gitee.com/leisunstar/runtime@v0.0.0-20200521203717-5cef3e7b53f9/virtcontainers/pkg/annotations/annotations.go

gitee.com/leisunstar/runtime@v0.0.0-20200521203717-5cef3e7b53f9/virtcontainers/pkg/annotations/annotations.go (about)

     1  // Copyright (c) 2017 Intel Corporation
     2  //
     3  // SPDX-License-Identifier: Apache-2.0
     4  //
     5  
     6  package annotations
     7  
     8  const (
     9  	kataAnnotationsPrefix     = "io.katacontainers."
    10  	kataConfAnnotationsPrefix = kataAnnotationsPrefix + "config."
    11  	kataAnnotHypervisorPrefix = kataConfAnnotationsPrefix + "hypervisor."
    12  
    13  	//
    14  	// OCI
    15  	//
    16  
    17  	// BundlePathKey is the annotation key to fetch the OCI configuration file path.
    18  	BundlePathKey = kataAnnotationsPrefix + "pkg.oci.bundle_path"
    19  
    20  	// ContainerTypeKey is the annotation key to fetch container type.
    21  	ContainerTypeKey = kataAnnotationsPrefix + "pkg.oci.container_type"
    22  
    23  	SandboxConfigPathKey = kataAnnotationsPrefix + "config_path"
    24  )
    25  
    26  // Annotations related to Hypervisor configuration
    27  const (
    28  	//
    29  	// Assets
    30  	//
    31  
    32  	// KernelPath is a sandbox annotation for passing a per container path pointing at the kernel needed to boot the container VM.
    33  	KernelPath = kataAnnotHypervisorPrefix + "kernel"
    34  
    35  	// ImagePath is a sandbox annotation for passing a per container path pointing at the guest image that will run in the container VM.
    36  	ImagePath = kataAnnotHypervisorPrefix + "image"
    37  
    38  	// InitrdPath is a sandbox annotation for passing a per container path pointing at the guest initrd image that will run in the container VM.
    39  	InitrdPath = kataAnnotHypervisorPrefix + "initrd"
    40  
    41  	// HypervisorPath is a sandbox annotation for passing a per container path pointing at the hypervisor that will run the container VM.
    42  	HypervisorPath = kataAnnotHypervisorPrefix + "path"
    43  
    44  	// JailerPath is a sandbox annotation for passing a per container path pointing at the jailer that will constrain the container VM.
    45  	JailerPath = kataAnnotHypervisorPrefix + "jailer_path"
    46  
    47  	// FirmwarePath is a sandbox annotation for passing a per container path pointing at the guest firmware that will run the container VM.
    48  	FirmwarePath = kataAnnotHypervisorPrefix + "firmware"
    49  
    50  	// KernelHash is a sandbox annotation for passing a container kernel image SHA-512 hash value.
    51  	KernelHash = kataAnnotHypervisorPrefix + "kernel_hash"
    52  
    53  	// ImageHash is an sandbox annotation for passing a container guest image SHA-512 hash value.
    54  	ImageHash = kataAnnotHypervisorPrefix + "image_hash"
    55  
    56  	// InitrdHash is an sandbox annotation for passing a container guest initrd SHA-512 hash value.
    57  	InitrdHash = kataAnnotHypervisorPrefix + "initrd_hash"
    58  
    59  	// HypervisorHash is an sandbox annotation for passing a container hypervisor binary SHA-512 hash value.
    60  	HypervisorHash = kataAnnotHypervisorPrefix + "hypervisor_hash"
    61  
    62  	// JailerHash is an sandbox annotation for passing a jailer binary SHA-512 hash value.
    63  	JailerHash = kataAnnotHypervisorPrefix + "jailer_hash"
    64  
    65  	// FirmwareHash is an sandbox annotation for passing a container guest firmware SHA-512 hash value.
    66  	FirmwareHash = kataAnnotHypervisorPrefix + "firmware_hash"
    67  
    68  	// AssetHashType is the hash type used for assets verification
    69  	AssetHashType = kataAnnotationsPrefix + "asset_hash_type"
    70  
    71  	//
    72  	//	Generic annotations
    73  	//
    74  
    75  	// KernelParams is a sandbox annotation for passing additional guest kernel parameters.
    76  	KernelParams = kataAnnotHypervisorPrefix + "kernel_params"
    77  
    78  	// MachineType is a sandbox annotation to specify the type of machine being emulated by the hypervisor.
    79  	MachineType = kataAnnotHypervisorPrefix + "machine_type"
    80  
    81  	// MachineAccelerators is a sandbox annotation to specify machine specific accelerators for the hypervisor.
    82  	MachineAccelerators = kataAnnotHypervisorPrefix + "machine_accelerators"
    83  
    84  	// CPUFeatures is a sandbox annotation to specify cpu specific features.
    85  	CPUFeatures = kataAnnotHypervisorPrefix + "cpu_features"
    86  
    87  	// DisableVhostNet is a sandbox annotation to specify if vhost-net is not available on the host.
    88  	DisableVhostNet = kataAnnotHypervisorPrefix + "disable_vhost_net"
    89  
    90  	// EnableVhostUserStore is a sandbox annotation to specify if vhost-user-blk/scsi is abailable on the host
    91  	EnableVhostUserStore = kataAnnotHypervisorPrefix + "enable_vhost_user_store"
    92  
    93  	// VhostUserStorePath is a sandbox annotation to specify the directory path where vhost-user devices
    94  	// related folders, sockets and device nodes should be.
    95  	VhostUserStorePath = kataAnnotHypervisorPrefix + "vhost_user_store_path"
    96  
    97  	// GuestHookPath is a sandbox annotation to specify the path within the VM that will be used for 'drop-in' hooks.
    98  	GuestHookPath = kataAnnotHypervisorPrefix + "guest_hook_path"
    99  
   100  	// UseVSock is a sandbox annotation to specify use of vsock for agent communication.
   101  	UseVSock = kataAnnotHypervisorPrefix + "use_vsock"
   102  
   103  	// DisableImageNvdimm is a sandbox annotation to specify use of nvdimm device for guest rootfs image.
   104  	DisableImageNvdimm = kataAnnotHypervisorPrefix + "disable_image_nvdimm"
   105  
   106  	// HotplugVFIOOnRootBus is a sandbox annotation used to indicate if devices need to be hotplugged on the
   107  	// root bus instead of a bridge.
   108  	HotplugVFIOOnRootBus = kataAnnotHypervisorPrefix + "hotplug_vfio_on_root_bus"
   109  
   110  	// PCIeRootPort is used to indicate the number of PCIe Root Port devices
   111  	// The PCIe Root Port device is used to hot-plug the PCIe device
   112  	PCIeRootPort = kataAnnotHypervisorPrefix + "pcie_root_port"
   113  
   114  	// EntropySource is a sandbox annotation to specify the path to a host source of
   115  	// entropy (/dev/random, /dev/urandom or real hardware RNG device)
   116  	EntropySource = kataAnnotHypervisorPrefix + "entropy_source"
   117  
   118  	//
   119  	//	CPU Annotations
   120  	//
   121  
   122  	// DefaultVCPUs is a sandbox annotation for passing the default vcpus assigned for a VM by the hypervisor.
   123  	DefaultVCPUs = kataAnnotHypervisorPrefix + "default_vcpus"
   124  
   125  	// DefaultVCPUs is a sandbox annotation that specifies the maximum number of vCPUs allocated for the VM by the hypervisor.
   126  	DefaultMaxVCPUs = kataAnnotHypervisorPrefix + "default_max_vcpus"
   127  
   128  	//
   129  	//	Memory related annotations
   130  	//
   131  
   132  	// DefaultMemory is a sandbox annotation for the memory assigned for a VM by the hypervisor.
   133  	DefaultMemory = kataAnnotHypervisorPrefix + "default_memory"
   134  
   135  	// MemSlots is a sandbox annotation to specify the memory slots assigned to the VM by the hypervisor.
   136  	MemSlots = kataAnnotHypervisorPrefix + "memory_slots"
   137  
   138  	// MemOffset is a sandbox annotation that specifies the memory space used for nvdimm device by the hypervisor.
   139  	MemOffset = kataAnnotHypervisorPrefix + "memory_offset"
   140  
   141  	// VirtioMem is a sandbox annotation that is used to enable/disable virtio-mem.
   142  	VirtioMem = kataAnnotHypervisorPrefix + "enable_virtio_mem"
   143  
   144  	// MemPrealloc is a sandbox annotation that specifies the memory space used for nvdimm device by the hypervisor.
   145  	MemPrealloc = kataAnnotHypervisorPrefix + "enable_mem_prealloc"
   146  
   147  	// EnableSwap is a sandbox annotation to enable swap of vm memory.
   148  	// The behaviour is undefined if mem_prealloc is also set to true
   149  	EnableSwap = kataAnnotHypervisorPrefix + "enable_swap"
   150  
   151  	// HugePages is a sandbox annotation to specify if the memory should be pre-allocated from huge pages
   152  	HugePages = kataAnnotHypervisorPrefix + "enable_hugepages"
   153  
   154  	// FileBackedMemRootDir is a sandbox annotation to soecify file based memory backend root directory
   155  	FileBackedMemRootDir = kataAnnotHypervisorPrefix + "file_mem_backend"
   156  
   157  	//
   158  	//	Shared File System related annotations
   159  	//
   160  
   161  	// Msize9p is a sandbox annotation to specify as the msize for 9p shares
   162  	Msize9p = kataAnnotHypervisorPrefix + "msize_9p"
   163  
   164  	// SharedFs is a sandbox annotation to specify the shared file system type, either virtio-9p or virtio-fs.
   165  	SharedFS = kataAnnotHypervisorPrefix + "shared_fs"
   166  
   167  	// VirtioFSDaemon is a sandbox annotations to specify virtio-fs vhost-user daemon path
   168  	VirtioFSDaemon = kataAnnotHypervisorPrefix + "virtio_fs_daemon"
   169  
   170  	// VirtioFSCache is a sandbox annotation to specify the cache mode for fs version cache or "none"
   171  	VirtioFSCache = kataAnnotHypervisorPrefix + "virtio_fs_cache"
   172  
   173  	// VirtioFSCacheSize is a sandbox annotation to specify the DAX cache size in MiB
   174  	VirtioFSCacheSize = kataAnnotHypervisorPrefix + "virtio_fs_cache_size"
   175  
   176  	// VirtioFSExtraArgs is a sandbox annotation to pass options to virtiofsd daemon
   177  	VirtioFSExtraArgs = kataAnnotHypervisorPrefix + "virtio_fs_extra_args"
   178  
   179  	//
   180  	//	Block Device related annotations
   181  	//
   182  
   183  	// BlockDeviceDriver specifies the driver to be used for block device either VirtioSCSI or VirtioBlock
   184  	BlockDeviceDriver = kataAnnotHypervisorPrefix + "block_device_driver"
   185  
   186  	// DisableBlockDeviceUse  is a sandbox annotation that disallows a block device from being used.
   187  	DisableBlockDeviceUse = kataAnnotHypervisorPrefix + "disable_block_device_use"
   188  
   189  	// EnableIOThreads is a sandbox annotation to enable IO to be processed in a separate thread.
   190  	// Supported currently for virtio-scsi driver.
   191  	EnableIOThreads = kataAnnotHypervisorPrefix + "enable_iothreads"
   192  
   193  	// BlockDeviceCacheSet is a sandbox annotation that specifies cache-related options will be set to block devices or not.
   194  	BlockDeviceCacheSet = kataAnnotHypervisorPrefix + "block_device_cache_set"
   195  
   196  	// BlockDeviceCacheDirect is a sandbox annotation that specifies cache-related options for block devices.
   197  	// Denotes whether use of O_DIRECT (bypass the host page cache) is enabled.
   198  	BlockDeviceCacheDirect = kataAnnotHypervisorPrefix + "block_device_cache_direct"
   199  
   200  	// BlockDeviceCacheNoflush is a sandbox annotation that specifies cache-related options for block devices.
   201  	// Denotes whether flush requests for the device are ignored.
   202  	BlockDeviceCacheNoflush = kataAnnotHypervisorPrefix + "block_device_cache_noflush"
   203  )
   204  
   205  // Agent related annotations
   206  const (
   207  	kataAnnotRuntimePrefix = kataConfAnnotationsPrefix + "runtime."
   208  
   209  	// DisableGuestSeccomp is a sandbox annotation that determines if seccomp should be applied inside guest.
   210  	DisableGuestSeccomp = kataAnnotRuntimePrefix + "disable_guest_seccomp"
   211  
   212  	// SandboxCgroupOnly is a sandbox annotation that determines if kata processes are managed only in sandbox cgroup.
   213  	SandboxCgroupOnly = kataAnnotRuntimePrefix + "sandbox_cgroup_only"
   214  
   215  	// Experimental is a sandbox annotation that determines if experimental features enabled.
   216  	Experimental = kataAnnotRuntimePrefix + "experimental"
   217  
   218  	// InterNetworkModel is a sandbox annotaion that determines how the VM should be connected to the
   219  	//the container network interface.
   220  	InterNetworkModel = kataAnnotRuntimePrefix + "internetworking_model"
   221  
   222  	// DisableNewNetNs is a sandbox annotation that determines if create a netns for hypervisor process.
   223  	DisableNewNetNs = kataAnnotRuntimePrefix + "disable_new_netns"
   224  )
   225  
   226  const (
   227  	kataAnnotAgentPrefix = kataConfAnnotationsPrefix + "agent."
   228  
   229  	// KernelModules is the annotation key for passing the list of kernel
   230  	// modules and their parameters that will be loaded in the guest kernel.
   231  	// Semicolon separated list of kernel modules and their parameters.
   232  	// These modules will be loaded in the guest kernel using modprobe(8).
   233  	// The following example can be used to load two kernel modules with parameters
   234  	///
   235  	//   annotations:
   236  	//     io.kata-containers.config.agent.kernel_modules: "e1000e InterruptThrottleRate=3000,3000,3000 EEE=1; i915 enable_ppgtt=0"
   237  	//
   238  	// The first word is considered as the module name and the rest as its parameters.
   239  	//
   240  	KernelModules = kataAnnotAgentPrefix + "kernel_modules"
   241  
   242  	// AgentTrace is a sandbox annotation to enable tracing for the agent.
   243  	AgentTrace = kataAnnotAgentPrefix + "enable_tracing"
   244  
   245  	// AgentTraceMode is a sandbox annotation to specify the trace mode for the agent.
   246  	AgentTraceMode = kataAnnotAgentPrefix + "trace_mode"
   247  
   248  	// AgentTraceMode is a sandbox annotation to specify the trace type for the agent.
   249  	AgentTraceType = kataAnnotAgentPrefix + "trace_type"
   250  
   251  	// AgentContainerPipeSize is an annotation to specify the size of the pipes created for containers
   252  	AgentContainerPipeSize       = kataAnnotAgentPrefix + ContainerPipeSizeOption
   253  	ContainerPipeSizeOption      = "container_pipe_size"
   254  	ContainerPipeSizeKernelParam = "agent." + ContainerPipeSizeOption
   255  )
   256  
   257  const (
   258  	// SHA512 is the SHA-512 (64) hash algorithm
   259  	SHA512 string = "sha512"
   260  )