3.6.0

kata-containers/kata-containers

版本发布时间: 2024-06-18 04:12:53

kata-containers/kata-containers最新发布版本:3.8.0(2024-08-22 00:44:43)

Survey

Please take the Kata Containers survey:

https://openinfrafoundation.formstack.com/forms/kata_containers_user_survey

This will help the Kata Containers community understand:

how you use Kata Containers
what features and improvements you would like to see in Kata Containers

Libseccomp Notices

The kata-agent binaries inside the Kata Containers images provided with this release are statically linked with the following GNU LGPL-2.1 licensed libseccomp library.

libseccomp

The kata-agent uses the libseccomp v2.5.5 which is not modified from the upstream version. However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.

Kata Containers builder images

agent (on all its different flavours): quay.io/kata-containers/builders:agent-d0b0004ce-c99ba42d6-x86_64
Kernel (on all its different flavours): quay.io/kata-containers/builders:kernel-c95ae5a50-x86_64
OVMF (on all its different flavours): quay.io/kata-containers/builders:ovmf-c99ba42d6-x86_64
QEMU (on all its different flavurs): quay.io/kata-containers/builders:qemu-c99ba42d6-x86_64
shim-v2: quay.io/kata-containers/builders:shim-v2-go-1.22.2-rust-1.75.0-25c784c56-x86_64
tools: quay.io/kata-containers/builders:tools-b6a28bd93-27685c91e-3a0247ed4-c99ba42d6-x86_64
virtiofsd: quay.io/kata-containers/builders:virtiofsd-1.72.0-musl-c99ba42d6-x86_64

Installation

Follow the Kata installation instructions.

What's Changed

gpu: Add build targets for GPU rootfs initrd/image by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9618
tests: Add k8s negative policy test by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9438
CI: Use --abbrev=9 explicitly for abbreviated commit hash by @BbolroC in https://github.com/kata-containers/kata-containers/pull/9638
gha: Fix indentation in gha run k8s common by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9627
metrics: Fix random write value for FIO by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9610
version: Bump nydus snapshotter to v0.13.13 by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/9636
deploy: Add artefact repository by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9617
Tag component caches by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9550
workflow: Remove if from env conditional by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9644
ci: cache: Fix unbound variable by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9647
metrics: Update launch times script by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9615
Caching tagging update part iii by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9650
tests: pull-image: Only skip tests for TEEs by @fidencio in https://github.com/kata-containers/kata-containers/pull/9613
CI: Append arch type to initramfs-cryptsetup image by @BbolroC in https://github.com/kata-containers/kata-containers/pull/9655
ci: cache: Filter out non-printable characters from tag by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9659
Fix launch times timestamp generation. by @dborquez in https://github.com/kata-containers/kata-containers/pull/9662
Revert "ci: azure: Workaround azure cli installation script" by @fidencio in https://github.com/kata-containers/kata-containers/pull/9673
TEEs: Use shared_fs=none for TDX by @fidencio in https://github.com/kata-containers/kata-containers/pull/9315
fix: kata-deploy.sh VERSION_ID unbound-variable by @networkhermit in https://github.com/kata-containers/kata-containers/pull/9671
gha: release: Set inherit secrets on tarball builds by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9675
genpolicy: detect empty string in ns as default by @malt3 in https://github.com/kata-containers/kata-containers/pull/9660
gha: Add support to install KBS to k8s TDX GHA workflow by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9452
CI: Migrate vfio-ap test files from tests repo by @BbolroC in https://github.com/kata-containers/kata-containers/pull/9658
runtime: Disable number of cpu comparison on remote hypervisor scenario by @ajaypvictor in https://github.com/kata-containers/kata-containers/pull/9657
build(deps): bump github.com/containerd/containerd from 1.7.11 to 1.7.16 in /src/runtime in the go_modules group across 1 directory by @dependabot in https://github.com/kata-containers/kata-containers/pull/9635
runtime: fix duplicated devices requested to the agent by @cncal in https://github.com/kata-containers/kata-containers/pull/9624
runtime: Add missing check in ResizeMemory for CH by @cmaf in https://github.com/kata-containers/kata-containers/pull/9641
runtime-rs: Drop some useless QEMU arguments by @gkurz in https://github.com/kata-containers/kata-containers/pull/9642
runtime: tdx: Allow default_{cpu,memory} annotations by @fidencio in https://github.com/kata-containers/kata-containers/pull/9682
runtime: Enable connection to Quote Generation Service (QGS) by @JakubLedworowski in https://github.com/kata-containers/kata-containers/pull/9653
ci: cache: Add arch suffix to all cache tags by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9684
tests: Fix indentation in confidential common script by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9685
gha: Enable install kbs and coco components for TDX, but still skip the CDH test by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9681
metrics: Fix minvalue for boot time by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9686
tests/k8s: skip custom DNS tests on confidential jobs by @wainersm in https://github.com/kata-containers/kata-containers/pull/9696
build(deps): bump golang.org/x/net from 0.24.0 to 0.25.0 in /src/runtime in the go_modules group across 1 directory by @dependabot in https://github.com/kata-containers/kata-containers/pull/9680
tests/k8s: disable "fail-fast" behavior by default by @wainersm in https://github.com/kata-containers/kata-containers/pull/9698
kata-agent: update env PCIDEVICE___INFO by @l8huang in https://github.com/kata-containers/kata-containers/pull/9605
runtime-rs: Remove obsoleted dial_timeout config by @justxuewei in https://github.com/kata-containers/kata-containers/pull/9690
runtime: make kata-runtime check error more understandable when /dev/kvm doesn't exist by @cncal in https://github.com/kata-containers/kata-containers/pull/9583
agent: collect PCI address mapping for both vfio-pci-gk and vfio-pci device by @l8huang in https://github.com/kata-containers/kata-containers/pull/9687
runtime-rs: add QMP support for Qemu(part I) by @Apokleos in https://github.com/kata-containers/kata-containers/pull/9604
Adjust indentation in ifneq statements within Makefile in runtime-rs by @sidneychang in https://github.com/kata-containers/kata-containers/pull/9693
runtime-rs: document architecture & implementation conventions in qem… by @pmores in https://github.com/kata-containers/kata-containers/pull/9656
kata-agent: CreateContainer Hook by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9268
kata-deploy / kata-cleanup / ci: Fixes and improvements to kata-deploy / kata-cleanup and its usage in the CI by @fidencio in https://github.com/kata-containers/kata-containers/pull/9721
gpu: reintroduce pcie_root_port and add pcie_switch_port by @zvonkok in https://github.com/kata-containers/kata-containers/pull/8861
ci: ovmf without sudo by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9727
ci.ocp: Document openshift pipeline and manual bisection by @ldoktor in https://github.com/kata-containers/kata-containers/pull/9414
vfio: Fix hot-unplug by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9723
ci: guest-components without sudo by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9728
metrics: Improve variable definition in memory usage script by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9677
ci: qemu no sudo by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9736
ci: tools no sudo by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9733
kata-manager: Copy cni files under /opt/cni by @amshinde in https://github.com/kata-containers/kata-containers/pull/9679
ci: kernel no sudo by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9730
ci: build agent without sudo by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9729
ci: initramfs no sudo by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9739
ci: virtiofsd no sudo by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9734
ci: pause-image no sudo by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9731
ci: shim-v2 no sudo by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9732
ci: Fix tools builder images by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9743
runtime-rs: Add RNG to QEMU cmdline by @emanuellima1 in https://github.com/kata-containers/kata-containers/pull/9639
ci: pin the nydus-snapshotter image version by @wainersm in https://github.com/kata-containers/kata-containers/pull/9746
tests: enable guest-pull on all k8s tests for the qemu-coco-dev configuration by @wainersm in https://github.com/kata-containers/kata-containers/pull/9694
ci: Remove all git config safe.directory by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9747
ci: kata-deploy no sudo by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9737
threat-model: Add VFIO, ACPI and KVM/VMM threat-model descriptions by @zvonkok in https://github.com/kata-containers/kata-containers/pull/8944
ci: k8s: Skip empty dir tests also for TDX by @fidencio in https://github.com/kata-containers/kata-containers/pull/9757
tests/k8s: print logs on fail only (k8s-confidential-attestation.bats) by @wainersm in https://github.com/kata-containers/kata-containers/pull/9751
tests/k8s: enable policy tests for qemu-coco-dev by @wainersm in https://github.com/kata-containers/kata-containers/pull/9754
CoCo: introduce config for guest-components procs by @mkulke in https://github.com/kata-containers/kata-containers/pull/9749
tests: Fix indentation in static checks script by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9741
deps: bumping yq to v4.40.7 by @beraldoleal in https://github.com/kata-containers/kata-containers/pull/9377
ci: remove sudo and make sure artifacts is owned by user by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9769
CI: disable jobs that failed > 50% on nightly CI recently - part 1 by @wainersm in https://github.com/kata-containers/kata-containers/pull/9765
GHA: Use qemu-coco-dev for k8s nydus test on s390x by @BbolroC in https://github.com/kata-containers/kata-containers/pull/9773
genpolicy: add ability to filter for runtimeClassName by @3u13r in https://github.com/kata-containers/kata-containers/pull/9725
tests: Use variable definition for better uniformity by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9770
TEEs: Skip a few CI tests for SEV/SNP by @AdithyaKrishnan in https://github.com/kata-containers/kata-containers/pull/9678
kata-deploy: install oras using release artefacts on ppc64le by @Amulyam24 in https://github.com/kata-containers/kata-containers/pull/9214
docs: Adding blog submission guidelines by @ildikov in https://github.com/kata-containers/kata-containers/pull/9702
kata-manager: Add symlinks for runc and slirp4netns by @amshinde in https://github.com/kata-containers/kata-containers/pull/9760
ci.ocp: Switch base to centos-9 by @ldoktor in https://github.com/kata-containers/kata-containers/pull/9782
ci: kbs: Enable CDH tests for TDX by @fidencio in https://github.com/kata-containers/kata-containers/pull/9768
ci: tdx: Re-enable a bunch of volume related tests by @fidencio in https://github.com/kata-containers/kata-containers/pull/9800
tests: Fix indentation in common script by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9779
runtime: enable kernel-hashes for SNP confidential container by @niteeshkd in https://github.com/kata-containers/kata-containers/pull/9151
CI: describe pod on k8s-create-pod wait failure by @portersrc in https://github.com/kata-containers/kata-containers/pull/9557
CI: Introduce retry mechanism for kubectl in gha-run.sh by @BbolroC in https://github.com/kata-containers/kata-containers/pull/9785
tests: k8s: use newer yq command line format by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/9809
kata-types: fix bug in kata-types several test cases by @Apokleos in https://github.com/kata-containers/kata-containers/pull/9784
agent: convert enum vals to kebab-case in cfg file by @mkulke in https://github.com/kata-containers/kata-containers/pull/9811
genpolicy: load OCI version from settings by @Redent0r in https://github.com/kata-containers/kata-containers/pull/9808
kata-deploy: add qemu-runtime-rs runtimeClass by @wainersm in https://github.com/kata-containers/kata-containers/pull/9807
runtime: fix the bug of func countFiles by @gaohuatao-1 in https://github.com/kata-containers/kata-containers/pull/9781
agent: config: Ensure envs take precedence by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9819
metrics: Use function definition to have uniformity by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9821
kata-deploy: configuring CRI-O for guest-pull image pulling by @wainersm in https://github.com/kata-containers/kata-containers/pull/9537
genpolicy: add support for devices by @burgerdev in https://github.com/kata-containers/kata-containers/pull/9706
Kill some dead runtime code by @gkurz in https://github.com/kata-containers/kata-containers/pull/9790
tests: fix yq command line in k8s-policy-pvc by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/9844
ci: fix the expected yq version string by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/9843
runtime: avoid panic on metrics gathering by @littlejawa in https://github.com/kata-containers/kata-containers/pull/9827
runtime: fix minor spelling issues by @EmmEff in https://github.com/kata-containers/kata-containers/pull/9818
versions: Upgrade to Cloud Hypervisor v39.0 by @likebreath in https://github.com/kata-containers/kata-containers/pull/9575
tests: setup: Improve setup script for kubernetes tests by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9832
tests: kbs: Use nodeport deployment from upstream trustee by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9726
sandbox: fix the issue of double initial_size_manager config by @lifupan in https://github.com/kata-containers/kata-containers/pull/9836
versions: Bump rust toolchain by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9840
CI: remove sudo from GHA by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9838
genpolicy: fix settings path flag name by @msanft in https://github.com/kata-containers/kata-containers/pull/9815
genpolicy: add back support for insecure by @Redent0r in https://github.com/kata-containers/kata-containers/pull/9786
release: Bump VERSIONS file to 3.6.0 by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9861

New Contributors

@networkhermit made their first contribution in https://github.com/kata-containers/kata-containers/pull/9671
@ajaypvictor made their first contribution in https://github.com/kata-containers/kata-containers/pull/9657
@l8huang made their first contribution in https://github.com/kata-containers/kata-containers/pull/9605
@sidneychang made their first contribution in https://github.com/kata-containers/kata-containers/pull/9693
@AdithyaKrishnan made their first contribution in https://github.com/kata-containers/kata-containers/pull/9678
@ildikov made their first contribution in https://github.com/kata-containers/kata-containers/pull/9702
@EmmEff made their first contribution in https://github.com/kata-containers/kata-containers/pull/9818
@msanft made their first contribution in https://github.com/kata-containers/kata-containers/pull/9815

Full Changelog: https://github.com/kata-containers/kata-containers/compare/3.5.0...3.6.0

相关地址：原始地址下载(tar) 下载(zip)

1、 kata-containers-3.6.0-vendor.tar.gz 677.1MB

2、 kata-containers-3.6.0-versions.yaml 13.24KB

3、 kata-static-3.6.0-amd64.tar.xz 401.83MB

4、 kata-static-3.6.0-arm64.tar.xz 144.95MB

5、 kata-static-3.6.0-ppc64le.tar.xz 106.25MB

6、 kata-static-3.6.0-s390x.tar.xz 224.43MB

7、 libseccomp-2.5.5.tar.gz 9B

8、 libseccomp-2.5.5.tar.gz.asc 9B

查看：2024-06-18发行的版本