Tags: Eric-Warehime/firecracker
Tags
Added * New device: virtio-vsock, backed by Unix domain sockets (GitHub issue firecracker-microvm#650). See `docs/vsock.md`. Fixed * Updated the documentation for integration tests. * Fixed high CPU usage before guest network interface is brought up (GitHub issue firecracker-microvm#1049). * Fixed an issue that caused the wrong date (month) to appear in the log. * Fixed a bug that caused the seccomp filter to reject legit syscalls in some rare cases (GitHub issue firecracker-microvm#1206). * Docs: updated the production host setup guide. * Docs: updated the rootfs and kernel creation guide. Removed * Removed experimental support for vhost-based vsock devices.
Added * New API call: `PATCH /machine-config/`, used to update VM configuration, before the microVM boots. * Added an experimental swagger definition that includes the specification for the vsock API call. * Added a signal handler for `SIGBUS` and `SIGSEGV` that immediately terminates the process upon intercepting the signal. * Added documentation for signal handling utilities. * Added [alpha] aarch64 support. * Added metrics for successful read and write operations of MMDS, Net and Block devices. Changed * `vcpu_count`, `mem_size_mib` and `ht_enabled` have been changed to be mandatory for `PUT` requests on `/machine-config/`. * Disallow invalid seccomp levels by exiting with error. Fixed * Incorrect handling of bind mounts within the jailed rootfs. * Corrected the guide for `Alpine` guest setup.
Added * Added [alpha] AMD support. * New `devtool` command: `prepare_release`. This updates the Firecracker version, crate dependencies and credits in preparation for a new release. * New `devtool` command: `tag`. This creates a new git tag for the specified release number, based on the changelog contents. * New doc section about building with glibc. Changed * Dropped the JSON-formatted `context` command-line parameter from Firecracker in favor of individual classic command-line parameters. * When running with `jailer` the location of the API socket has changed to `<jail-root-path>/api.socket` (API socket was moved _inside_ the jail). * `PUT` and `PATCH` requests on `/mmds` with data containing any value type other than `String`, `Array`, `Object` will return status code 400. * Improved multiple error messages. * Removed all kernel modules from the recommended kernel config. Fixed * Corrected the seccomp filter when building with glibc. Removed * Removed the `seccomp.bad_syscalls` metric.
Added * New API action: SendCtrlAltDel, used to initiate a graceful shutdown, if the guest has driver support for i8042 and AT Keyboard. See [the docs](docs/api_requests/actions.md#sendctrlaltdel) for details. * New metric counting the number of egress packets with a spoofed MAC: `net.tx_spoofed_mac_count`. * New API call: `PATCH /network-interfaces/`, used to update the rate limiters on a network interface, after the start of a microVM. Changed * Added missing `vmm_version` field to the InstanceInfo API swagger definition, and marked several other mandatory fields as such. * New default command line for guest kernel: `reboot=k panic=1 pci=off nomodules 8250.nr_uarts=0 i8042.noaux i8042.nomux i8042.nopnp i8042.dumbkbd`. Fixed * virtio-blk: VIRTIO_BLK_T_FLUSH now working as expected. * Vsock devices can be attached when starting Firecracker using the jailer. * Vsock devices work properly when seccomp filtering is enabled.
Added * Documentation for development environment setup on AWS in `dev-machine-setup.md`. * Documentation for microVM networking setup in `docs/network-setup.md`. * Limit the maximum supported vCPUs to 32. Changed * Log the app version when the `Logger` is initialized. * Pretty print panic information. * Firecracker terminates with exit code 148 when a non-whitelisted syscall is intercepted. Fixed * Fixed build with the `vsock` feature.
Added * Documentation for Logger API Requests in `docs/api_requests/logger.md`. * Documentation for Actions API Requests in `docs/api_requests/actions.md`. * Documentation for MMDS in `docs/mmds.md`. * Flush metrics on request via a PUT `/actions` with the `action_type` field set to `FlushMetrics`. Changed * Updated the swagger definition of the `Logger` to specify the required fields and provide default values for optional fields. * Default `seccomp-level` is `2` (was previously 0). * API Resource IDs can only contain alphanumeric characters and underscores. Fixed * Seccomp filters are now applied to all Firecracker threads. * Enforce minimum length of 1 character for the jailer ID. * Exit with error code when starting the jailer process fails. Removed * Removed `InstanceHalt` from the list of possible actions.
Added * The `/logger` API has a new field called `options`. This is an array of strings that specify additional logging configurations. The only supported value is `LogDirtyPages`. * When the `LogDirtyPages` option is configured via `PUT /logger`, a new metric called `memory.dirty_pages` is computed as the number of pages dirtied by the guest since the last time the metric was flushed. * Log messages on both graceful and forceful termination. * Availability of the list of dependencies for each commit inside the code base. * Documentation on vsock experimental feature and host setup recommendations. Changed * `PUT` requests on `/mmds` always return 204 on success. * `PUT` operations on `/network-interfaces` API resources no longer accept the previously required `state` parameter. * The jailer starts with `--seccomp-level=2` (was previously 0) by default. * Log messages use `anonymous-instance` as instance id if none is specified. Fixed * Fixed crash upon instance start on hosts without 1GB huge page support. * Fixed "fault_message" inconsistency between Open API specification and code base. * Ensure MMDS compatibility with C5's IMDS implementation. * Corrected the swagger specification to ensure `OpenAPI 2.0` compatibility.
PreviousNext