Tags: pb8o/firecracker
Tags
Added * Introduced T2CL (Intel) and T2A (AMD) CPU templates to provide instruction set feature parity between Intel and AMD CPUs when using these templates. * Added Graviton3 support (c7g instance type). Changed * Improved error message when invalid network backend provided. * Upgraded Rust toolchain from 1.64.0 to 1.66.0. Fixed * Fixed feature flags in T2 CPU template on Intel Ice Lake.
Added * Added a new CPU template called `T2S`. This exposes the same CPUID as `T2` to the Guest and also overwrites the `ARCH_CAPABILITIES` MSR to expose a reduced set of capabilities. With regards to hardware vulnerabilities and mitigations, the Guest vCPU will apear to look like a Skylake CPU, making it safe to snapshot uVMs running on a newer host CPU (Cascade Lake) and restore on a host that has a Skylake CPU. * Added a new CLI option `--metrics-path PATH`. It accepts a file parameter where metrics will be sent to. * Added baselines for m6i.metal and m6a.metal for all long running performance tests. * Releases now include debuginfo files. Changed * Changed the jailer option `--exec-file` to fail if the filename does not contain the string `firecracker` to prevent from running non-firecracker binaries. * Upgraded Rust toolchain from 1.52.1 to 1.64.0. * Switched to specifying our dependencies using caret requirements instead of comparison requirements. * Updated all dependencies to their respective newest versions. Fixed * Made the `T2` template more robust by explicitly disabling additional CPUID flags that should be off but were missed initially or that were not available in the spec when the template was created. * Now MAC address is correctly displayed when queried with GET `/vm/config` if left unspecified in both pre and post snapshot states. * Fixed a self-DoS scenario in the virtio-queue code by reporting and terminating execution when the number of available descriptors reported by the driver is higher than the queue size. * Fixed the bad handling of kernel cmdline parameters when init arguments were provided in the `boot_args` field of the JSON body of the PUT `/boot-source` request. * Fixed a bug on ARM64 hosts where the upper 64bits of the V0-V31 FL/SIMD registers were not saved correctly when taking a snapshot, potentially leading to data loss. This change invalidates all ARM64 snapshots taken with versions of Firecracker <= 1.1.3. * Improved stability and security when saving CPU MSRs in snapshots.
Added * Add a new CPU template called `T2S`. This exposes the same CPUID as `T2` to the Guest and also overwrites the `ARCH_CAPABILITIES` MSR to expose a reduced set of capabilities. With regards to hardware vulnerabilities and mitigations, the Guest vCPU will apear to look like a Skylake CPU, making it safe to snapshot uVMs running on a newer host CPU (Cascade Lake) and restore on a host that has a Skylake CPU. Fixed * Make the `T2` template more robust by explicitly disabling additional CPUID flags that should be off but were missed initially or that were not available in the spec when the template was created.
Added * The API `PATCH` methods for `machine-config` can now be used to reset the `cpu_template` to `"None"`. Until this change there was no way to reset the `cpu_template` once it was set. * Added a `rebase-snap` tool for rebasing a diff snapshot over a base snapshot. * Mmds version is persisted across snapshot-restore. Snapshot compatibility is preserved bidirectionally, to and from a Firecracker version that does not support persisting the Mmds version. In such cases, the default V1 option is used. * Added `--mmds-size-limit` for limiting the mmds data store size instead of piggy-backing on `--http-api-max-payload-size`. If left unconfigured it defaults to the value of `--http-api-max-payload-size`, to provide backwards compatibility. * Added optional `mem_backend` body field in `PUT` requests on `/snapshot/load`. This new parameter is an object that defines the configuration of the backend responsible for handling memory loading during snapshot restore. The `mem_backend` parameter contains `backend_type` and `backend_path` required fields. `backend_type` is an enum that can take either `File` or `Uffd` as value. Interpretation of `backend_path` field depends on the value of `backend_type`. If `File`, then the user must provide the path to file that contains the guest memory to be loaded. Otherwise, if `backend_type` is `Uffd`, then `backend_path` is the path to a unix domain socket where a custom page fault handler process is listening and expecting a UFFD to be sent by Firecracker. The UFFD is used to handle the guest memory page faults in the separate process. * Added logging for the snapshot/restore and async block device IO engine features to indicate they are in development preview. Changed * The API `PATCH` method for `/machine-config` can be now used to change `track_dirty_pages` on aarch64. * MmdsV2 is now Generally Available. * MmdsV1 is now deprecated and will be removed in Firecracker v2.0.0. Use MmdsV2 instead. * Deprecated `mem_file_path` body field in `PUT` on `/snapshot/load` request. Fixed * Fixed inconsistency that allowed the start of a microVM from a JSON file without specifying the `vcpu_count` and `mem_size_mib` parameters for `machine-config` although they are mandatory when configuring via the API. Now these fields are mandatory when specifying `machine-config` in the JSON file and when using the `PUT` request on `/machine-config`. * Fixed inconsistency that allowed a user to specify the `cpu_template` parameter and set `smt` to `True` in `machine-config` when starting from a JSON file on aarch64 even though they are not permitted when using `PUT` or `PATCH` in the API. Now Firecracker will return an error on aarch64 if `smt` is set to `True` or if `cpu_template` is specified. * Fixed inconsistent behaviour of the `PUT` method for `/machine-config` that would reset the `track_dirty_pages` parameter to `false` if it was not specified in the JSON body of the request, but left the `cpu_template` parameter intact if it was not present in the request. Now a `PUT` request for `/machine-config` will reset all optional parameters (`smt`, `cpu_template`, `track_dirty_pages`) to their default values if they are not specified in the `PUT` request. * Fixed incosistency in the swagger definition with the current state of the `/vm/config` endpoint.
Added * Added jailer option `--parent-cgroup <relative_path>` to allow the placement of microvm cgroups in custom cgroup nested hierarchies. The default value is `<exec-file>` which is backwards compatible to the behavior before this change. * Added jailer option `--cgroup-version <1|2>` to support running the jailer on systems that have cgroup-v2. Default value is `1` which means that if `--cgroup-version` is not specified, the jailer will try to create cgroups on cgroup-v1 hierarchies only. * Added `--http-api-max-payload-size` parameter to configure the maximum payload size for PUT and PATCH requests. * Limit MMDS data store size to `--http-api-max-payload-size`. * Cleanup all environment variables in Jailer. * Added metrics for accesses to deprecated HTTP and command line API endpoints. * Added permanent HTTP endpoint for `GET` on `/version` for getting the Firecracker version. * Added `--metadata` parameter to enable MMDS content to be supplied from a file allowing the MMDS to be used when using `--no-api` to disable the API server. * Checksum file for the release assets. * Added support for custom headers to MMDS requests. Accepted headers are: `X-metadata-token`, which accepts a string value that provides a session token for MMDS requests; and `X-metadata-token-ttl-seconds`, which specifies the lifetime of the session token in seconds. * Support and validation for host and guest kernel 5.10. * A [kernel support policy](docs/kernel-policy.md). * Added `io_engine` to the pre-boot block device configuration. Possible values: `Sync` (the default option) or `Async` (only available for kernels newer than 5.10.51). The `Async` variant introduces a block device engine that uses io_uring for executing requests asynchronously, which is in **developer preview** (NOT for production use). See `docs/api_requests/block-io-engine.md`. * Added `block.io_engine_throttled_events` metric for measuring the number of virtio events throttled because of the IO engine. * New optional `version` field to PUT requests towards `/mmds/config` to configure MMDS version. Accepted values are `V1` and `V2` and default is `V1`. MMDS `V2` is **developer preview only** (NOT for production use) and it does not currently work after snapshot load. * Mandatory `network_interfaces` field to PUT requests towards `/mmds/config` which contains a list of network interface IDs capable of forwarding packets to MMDS. Changed * Removed the `--node` jailer parameter. * Deprecated `vsock_id` body field in `PUT`s on `/vsock`. * Removed the deprecated the `--seccomp-level parameter`. * `GET` requests to MMDS require a session token to be provided through `X-metadata-token` header when using V2. * Allow `PUT` requests to MMDS in order to generate a session token to be used for future `GET` requests when version 2 is used. * Remove `allow_mmds_requests` field from the request body that attaches network interfaces. Specifying interfaces that allow forwarding requests to MMDS is done by adding the network interface's ID to the `network_interfaces` field of PUT `/mmds/config` request's body. * Renamed `/machine-config` `ht_enabled` to `smt`. * `smt` field is now optional on PUT `/machine-config`, defaulting to `false`. * Configuring `smt: true` on aarch64 via the API is forbidden. Fixed * Fixed incorrect propagation of init parameters in kernel commandline. Related to: [firecracker-microvm#2709](firecracker-microvm#2709). * Adapt T2 and C3 CPU templates for kernel 5.10. Firecracker was not previously masking some CPU features of the host or emulated by KVM, introduced in more recent kernels: `umip`, `vmx`, `avx512_vnni`. * Fix jailer's cgroup implementation to accept properties that contain multiple dots.
PreviousNext