76ded0c386
Bumping the SRCREV to include the following commits: ef9922c2 libct/cg: don't return OOMKillCount error when rootless 5cdd9022 libct/cg/fs[2]: fix comments about m.rootless 2f1a3ed3 Fix vendored dependencies d15c7bb0 go.mod: github.com/cilium/ebpf v0.5.0 f28a8cc2 ebpf: replace deprecated prog.Attach/prog.Detach 928ef7af libct/nsenter: add json msg escaping 52390d68 Ignore kernel memory settings b7c315ad vendor: bump containerd/console to 1.0.2 b6cdb8ae fix a typo 64bb59f5 nsenter: improve debug logging 6ce2d63a libct/init_linux: retry chdir to fix EPERM c5029c00 tests: fix hello-world tarball name in testdata for arm64 289a3045 go.mod: github.com/moby/sys/mountinfo v0.4.1 4316df8b libcontainer/system: move userns utilities to separate package e7fd383b libcontainer/system: un-export UIDMapInUserNS() 249356a1 libcontainer/system: remove unused GetParentNSeuid() dc52ed25 libcontainer/user: remove outdated MAINTAINERS file 72ecf59c libcontainer/user: fix windows compile error 2515b0c2 libct/user: rm windows code 0596f6e1 libcontainer/devices/device_windows.go: rm b1deba8c libcontainer/configs/config_windows_test.go: rm f1586dbd libcontainer/configs/validate: make Validate() less DRY 4126b807 libcontainer/configs: add missing type for hooknames 48125179 go.mod: github.com/cilium/ebpf v0.4.0 44611630 docs/systemd: add 27bb1bd5 libct/specconv/CreateCgroupConfig: don't set c.Parent default d748280a make release: build/include libseccomp aa6da82c script/release.sh: fix shellcheck warnings 3eb46d89 ci: make static built binary available f0dec0b4 libct/specconv/CreateCgroupConfig: nit 36fe3cc2 tests/int/cpt: fix lazy-pages flakiness 2dd62b3d libct/checkCriuFeatures: rm excessive debug 0e089002 tests/int/checkpoint: close lazy_r fd b09030a5 tests/int/checkpoint: close fds in check_pipes e63df1e6 tests/int: really randomize cgroup/unit names 6e4c5b6e tests/int/cgroups: don't use BUSYBOX_BUNDLE adf733fa vendor: update go-systemd and godbus f09a3e1b tests/int: don't set/use CGROUP_XXX variables 4ecff8d9 start: don't kill runc init too early b1184302 libct/configs/validator: add some cgroup support 79a8647b libct/int: add TestFdLeaks b3be2b0b libct: close execFifo after start 08b52797 Make test specific to disassembleFilter function 7b3e0bcf Ensure the scratch pipe is read during ExportBPF 62f1f0e4 tests/int/checkpoint: check all logs for errors 346cb359 Revert "tests/checkpoint: show full log lazy pages cpt" c9b3787b script/check-config.sh: add SELinux and AppArmor 5fb831a0 capabilities: WARN, not ERROR, for unknown / unavailable capabilities e49d5da2 go.mod: OCI runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 2726146b runc --debug: more tests 201d60c5 runc run/start/exec: fix init log forwarding race c06f999b libct/logs/test: refactor 688ea99e runc init: fix double call to ConfigureLogs dd6c8d76 main: cast Chmod argument to os.FileMode 69ec21a1 libct/logs.ForwardLogs: use bufio.Scanner 0300299a tests/int/debug.bats: fixups d38d1f9f libcontainer/logs: use int for Config.LogPipeFd ac93746c libct/seccomp: rm IsEnabled 9b2f1e6f runc version: don't use seccomp.IsEnabled d76309f9 script/check-config.sh: add CONFIG_SECCOMP_FILTER 997e8942 capabilities.Caps: use a map for capability-types 41f466d8 nsexec.c: fix formatting for netlink defines 522bd641 Fix checking C code formatting 1948b4ce cloned_binary.c: rm redundant comments b67deb56 nsexec.c: rm a block 513d89ee capabilities: use BOUNDING/AMBIENT instead of their alias dd2caace go.mod: runtime-spec v1.0.3-0.20210316141917-a8c4a9ee0f6b a608b7e7 libcontainer/apparmor: use sync.Once for AppArmor detection d6e89248 Fix build-tags in libcontainer/devices f585cec7 libct/cg/v2: always enable TasksAccounting 8c7ece1e fs2: fallback to setting io.weight if io.bfq.weight 74299a1c CI: cache ~/.vagrant.d/boxes 97f2e351 go.mod, libct: bump go-criu to v5, use google.golang.org/protobuf db025aba libct: criuSwrk: only iterate over CriuOpts if debug is set 051646a3 tests: test nested bind mount restore 705b6cc7 Re-create mountpoints during restore Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|---|---|---|
| classes | ||
| conf | ||
| docs | ||
| dynamic-layers | ||
| files | ||
| recipes-containers | ||
| recipes-core | ||
| recipes-devtools | ||
| recipes-extended | ||
| recipes-graphics/xorg-xserver | ||
| recipes-kernel/linux | ||
| recipes-networking | ||
| scripts/lib/wic/plugins/source | ||
| wic | ||
| .gitignore | ||
| COPYING.MIT | ||
| MAINTAINERS | ||
| meta-virt-roadmap.txt | ||
| README | ||
meta-virtualization
This layer provides support for building Xen, KVM, Libvirt, and associated packages necessary for constructing OE-based virtualized solutions.
The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line.
DISTRO_FEATURES_append = " virtualization"
If meta-virtualization is included, but virtualization is not enabled as a distro feature a warning is printed at parse time:
You have included the meta-virtualization layer, but
'virtualization' has not been enabled in your DISTRO_FEATURES. Some bbappend files
may not take effect. See the meta-virtualization README for details on enabling
virtualization support.
If you know what you are doing, this warning can be disabled by setting the following variable in your configuration:
SKIP_META_VIRT_SANITY_CHECK = 1
Depending on your use case, there are other distro features in meta-virtualization that may also be enabled:
- xen: enables xen functionality in various packages (kernel, libvirt, etc)
- kvm: enables KVM configurations in the kernel and autoloads modules
- k8s: enables kubernets configurations in the kernel, tools and configuration
- aufs: enables aufs support in docker and linux-yocto
- x11: enable xen and libvirt functionality related to x11
- selinux: enables functionality in libvirt and lxc
- systemd: enable systemd services and unit files (for recipes for support)
- sysvinit: enable sysvinit scripts (for recipes with support)
- seccomp: enable seccomp support for packages that have the capability.
Dependencies
This layer depends on:
URI: git://github.com/openembedded/openembedded-core.git branch: master revision: HEAD prio: default
URI: git://github.com/openembedded/meta-openembedded.git branch: master revision: HEAD layers: meta-oe meta-networking meta-filesystems meta-python
BBFILE_PRIORITY_openembedded-layer = "4"
Required for Xen XSM policy: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Required for Ceph: URI: git://git.yoctoproject.org/meta-cloud-services branch: master revision: HEAD prio: default
Required for cri-o: URI: git://github.com/advancedtelematic/meta-updater URI: git://git.yoctoproject.org/meta-selinux URI: git://git.yoctoproject.org/meta-security branch: master revision: HEAD prio: default
Community / Colaboration
Repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/ Mailing list: https://lists.yoctoproject.org/g/meta-virtualization IRC: freenode #meta-virt channel
Maintenance
Send pull requests, patches, comments or questions to meta-virtualization@lists.yoctoproject.org
Maintainer: Bruce Ashfield bruce.ashfield@gmail.com see MAINTAINERS for more specific information
When sending single patches, please using something like: $ git send-email -1 -M --to meta-virtualization@lists.yoctoproject.org --subject-prefix='meta-virtualization][PATCH'
License
All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.