firecracker

Fixed

• Adapt T2 and C3 CPU templates for kernel 5.10. Firecracker was not previously
  masking some CPU features of the host or emulated by KVM, introduced in more
  recent kernels: umip, vmx, avx512_vnni.
• Fixed incorrect propagation of init parameters in kernel commandline.
  Related to:
  #2709.

Added

• Added --http-api-max-payload-size parameter to configure the maximum payload
  size for PUT and PATCH requests.
• Limit MMDS data store size to --http-api-max-payload-size.
• Cleanup all environment variables in Jailer.

Fixed

• Updated version of yanked third party dependency.

Added

• Added devtool build --ssh-keys flag to support fetching from private
  git repositories.
• Added option to configure block device flush.
• Added --new-pid-ns flag to the Jailer in order to spawn the Firecracker
  process in a new PID namespace.
• Added API metrics for GET, PUT and PATCH requests on /mmds endpoint.
• Added --describe-snapshot flag to Firecracker to fetch the data format
  version of a snapshot state file provided as argument.
• Added --no-seccomp parameter for disabling the default seccomp filters.
• Added --seccomp-filter parameter for supplying user-provided, custom filters.
• Added the seccompiler-bin binary that is used to compile JSON seccomp filters
  into serialized BPF for Firecracker consumption.
• Snapshotting support for GICv2 enabled guests.
• Added devtool install to deploy built binaries in /usr/local/bin or a
  given path.
• Added code logic to send VIRTIO_VSOCK_EVENT_TRANSPORT_RESET on snapshot
  creation, when the Vsock device is active. The event will close active
  connections on the guest.
• Added GET request on /vm/config that provides full microVM configuration
  as a JSON HTTP response.
• Added --resource-limit flag to jailer to limit resources such as: number of
  file descriptors allowed at a time (with a default value of 2048) and maximum
  size of files created by the process.

Changed

• Changed Docker images repository from DockerHub to Amazon ECR.
• Fixed off-by-one error in virtio-block descriptor address validation.
• Changed the PATCH request on /balloon/statistics to schedule the first
  statistics update immediately after processing the request.
• Deprecated the --seccomp-level parameter. It will be removed in a future
  release. Using it logs a runtime warning.
• Experimental gnu libc builds use empty default seccomp filters, allowing all
  system calls.

Fixed

• Fixed non-compliant check for the RTC device ensuring a fixed
  4-sized data buffer.
• Unnecessary interrupt assertion was removed from the RTC.
  However, a dummy interrupt is still allocated for snapshot
  compatibility reasons.
• Fixed the SIGPIPE signal handler so Firecracker no longer exits. The signal
  is still recorded in metrics and logs.
• Fixed ballooning API definitions by renaming all fields which mentioned "MB"
  to use "MiB" instead.
• Snapshot related host files (vm-state, memory, block backing files) are now
  flushed to their backing mediums as part of the CreateSnapshot operation.
• Fixed the SSBD mitigation not being enabled on aarch64 with the provided
  prod-host-setup.md.
• Fixed the balloon statistics not working after a snapshot restore event.
• The utc_timestamp_ms now reports the timestamp in ms from the UTC UNIX
  Epoch, as the name suggests. It was previously using a monotonic clock with
  an undefined starting point.

Fixed

• Fixed seccomp blocking syscalls necessary for Rust panics.

Fixed

• Fixed seccomp blocking syscalls necessary for Rust panics.

Changed

• Changed Docker images repository from DockerHub to Amazon ECR.

Fixed

• Snapshot related host files (vm-state, memory, block backing files) are now
  flushed to their backing mediums as part of the CreateSnapshot operation.
• Fixed race between vcpu initialization and emulation thread which could
  potentially lead to segmentation faults.
• Fixed the SSBD mitigation not being enabled on aarch64 with the provided
  prod-host-setup.md, by force-enabling it.

Fixed

• Fixed race between vcpu initialization and emulation thread which could
  potentially lead to segmentation faults.
• Fixed the SSBD mitigation not being enabled on aarch64 with the provided
  prod-host-setup.md, by force-enabling it.

Changed

• Changed Docker images repository from DockerHub to Amazon ECR.

Fixed

• Snapshot related host files (vm-state, memory, block backing files) are now
  flushed to their backing mediums as part of the CreateSnapshot operation.
• Fixed ballooning API definition by renaming all fields which mentioned "MB"
  to use "MiB" instead.

Fixed

• Fixed the SIGPIPE signal handler so Firecracker no longer exits. The signal
  is still recorded in metrics and logs.

Fixed

• Fixed the SIGPIPE signal handler so Firecracker no longer exits. The signal is still recorded in metrics and logs.

Fixed

• Fixed the reported used bytes for any virtio-block request.
• Fixed all virtio-block read/write operations to valid guest addresses
  with buffer length of 0 to result in no-op.

Fixed

• Fixed off-by-one error in virtio-block descriptor address validation.

Fixed

• Fixed off-by-one error in virtio-block descriptor address validation.

Fixed

• Fixed off-by-one error in virtio-block descriptor address validation.

Added

• Added optional resume_vm field to /snapshot/load API call.
• Added support for block rate limiter PATCH.
• Added devtool test -c|--cpuset-cpus flag for cpus confinement when tests
  run.
• Added devtool test -m|--cpuset-mems flag for memory confinement when tests
  run.
• Added the virtio traditional memory ballooning device.
• Added a mechanism to handle vCPU/VMM errors that result in process termination.
• Added incremental guest memory snapshot support.
• Added aarch64 snapshot support.

Changed

• Change the information provided in DescribeInstance command to provide microVM
  state information (Not started/Running/Paused) instead of whether it's started or not.
• Removed the jailer --extra-args parameter. It was a noop, having been
  replaced by the -- separator for extra arguments.
• Changed the output of the --version command line parameter to include a list
  of supported snapshot data format versions for the firecracker binary.
• Increased the maximum number of virtio devices from 11 to 19.
• Added a new check that prevents creating v0.23 snapshots when more than 11
  devices are attached.
• If the stdout buffer is full and non-blocking, the serial writes no longer block.
  Any new bytes will be lost, until the buffer is freed. The device also logs these
  errors and increments the uart.error_count metric for each lost byte.

Fixed

• Fixed inconsistency in YAML file InstanceInfo definition

Fixed

Fixed inconsistency in YAML file InstanceInfo definition

Fixed

Fixed inconsistency in YAML file InstanceInfo definition

Added

• Added full support for AMD CPUs (General Availability). More details here.
• Added snapshot-restore functionality (Developer preview). More details here.
• Added metric for throttled block device events.
• Added metrics for counting rate limiter throttling events.
• Added metric for counting MAC address updates.
• Added metrics for counting TAP read and write errors.
• Added metrics for counting RX and TX partial writes.
• Added metrics that measure the duration of pausing and resuming the microVM,
  from the VMM perspective.
• Added metric for measuring the duration of the last full snapshot created,
  from the VMM perspective.
• Added metric for measuring the duration of loading a snapshot, from the VMM
  perspective.
• Added metrics that measure the duration of pausing and resuming the microVM,
  from the API (user) perspective.
• Added metric for measuring the duration of the last full snapshot created,
  from the API (user) perspective.
• Added metric for measuring the duration of loading a snapshot, from the API
  (user) perspective.
• Added track_dirty_pages field to machine-config. If enabled, Firecracker
  can create incremental guest memory snapshots by saving the dirty guest pages
  in a sparse file.
• Added a new API call, PATCH /vm, for changing the microVM state (to
  Paused or Resumed).
• Added a new API call, PUT /snapshot/create, for creating a full snapshot.
• Added a new API call, PUT /snapshot/load, for loading a snapshot.
• Added new jailer command line argument --cgroup which allow the user to
  specify the cgroups that are going to be set by the Jailer.

Fixed

• Boot time on AMD achieves the desired performance (i.e under 150ms).

Changed

• The logger level field is now case-insensitive.
• Disabled boot timer device after restoring a snapshot.
• Enabled boot timer device only when specifically requested, by using the
  --boot-timer dedicated cmdline parameter.
• firecracker and jailer --version now gets updated on each devtool
  build to the output of git describe --dirty, if the git repo is available.
• MicroVM process is only attached to the cgroups defined by using --cgroups
  or the ones defined indirectly by using --node.

Fixed

• Limited serial device buffer size to maximum 64 bytes.