3.7.0

kata-containers/kata-containers

版本发布时间: 2024-07-18 05:19:01

kata-containers/kata-containers最新发布版本:3.8.0(2024-08-22 00:44:43)

Survey

Please take the Kata Containers survey:

https://openinfrafoundation.formstack.com/forms/kata_containers_user_survey

This will help the Kata Containers community understand:

how you use Kata Containers
what features and improvements you would like to see in Kata Containers

Libseccomp Notices

The kata-agent binaries inside the Kata Containers images provided with this release are statically linked with the following GNU LGPL-2.1 licensed libseccomp library.

libseccomp

The kata-agent uses the libseccomp v2.5.5 which is not modified from the upstream version. However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.

Kata Containers builder images

agent (on all its different flavours): quay.io/kata-containers/builders:agent-d0b0004ce-107265821-x86_64
Kernel (on all its different flavours): quay.io/kata-containers/builders:kernel-c95ae5a50-x86_64
OVMF (on all its different flavours): quay.io/kata-containers/builders:ovmf-c99ba42d6-x86_64
QEMU (on all its different flavurs): quay.io/kata-containers/builders:qemu-259ec408b-x86_64
shim-v2: quay.io/kata-containers/builders:shim-v2-go-1.22.2-rust-1.75.0-25c784c56-x86_64
tools: quay.io/kata-containers/builders:tools-f31c1b121-6c1a2f01f-eb07f5ef5-c99ba42d6-x86_64
virtiofsd: quay.io/kata-containers/builders:virtiofsd-1.72.0-musl-c99ba42d6-x86_64

Installation

Follow the Kata installation instructions.

What's Changed

tests: Use selector rather than pod name for kubectl logs/describe by @BbolroC in https://github.com/kata-containers/kata-containers/pull/9862
Tokio vulnerability bump by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9860
sandbox: fix the issue of failed to get the vmm master tid by @lifupan in https://github.com/kata-containers/kata-containers/pull/9834
runtime-rs: add base qmp framework by @pmores in https://github.com/kata-containers/kata-containers/pull/9772
kata-deploy: always copy ci/install_yq.sh by @wainersm in https://github.com/kata-containers/kata-containers/pull/9863
ci: tdx: Disable TDX CI by @fidencio in https://github.com/kata-containers/kata-containers/pull/9869
ci: gha no sudo ppc64 by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9877
runtime-rs: adjust qemu vm shutdown behaviour by @pmores in https://github.com/kata-containers/kata-containers/pull/9870
ci: tdx: Use vanilla k8s instead of k3s by @fidencio in https://github.com/kata-containers/kata-containers/pull/9882
qemu: upgrade to 8.2.4 by @ryansavino in https://github.com/kata-containers/kata-containers/pull/9149
tests: nerdctl: Fix variables names and remove network by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9874
ci: tdx: Re-enable TDX CI by @fidencio in https://github.com/kata-containers/kata-containers/pull/9884
runtime: Support policy in remote hypervisor by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9881
kernel: Add CONFIG_S390_UV_UAPI for s390x by @BbolroC in https://github.com/kata-containers/kata-containers/pull/9886
gha: Do not fail when collecting artifacts by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9845
genpolicy: reject untested CreateContainer field values by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/9856
ci: remove sudo from s390x build by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9876
runtime: updates to qemu-coco-dev configuration by @wainersm in https://github.com/kata-containers/kata-containers/pull/9865
ci: gha no sudo arm64 by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9875
CI: disable jobs that failed >= 50% on nightly CI recently - part 2 by @wainersm in https://github.com/kata-containers/kata-containers/pull/9857
genpolicy: ignore SeccompProfile in PodSpec by @Redent0r in https://github.com/kata-containers/kata-containers/pull/9579
metrics: Improve variable definition in memory inside containers script by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9872
runtime-rs: fix the bug of func count_files by @gaohuatao-1 in https://github.com/kata-containers/kata-containers/pull/9830
workflow: coco: Add auth registry secret by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9903
genpolicy: allow specifying layer cache file by @3u13r in https://github.com/kata-containers/kata-containers/pull/9864
ci: Add scheduled job to cleanup resources, pt. I by @sprt in https://github.com/kata-containers/kata-containers/pull/9898
tests: attestation: Restrict sample policy use by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9906
ci.ocp: Ensure we smoke-test with the right runtime class by @ldoktor in https://github.com/kata-containers/kata-containers/pull/9887
tests: Increase timeout to crictl calls on kata monitor tests by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9897
runtime-rs: remove attempt to access sandbox bundle from container bu… by @pmores in https://github.com/kata-containers/kata-containers/pull/9879
kata-ctl: Update Cargo.lock by @gkurz in https://github.com/kata-containers/kata-containers/pull/9913
gpu: Missing separator by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9916
tests: Increase interval and max_tries for kubectl_retry by @BbolroC in https://github.com/kata-containers/kata-containers/pull/9923
versions: bump coco guest components and trustee by @fitzthum in https://github.com/kata-containers/kata-containers/pull/9896
runtime: fix missing of VhostUserDeviceReconnect parameter assignment by @markyangcc in https://github.com/kata-containers/kata-containers/pull/9849
rootfs: Fix spurious error by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9918
CI: Use multi-arch image for alpine-bash-curl by @BbolroC in https://github.com/kata-containers/kata-containers/pull/9936
CI: Eliminate dependency on tests repo by @BbolroC in https://github.com/kata-containers/kata-containers/pull/9932
gha: ci: Remove incorrect secrets line by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9947
Upgrade to Cloud Hypervisor v40.0 by @likebreath in https://github.com/kata-containers/kata-containers/pull/9930
tests: Update help section in openvino test by @cmaf in https://github.com/kata-containers/kata-containers/pull/9949
kata-deploy: fix qemu static build on ppc64le by @Amulyam24 in https://github.com/kata-containers/kata-containers/pull/9914
ci: Temporarily disable kata-deploy and GARM tests by @sprt in https://github.com/kata-containers/kata-containers/pull/9941
genpolicy: add topologySpreadConstraints support by @Redent0r in https://github.com/kata-containers/kata-containers/pull/9577
ci: Add scheduled job to cleanup resources, pt. II by @sprt in https://github.com/kata-containers/kata-containers/pull/9909
osbuilder: allow rootfs builds w/o git or version file deps by @ms-mahuber in https://github.com/kata-containers/kata-containers/pull/9825
docs: Remove jenkins reference from unit testing presentation by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9952
metrics: Remove variable in sysbench that is not being used by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9954
genpolicy: allow some empty env vars by @Redent0r in https://github.com/kata-containers/kata-containers/pull/9907
runtime-rs: firecracker hypervisor backend by @Pyrromanis in https://github.com/kata-containers/kata-containers/pull/8070
tests: Fixes TEE timeout issue by @AdithyaKrishnan in https://github.com/kata-containers/kata-containers/pull/9943
ci: Transition GARM tests to free runners, pt. I by @sprt in https://github.com/kata-containers/kata-containers/pull/9960
Fix issues on CI about guest-pull by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/9695
gha: Fix pip installation for nerdctl GHA by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9971
Image rs bump to latest main by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9828
tests: Use variable already defined in metrics common script for stability tests by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9966
Support Confidential Sealed Secrets (as env vars) by @fitzthum in https://github.com/kata-containers/kata-containers/pull/9719
tests: Extend vfio-ap hotplug test to use a zcrypttest tool by @BbolroC in https://github.com/kata-containers/kata-containers/pull/9859
tests: cri-containerd: Ensure Docker isn't present by @sprt in https://github.com/kata-containers/kata-containers/pull/9976
Add memory and vcpus info to metrics results by @dborquez in https://github.com/kata-containers/kata-containers/pull/9973
metrics: Remove duplicate check of processes from memory test. by @dborquez in https://github.com/kata-containers/kata-containers/pull/9987
cri-containerd: Remove use_devmapper variable for cri-containerd tests by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9985
gha: make run-k8s-tests-on-zvsi inherit secrets by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9981
runtime: pass certificates to get extended attestation report for SNP coco by @niteeshkd in https://github.com/kata-containers/kata-containers/pull/9806
scripts: Eliminate CI variable as it is not longer used by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9962
runtime-rs: bugfix for root bus slot allocation by @Apokleos in https://github.com/kata-containers/kata-containers/pull/9814
runtime: implement DAN in Go kata-runtime by @l8huang in https://github.com/kata-containers/kata-containers/pull/9868
gha: Increase timeout to run CoCo TDX tests by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9990
ci: fix run-nydus tests by @sprt in https://github.com/kata-containers/kata-containers/pull/9992
gha: enable SNP attestation by @niteeshkd in https://github.com/kata-containers/kata-containers/pull/9975
tests: Delete test scripts forcely by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/9982
runtime: Initialize SharedFS for remote hypervisor by @squarti in https://github.com/kata-containers/kata-containers/pull/9974
metrics: Update container name in blogbench test by @GabyCT in https://github.com/kata-containers/kata-containers/pull/9922
k8s: Skip shared-volume relevant tests for IBM SE by @BbolroC in https://github.com/kata-containers/kata-containers/pull/10003
tests: Enable attestation e2e tests for IBM SE by @BbolroC in https://github.com/kata-containers/kata-containers/pull/9951
common: Add share fs information for dragonball by @GabyCT in https://github.com/kata-containers/kata-containers/pull/10005
Fix ctr exec stuck problem by @Tim-Zhang in https://github.com/kata-containers/kata-containers/pull/9534
kata-deploy: add storage configuration for cri-o by @littlejawa in https://github.com/kata-containers/kata-containers/pull/10000
osbuilder: Bump Fedora to 40 by @BbolroC in https://github.com/kata-containers/kata-containers/pull/10010
Merge to main: supporting pull encrypted images by @Xynnn007 in https://github.com/kata-containers/kata-containers/pull/9382
tests: k8s: GENPOLICY_PULL_METHOD clean-up by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/9998
genpolicy: add support for runAsUser fields by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/10008
docs: Update cri installion guide url in containerd documentation by @GabyCT in https://github.com/kata-containers/kata-containers/pull/10013
workflows: setup environment to run auth registry tests on s390x by @wainersm in https://github.com/kata-containers/kata-containers/pull/10016
dragonball: kernel dragonball 6.1.x by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9967
Support for registry authentication in guest pull by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/9904
deploy: Add busybox target by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9722
tests: fix ps command in k8s-security-context by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/10020
gha: enable policy testing on TDX by @Redent0r in https://github.com/kata-containers/kata-containers/pull/9812
release: Bump VERSION to 3.7.0 by @wainersm in https://github.com/kata-containers/kata-containers/pull/10026

New Contributors

@markyangcc made their first contribution in https://github.com/kata-containers/kata-containers/pull/9849
@ms-mahuber made their first contribution in https://github.com/kata-containers/kata-containers/pull/9825
@Pyrromanis made their first contribution in https://github.com/kata-containers/kata-containers/pull/8070
@squarti made their first contribution in https://github.com/kata-containers/kata-containers/pull/9974

Full Changelog: https://github.com/kata-containers/kata-containers/compare/3.6.0...3.7.0

相关地址：原始地址下载(tar) 下载(zip)

1、 kata-containers-3.7.0-vendor.tar.gz 680.05MB

2、 kata-containers-3.7.0-versions.yaml 13.32KB

3、 kata-static-3.7.0-amd64.tar.xz 405.38MB

4、 kata-static-3.7.0-arm64.tar.xz 149.1MB

5、 kata-static-3.7.0-ppc64le.tar.xz 105.6MB

6、 kata-static-3.7.0-s390x.tar.xz 228.88MB

7、 libseccomp-2.5.5.tar.gz 9B

8、 libseccomp-2.5.5.tar.gz.asc 9B

查看：2024-07-18发行的版本