QAT device plugin has some initialization functions that require
special SecurityContext parameters (e.g., setting Apparmor policies
on some OSes).
It's better to move all of the initialization to the privileged
init-container that is already taking care some parts of it.
With this change, we default to vfio-pci "DpdkDrv".
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
The check_config function previously only considered the
ServicesEnabled variable. Improve the logic of the function so
that other variables can also be set through the qat.conf file.
Signed-off-by: Hyeongju Johannes Lee <hyeongju.lee@intel.com>
The Toybox images had two issues:
1. Distroless does not support /bin -> /usr/bin so we needed to
create it manually to get /bin/bash for Toybox. However, with this
Openshift image validation complains that we are touching the "base"
image.
2. We could not use buildkit since it fails with /bin symlink
copied over /bin directory from Distroless.
The simple fix is just to move away from all /bin/sh and /bin/bash
and use "/usr/bin/env bash" to resolve the path instead. This allows
to keep /bin untouched.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
QAT_401xx is a derivative of 4xxx. Add support for that device
by including the device IDs (both PF and VF).
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
