upstream
412ce10 image-spec: sync from upstream
4b8feed common: make sizeof the last argument for calloc
Bumping image-spec to version v1.1.0-44-gc66e811, which comprises the following commits:
40d3096 add example using .wh. and move opaque example to its section
cee95e9 Ignore uname/gname where uid/gid are supported
d44515e Changes requested from review
5db69d9 Feat: Pin external references on a release
76b8bae README: update runtime-spec links to use main branch
716f83b Implementations should support zstd
Bumping runtime-spec to version v1.2.0-23-g9505701, which comprises the following commits:
9ceba9f update http links to https
faf82be doc: fix the invalid hyperlink naming-a-volume
adaa517 config: simplify final CPU affinity rule
119ae42 Add CPU affinity to executed processes
2149fb5 config-linux: describe the format of cpus and mems
c6af124 ci: remove redundunt actions
d4aa6d8 chore: format JSON file `make -C schema fmt`
b983fbf CODEOWNERS: remove vbatts
bf698d0 MAINTAINERS: move vbatts to EMERITUS
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|---|---|---|
| classes | ||
| conf | ||
| docs | ||
| dynamic-layers | ||
| files | ||
| lib/oeqa/runtime/cases | ||
| recipes-containers | ||
| recipes-core | ||
| recipes-demo | ||
| recipes-devtools | ||
| recipes-extended | ||
| recipes-graphics/xorg-xserver | ||
| recipes-kernel | ||
| recipes-networking | ||
| scripts | ||
| wic | ||
| .gitignore | ||
| COPYING.MIT | ||
| MAINTAINERS | ||
| meta-virt-roadmap.txt | ||
| README.md | ||
| SECURITY.md | ||
meta-virtualization
This layer provides support for building Xen, KVM, Libvirt, and associated packages necessary for constructing OE-based virtualized solutions.
The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line.
DISTRO_FEATURES:append = " virtualization"
If meta-virtualization is included, but virtualization is not enabled as a distro feature a warning is printed at parse time:
You have included the meta-virtualization layer, but
'virtualization' has not been enabled in your DISTRO_FEATURES. Some bbappend files
may not take effect. See the meta-virtualization README for details on enabling
virtualization support.
If you know what you are doing, this warning can be disabled by setting the following variable in your configuration:
SKIP_META_VIRT_SANITY_CHECK = 1
Depending on your use case, there are other distro features in meta-virtualization that may also be enabled:
- xen: enables xen functionality in various packages (kernel, libvirt, etc)
- kvm: enables KVM configurations in the kernel and autoloads modules
- k8s: enables kubernets configurations in the kernel, tools and configuration
- aufs: enables aufs support in docker and linux-yocto
- x11: enable xen and libvirt functionality related to x11
- selinux: enables functionality in libvirt and lxc
- systemd: enable systemd services and unit files (for recipes for support)
- sysvinit: enable sysvinit scripts (for recipes with support)
- seccomp: enable seccomp support for packages that have the capability.
Dependencies
This layer depends on:
URI: git://github.com/openembedded/openembedded-core.git branch: master revision: HEAD prio: default
URI: git://github.com/openembedded/meta-openembedded.git branch: master revision: HEAD layers: meta-oe meta-networking meta-filesystems meta-python
Required for Xen XSM policy: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Required for Ceph: URI: git://git.yoctoproject.org/meta-cloud-services branch: master revision: HEAD prio: default
Required for cri-o: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Community / Colaboration
Repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/ Mailing list: https://lists.yoctoproject.org/g/meta-virtualization IRC: libera.chat #meta-virt channel
Maintenance
Send pull requests, patches, comments or questions to meta-virtualization@lists.yoctoproject.org
Maintainer: Bruce Ashfield bruce.ashfield@gmail.com see MAINTAINERS for more specific information
When sending single patches, please using something like: $ git send-email -1 -M --to meta-virtualization@lists.yoctoproject.org --subject-prefix='meta-virtualization][PATCH'
License
All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.