Secure and fast microVMs for serverless computing.
VcpuExit::MmioRead
, VcpuExit::MmioWrite
, VcpuExit::IoIn
and VcpuExit::IoOut
. The average for these VM exits is not emitted since it can be deduced from the available emitted metrics.--snapshot-version
flag to the Firecracker binary to see its supported snapshot version format. This change renders all previous Firecracker snapshots (up to Firecracker version v1.6.0) incompatible with the current Firecracker version.page_size_kib
field. See also the hugepages documentation.PATCH
requests to the /machine-config
endpoint transactional, meaning Firecracker's configuration will be unchanged if the request returns an error. This fixes a bug where a microVM with incompatible balloon and guest memory size could be booted, due to the check for this condition happening after Firecracker's configuration was updated.net
, each individual net device will emit metrics under the label "net_{iface_id}"
. E.g. the associated metrics for the endpoint "/network-interfaces/eth0"
will be available under "net_eth0"
in the metrics json object.block
, each individual block device will emit metrics under the label "block_{drive_id}"
. E.g. the associated metrics for the endpoint "/drives/{drive_id}"
will be available under "block_drive_id"
in the metrics json object.vm-state
subcommand to info-vmstate
command in the snapshot-editor
tool to print MicrovmState of vmstate snapshot file in a readable format. Also made the vcpu-states
subcommand available on x86_64."vhost_user_{device}_{drive_id}"
.--parent-cgroup
will move the process to that cgroup if no cgroup
options are provided.mem_file_path
to the path of the pre-existing full snapshot.rebase-snap
tool is now deprecated. Users should use snapshot-editor
for rebasing diff snapshots.--show-log-origin
option, preventing it from printing the source code file of the log messages.--no-api
.--level
option of logger to Pascal-cased values (e.g. accepting “Info”, but not “info”). It now ignores case again.mem_file_path
to be the path of the memory file from which the microvm was restored would result in both the microvm and the snapshot being corrupted. It now instead performs a “write-back” of all memory that was updated since the snapshot was originally loaded.--parent-cgroup
option, which results in it being ignored by the jailer. Refer to the jailer documentation for a workaround.--show-log-origin
option, preventing it from printing the source code file of the log messages.--no-api
.--level
option of logger to Pascal-cased values (e.g. accepting "Info", but not "info"). It now ignores case again.snapshot-editor
tool for modifications of snapshot files. It allows for rebasing of memory snapshot files, printing and removing aarch64 registers from the vmstate and obtaining snapshot version.vcpu_features
field allows modifications of vCPU features enabled during vCPU initialization. kvm_capabilities
field allows modifications of KVM capability checks that Firecracker performs during boot. If any of these fields are in use, minimal target snapshot version is restricted to 1.5.bitmap
for custom CPU templates to allow usage of '_' as a separator.cpu-template-helper
tool to operate bitwise.RLIMIT_NOFILE
many fds (or 2048 if no limit is set). This avoids the kernel reallocating the fdtable during Firecracker operations, resulting in a 30ms to 70ms reduction of snapshot restore times for medium to large microVMs with many devices attached.cpu-template-helper
tool not to enumerate program counter (PC) on ARM because it is determined by the given kernel image and it is useless in the custom CPU template context.version
body field in PUT
on /snapshot/create
request in deprecated.cpu_template
field in PUT
and PATCH
requests on /machine-config
API, which is used to set a static CPU template. Custom CPU templates added in v1.4.0 are available as an improved iteration of the static CPU templates. For more information about the transition from static CPU templates to custom CPU templates, please refer to this GitHub discussion.Warn
to Info
. This results in more logs being output by default.nomodule
param passed in the default kernel command line parameters. This is a breaking change for setups that use the default kernel command line which also depend on being able to load kernel modules at runtime. This may also break setups which use the default kernel command line and which use an init binary that inadvertently depends on the misspelled param ("nomodules") being present at the command line, since this param will no longer be passed.Fixed
Added
virtio-rng
entropy device. The device is optional. A
single device can be enabled per VM using the /entropy
endpoint.cpu-template-helper
tool for assisting with creating and managing
custom CPU templates.Changed
Fixed
api_event_fd
.Fixed
Changed
Fixed
api_event_fd
.Fixed
api_event_fd
.Fixed
target_version = 1.3.0
failing with the
message "Cannot translate microVM version to snapshot data version".