Merge branch 'main' into 4534

firecracker-microvm · Jul 22, 2024 · 10d37e7 · 10d37e7
2 parents d7c0a7d + d5d67b5
commit 10d37e7
Show file tree

Hide file tree

Showing 61 changed files with 326 additions and 18,083 deletions.
diff --git a/.buildkite/common.py b/.buildkite/common.py
@@ -23,7 +23,6 @@
 ]
 
 DEFAULT_PLATFORMS = [
-    ("al2", "linux_4.14"),
     ("al2", "linux_5.10"),
     ("al2023", "linux_6.1"),
 ]

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -14,6 +14,14 @@ and this project adheres to
 
 ### Deprecated
 
+### Removed
+
+- [#4689](https://github.com/firecracker-microvm/firecracker/pull/4689): Drop
+  support for host kernel 4.14. Linux 4.14 reached end-of-life in
+  [January 2024](https://lore.kernel.org/lkml/2024011046-ecology-tiptoeing-ce50@gregkh/).
+  The minimum supported kernel now is 5.10. Guest kernel 4.14 is still
+  supported.
+
 ### Fixed
 
 ## \[1.8.0\]
@@ -140,10 +148,12 @@ and this project adheres to
   supported snapshot version format. This change renders all previous
   Firecracker snapshots (up to Firecracker version v1.6.0) incompatible with the
   current Firecracker version.
+
 - [#4449](https://github.com/firecracker-microvm/firecracker/pull/4449): Added
   information about page size to the payload Firecracker sends to the UFFD
   handler. Each memory region object now contains a `page_size_kib` field. See
   also the [hugepages documentation](docs/hugepages.md).
+
 - [#4498](https://github.com/firecracker-microvm/firecracker/pull/4498): Only
   use memfd to back guest memory if a vhost-user-blk device is configured,
   otherwise use anonymous private memory. This is because serving page faults of

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/README.md b/README.md
@@ -132,9 +132,9 @@ We test all combinations of:
 
 | Instance  | Host OS & Kernel  | Guest Rootfs | Guest Kernel |
 | :-------- | :---------------- | :----------- | :----------- |
-| c5n.metal | al2    linux_4.14 | ubuntu 22.04 | linux_4.14   |
-| m5n.metal | al2    linux_5.10 |              | linux_5.10   |
-| m6i.metal | al2023 linux_6.1  |              |              |
+| c5n.metal | al2    linux_5.10 | ubuntu 22.04 | linux_4.14   |
+| m5n.metal | al2023 linux_6.1  |              | linux_5.10   |
+| m6i.metal |                   |              |              |
 | m6a.metal |                   |              |              |
 | m6g.metal |                   |              |              |
 | m7g.metal |                   |              |              |

diff --git a/docs/kernel-policy.md b/docs/kernel-policy.md
@@ -9,7 +9,7 @@ We are continuously validating the currently supported Firecracker releases (as
 per [Firecracker’s release policy](../docs/RELEASE_POLICY.md)) using a
 combination of:
 
-- host linux kernel versions 4.14, 5.10, and 6.1;
+- host linux kernel versions 5.10, and 6.1;
 - guest linux kernel versions 4.14, and 5.10.
 
 While other versions and other kernel configs might work, they are not
@@ -23,7 +23,6 @@ release only if compatibility changes are required.
 
 | Host kernel | Guest kernel v4.14 | Guest kernel v5.10 | Min. end of support |
 | ----------: | :----------------: | :----------------: | ------------------: |
-|       v4.14 |         Y          |         Y          |          2021-01-22 |
 |       v5.10 |         Y          |         Y          |          2024-01-31 |
 |        v6.1 |         Y          |         Y          |          2025-10-12 |
 
@@ -121,10 +120,6 @@ following configurations:
 
 ## Caveats
 
-- When using a 4.14 host and a 5.10 guest, we disable the SVE extension in the
-  guest. This is due to the introduction of the SVE extension in Graviton3,
-  which causes the default 5.10 guest (with SVE support enabled), to crash if
-  run with a 4.14 host which does not support SVE.
 - [Snapshot compatibility across kernel versions](snapshotting/snapshot-support.md#snapshot-compatibility-across-kernel-versions)
 - When booting with kernels that support both ACPI and legacy boot mechanisms
   Firecracker passes VirtIO devices to the guest twice, once through ACPI and a

diff --git a/docs/network-setup.md b/docs/network-setup.md
@@ -51,14 +51,22 @@ sudo iptables-save > iptables.rules.old
 Before starting the guest, configure the network interface using Firecracker's
 API:
 
+**Note:** If you use the rootfs from the
+[getting started guide](getting-started.md), you need to use a specific `MAC`
+address like `06:00:AC:10:00:02`. In this `MAC` address, the last 4 bytes
+(`AC:10:00:02`) will represent the IP address of the guest. In the default case,
+it is `172.16.0.2`. Otherwise, you can skip the `guest_mac` field for network
+configuration. This way, the guest will generate a random MAC address on
+startup.
+
 ```bash
 curl --unix-socket /tmp/firecracker.socket -i \
   -X PUT 'http://localhost/network-interfaces/eth0' \
   -H 'Accept: application/json' \
   -H 'Content-Type: application/json' \
   -d '{
       "iface_id": "eth0",
-      "guest_mac": "AA:FC:00:00:00:01",
+      "guest_mac": "06:00:AC:10:00:02",
       "host_dev_name": "tap0"
     }'
 ```
@@ -70,14 +78,14 @@ configuration file like this:
 "network-interfaces": [
   {
     "iface_id": "eth0",
-    "guest_mac": "AA:FC:00:00:00:01",
+    "guest_mac": "06:00:AC:10:00:02",
     "host_dev_name": "tap0"
   }
 ],
 ```
 
 Alternatively, if you are using firectl, add
---tap-device=tap0/AA:FC:00:00:00:01\` to your command line.
+--tap-device=tap0/06:00:AC:10:00:02\` to your command line.
 
 ## In The Guest
 

diff --git a/docs/snapshotting/handling-page-faults-on-snapshot-resume.md b/docs/snapshotting/handling-page-faults-on-snapshot-resume.md
@@ -24,9 +24,9 @@ descriptor object (UFFD).
 
 ### Creating a UFFD object
 
-#### Kernels 4.14 and 5.10
+#### Kernel 5.10
 
-For (host) kernels 4.14 and 5.10 UFFD objects are created by calling into
+For host kernel 5.10 UFFD objects are created by calling into
 [`userfaultfd` syscall](https://man7.org/linux/man-pages/man2/userfaultfd.2.html).
 
 #### Kernel 6.1

diff --git a/docs/snapshotting/snapshot-support.md b/docs/snapshotting/snapshot-support.md
@@ -664,8 +664,6 @@ m6i won't work on an m6g instance.
 
 | *CPU family* | *taken on host kernel* | *restored on host kernel* | *working?* |
 | ------------ | ---------------------- | ------------------------- | ---------- |
-| **x86_64**   | 4.14                   | 5.10                      | Y          |
-| **all**      | 5.10                   | 4.14                      | N          |
 | **all**      | 5.10                   | 6.1                       | Y          |
 | **all**      | 6.1                    | 5.10                      | Y          |
 

diff --git a/docs/snapshotting/versioning.md b/docs/snapshotting/versioning.md
@@ -85,10 +85,9 @@ The current implementation relies on the
 
 ### Host kernel
 
-The minimum kernel version required by Firecracker snapshots is 4.14. Snapshots
-can be saved and restored on the same kernel version without any issues. There
-might be issues when restoring snapshots created on different host kernel
-version even when using the same Firecracker version.
+Snapshots can be saved and restored on the same kernel version without any
+issues. There might be issues when restoring snapshots created on different host
+kernel version even when using the same Firecracker version.
 
 SnapshotCreate and SnapshotLoad operations across different host kernels is
 considered unstable in Firecracker as the saved KVM state might have different