snapshot: remove full snapshot feature from development preview

Declare full snapshots as fully supported. Diff snapshots remain in
development preview status, as we wait to see how these will play with
secret hiding.

Signed-off-by: Babis Chalios <[email protected]>

Author: bchalios

CHANGELOG.md

@@ -32,6 +32,9 @@ and this project adheres to
   Clarified what CPU models are supported by each existing CPU template.
   Firecracker exits with an error if a CPU template is used on an unsupported
   CPU model.
+- [#5165](https://github.com./firecracker-microvm/firecracker/pull/5165): Changed
+  Firecracker snapshot feature from developer preview to generally available.
+  Incremental snapshots remain in developer preview.
 
 ### Deprecated
 

docs/snapshotting/snapshot-support.md

@@ -8,7 +8,6 @@
   - [Overview](#overview)
   - [Snapshot files management](#snapshot-files-management)
   - [Performance](#performance)
-  - [Developer preview status](#developer-preview-status)
   - [Limitations](#limitations)
 - [Firecracker Snapshotting characteristics](#firecracker-snapshotting-characteristics)
 - [Snapshot versioning](#snapshot-versioning)
@@ -39,13 +38,6 @@ workload at that particular point in time.
 
 ### Supported platforms
 
-> [!WARNING]
->
-> The Firecracker snapshot feature is in
-> [developer preview](../RELEASE_POLICY.md) on all CPU micro-architectures
-> listed in [README](../../README.md#supported-platforms). See
-> [this section](#developer-preview-status) for more info.
-
 ### Overview
 
 A Firecracker microVM snapshot can be used for loading it later in a different
@@ -114,16 +106,6 @@ The Firecracker snapshot create/resume performance depends on the memory size,
 vCPU count and emulated devices count. The Firecracker CI runs snapshot tests on
 all [supported platforms](../../README.md#tested-platforms).
 
-### Developer preview status
-
-The snapshot functionality is still in developer preview due to the following:
-
-- Poor entropy and replayable randomness when resuming multiple microvms from
-  the same snapshot. We do not recommend to use snapshotting in production if
-  there is no mechanism to guarantee proper secrecy and uniqueness between
-  guests. Please see
-  [Snapshot security and uniqueness](#snapshot-security-and-uniqueness).
-
 ### Limitations
 
 - High snapshot latency on 5.4+ host kernels due to cgroups V1. We strongly
@@ -528,7 +510,7 @@ For more information please see [this doc](random-for-clones.md)
 
 ### Usage examples
 
-#### Example 1: secure usage (currently in dev preview)
+#### Example 1: secure usage
 
 ```console
 Boot microVM A -> ... -> Create snapshot S -> Terminate

src/vmm/src/rpc_interface.rs

@@ -557,8 +557,6 @@ impl<'a> PrebootApiController<'a> {
         &mut self,
         load_params: &LoadSnapshotParams,
     ) -> Result<VmmData, LoadSnapshotError> {
-        log_dev_preview_warning("Virtual machine snapshots", Option::None);
-
         let load_start_us = get_time_us(ClockType::Monotonic);
 
         if self.boot_path {
@@ -592,15 +590,9 @@ impl<'a> PrebootApiController<'a> {
         // Set the VM
         self.built_vmm = Some(vmm);
 
-        log_dev_preview_warning(
-            "Virtual machine snapshots",
-            Some(format!(
-                "'load snapshot' VMM action took {} us.",
-                update_metric_with_elapsed_time(
-                    &METRICS.latencies_us.vmm_load_snapshot,
-                    load_start_us
-                )
-            )),
+        debug!(
+            "'load snapshot' VMM action took {} us.",
+            update_metric_with_elapsed_time(&METRICS.latencies_us.vmm_load_snapshot, load_start_us)
         );
 
         Ok(VmmData::Empty)
@@ -753,15 +745,15 @@ impl RuntimeApiController {
         &mut self,
         create_params: &CreateSnapshotParams,
     ) -> Result<VmmData, VmmActionError> {
-        log_dev_preview_warning("Virtual machine snapshots", None);
-
-        if create_params.snapshot_type == SnapshotType::Diff
-            && !self.vm_resources.machine_config.track_dirty_pages
-        {
-            return Err(VmmActionError::NotSupported(
-                "Diff snapshots are not allowed on uVMs with dirty page tracking disabled."
-                    .to_string(),
-            ));
+        if create_params.snapshot_type == SnapshotType::Diff {
+            log_dev_preview_warning("Virtual machine diff snapshots", Option::None);
+
+            if !self.vm_resources.machine_config.track_dirty_pages {
+                return Err(VmmActionError::NotSupported(
+                    "Diff snapshots are not allowed on uVMs with dirty page tracking disabled."
+                        .to_string(),
+                ));
+            }
         }
 
         let mut locked_vmm = self.vmm.lock().unwrap();