diff --git a/CHANGELOG.md b/CHANGELOG.md index 5d1002e99c1..ead297b7b84 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -32,6 +32,9 @@ and this project adheres to Clarified what CPU models are supported by each existing CPU template. Firecracker exits with an error if a CPU template is used on an unsupported CPU model. +- [#5165](https://github.com/firecracker-microvm/firecracker/pull/5165): Changed + Firecracker snapshot feature from developer preview to generally available. + Incremental snapshots remain in developer preview. ### Deprecated diff --git a/docs/snapshotting/snapshot-support.md b/docs/snapshotting/snapshot-support.md index 18d3799da2d..f6bcd5bb883 100644 --- a/docs/snapshotting/snapshot-support.md +++ b/docs/snapshotting/snapshot-support.md @@ -39,12 +39,13 @@ workload at that particular point in time. ### Supported platforms -> [!WARNING] -> -> The Firecracker snapshot feature is in -> [developer preview](../RELEASE_POLICY.md) on all CPU micro-architectures -> listed in [README](../../README.md#supported-platforms). See -> [this section](#developer-preview-status) for more info. +The Firecracker snapshot feature is supported on all CPU micro-architectures +listed in [README](../../README.md#supported-platforms). + +[!WARNING] + +Diff snapshot support is in developer preview. See +[this section](#developer-preview-status) for more info. ### Overview @@ -116,13 +117,8 @@ all [supported platforms](../../README.md#tested-platforms). ### Developer preview status -The snapshot functionality is still in developer preview due to the following: - -- Poor entropy and replayable randomness when resuming multiple microvms from - the same snapshot. We do not recommend to use snapshotting in production if - there is no mechanism to guarantee proper secrecy and uniqueness between - guests. Please see - [Snapshot security and uniqueness](#snapshot-security-and-uniqueness). +Diff snapshots are still in developer preview while we are diving deep into how +the feature can be combined with guest_memfd support in Firecracker. ### Limitations @@ -528,7 +524,7 @@ For more information please see [this doc](random-for-clones.md) ### Usage examples -#### Example 1: secure usage (currently in dev preview) +#### Example 1: secure usage ```console Boot microVM A -> ... -> Create snapshot S -> Terminate diff --git a/src/vmm/src/rpc_interface.rs b/src/vmm/src/rpc_interface.rs index 127b75e594e..d868c022dd2 100644 --- a/src/vmm/src/rpc_interface.rs +++ b/src/vmm/src/rpc_interface.rs @@ -557,8 +557,6 @@ impl<'a> PrebootApiController<'a> { &mut self, load_params: &LoadSnapshotParams, ) -> Result { - log_dev_preview_warning("Virtual machine snapshots", Option::None); - let load_start_us = get_time_us(ClockType::Monotonic); if self.boot_path { @@ -592,15 +590,9 @@ impl<'a> PrebootApiController<'a> { // Set the VM self.built_vmm = Some(vmm); - log_dev_preview_warning( - "Virtual machine snapshots", - Some(format!( - "'load snapshot' VMM action took {} us.", - update_metric_with_elapsed_time( - &METRICS.latencies_us.vmm_load_snapshot, - load_start_us - ) - )), + debug!( + "'load snapshot' VMM action took {} us.", + update_metric_with_elapsed_time(&METRICS.latencies_us.vmm_load_snapshot, load_start_us) ); Ok(VmmData::Empty) @@ -753,15 +745,15 @@ impl RuntimeApiController { &mut self, create_params: &CreateSnapshotParams, ) -> Result { - log_dev_preview_warning("Virtual machine snapshots", None); - - if create_params.snapshot_type == SnapshotType::Diff - && !self.vm_resources.machine_config.track_dirty_pages - { - return Err(VmmActionError::NotSupported( - "Diff snapshots are not allowed on uVMs with dirty page tracking disabled." - .to_string(), - )); + if create_params.snapshot_type == SnapshotType::Diff { + log_dev_preview_warning("Virtual machine diff snapshots", None); + + if !self.vm_resources.machine_config.track_dirty_pages { + return Err(VmmActionError::NotSupported( + "Diff snapshots are not allowed on uVMs with dirty page tracking disabled." + .to_string(), + )); + } } let mut locked_vmm = self.vmm.lock().unwrap();