3.8.0

kata-containers/kata-containers

版本发布时间: 2024-08-22 00:44:43

kata-containers/kata-containers最新发布版本:3.8.0(2024-08-22 00:44:43)

Survey

Please take the Kata Containers survey:

https://openinfrafoundation.formstack.com/forms/kata_containers_user_survey

This will help the Kata Containers community understand:

how you use Kata Containers
what features and improvements you would like to see in Kata Containers

Libseccomp Notices

The kata-agent binaries inside the Kata Containers images provided with this release are statically linked with the following GNU LGPL-2.1 licensed libseccomp library.

libseccomp

The kata-agent uses the libseccomp v2.5.5 which is not modified from the upstream version. However, in order to comply with the LGPL-2.1 (§6(a)), we attach the complete source code for the library.

Kata Containers builder images

agent (on all its different flavours): quay.io/kata-containers/builders:agent-d0b0004ce-107265821-x86_64
Kernel (on all its different flavours): quay.io/kata-containers/builders:kernel-c95ae5a50-x86_64
OVMF (on all its different flavours): quay.io/kata-containers/builders:ovmf-c99ba42d6-x86_64
QEMU (on all its different flavurs): quay.io/kata-containers/builders:qemu-74662a072-x86_64
shim-v2: quay.io/kata-containers/builders:shim-v2-go-1.22.2-rust-1.75.0-25c784c56-x86_64
tools: quay.io/kata-containers/builders:tools-c22ac4f72-a9b436f78-a78d82f4f-69535e545-x86_64
virtiofsd: quay.io/kata-containers/builders:virtiofsd-1.72.0-musl-c99ba42d6-x86_64

Installation

Follow the Kata installation instructions.

What's Changed

tests: Rebuild secure boot image for guest-pull-image-authenticated for IBM SE by @BbolroC in https://github.com/kata-containers/kata-containers/pull/10032
metric: Upgrade blogbench to 1.2 by @amshinde in https://github.com/kata-containers/kata-containers/pull/10028
ci: cleanup: Ignore nonexisting resources by @sprt in https://github.com/kata-containers/kata-containers/pull/9959
genpolicy: container.exec_commands args validation by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/10022
tests: Call repack_secure_image() in set_metadata_annotation() by @BbolroC in https://github.com/kata-containers/kata-containers/pull/10034
Implement hotplug support for physical endpoints by @amshinde in https://github.com/kata-containers/kata-containers/pull/8597
runtime-rs: container: fix the issue of missing cleanup container by @lifupan in https://github.com/kata-containers/kata-containers/pull/10045
gha: enable autogenerated policy testing on SEV and SEV-SNP by @Redent0r in https://github.com/kata-containers/kata-containers/pull/9835
metrics: update avg reference values for blogbench. by @dborquez in https://github.com/kata-containers/kata-containers/pull/10040
tests: k8s-credentials-secrets: policy for second pod by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/10035
Add kernel config for NVIDIA DPU/ConnectX adapter by @l8huang in https://github.com/kata-containers/kata-containers/pull/9620
tests: Fix missing log on TDX by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/10031
dragonball: kernel gpu dragonball 6.1.x by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9968
gpu: rootfs/initrd build init by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9920
tools: Allow setting policy rego file via by @Redent0r in https://github.com/kata-containers/kata-containers/pull/9910
ci: cache: Pass through RELEASE env by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/10053
metrics: Update launch times to use grep -F by @GabyCT in https://github.com/kata-containers/kata-containers/pull/10060
gpu: rootfs ubuntu build expansion by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9919
runtime-rs: add memory hotplugging support to qemu-rs by @pmores in https://github.com/kata-containers/kata-containers/pull/9965
gha: Increase timeout to run CoCo tests by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/10063
docs: Update url links in kata nydus document by @GabyCT in https://github.com/kata-containers/kata-containers/pull/10054
genpolicy: Add support for envFrom by @Redent0r in https://github.com/kata-containers/kata-containers/pull/9576
tests: k8s: reuse policy exec variable by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/10051
runtime-rs: enhance debug info for agent connect. by @Apokleos in https://github.com/kata-containers/kata-containers/pull/10058
Align kata oci spec with oci-spec-rs by @Apokleos in https://github.com/kata-containers/kata-containers/pull/9944
Fix issue while adding multiple networks with nerdctl by @amshinde in https://github.com/kata-containers/kata-containers/pull/9899
initdata: add initdata annotation in hypervisor config by @huoqifeng in https://github.com/kata-containers/kata-containers/pull/9988
tee: osbuilder: Set /run to use 50% of the image with systemd by @fidencio in https://github.com/kata-containers/kata-containers/pull/10078
genpolicy: validate each exec command line arg by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/10069
tests: k8s: minor policy tests clean-up by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/10083
runtime-rs : fix the issue of stop sandbox by @lifupan in https://github.com/kata-containers/kata-containers/pull/10043
runtime-rs: enable dragonball hypervisor support initrd by @lifupan in https://github.com/kata-containers/kata-containers/pull/10024
runtime-rs: Fix QEMU backend for runtime-rs by @ananos in https://github.com/kata-containers/kata-containers/pull/10052
gha: Eradicate {pre,post}-action steps for s390x runners by @BbolroC in https://github.com/kata-containers/kata-containers/pull/10096
ci: Fix rate limit error by migrating busybox_image by @AdithyaKrishnan in https://github.com/kata-containers/kata-containers/pull/10101
gha: Restore cleanup-zvsi for s390x by @BbolroC in https://github.com/kata-containers/kata-containers/pull/10104
tests: add image check before running coco tests by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/10080
GHA: Run k8s e2e tests for qemu-runtime-rs on s390x by @BbolroC in https://github.com/kata-containers/kata-containers/pull/10070
version: bump trustee version by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/10110
ci: Temporarily remove arm64 builds by @fidencio in https://github.com/kata-containers/kata-containers/pull/10111
metrics: Update memory tests to use grep -F by @GabyCT in https://github.com/kata-containers/kata-containers/pull/10099
ci: Temporarily remove arm64 builds -- part II by @fidencio in https://github.com/kata-containers/kata-containers/pull/10117
kata-manager: Ensure distro specific TDX config is set by @fidencio in https://github.com/kata-containers/kata-containers/pull/10114
tests: k8s: Rotate & cleanup journal for every run by @fidencio in https://github.com/kata-containers/kata-containers/pull/10107
tests: kbs: Add missing dependencies to install kbs cli by @GabyCT in https://github.com/kata-containers/kata-containers/pull/10116
tests: Fix error with kubectl debug by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/10102
agent: fix the AllowRequestsFailingPolicy functionality by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/10098
ci: re-enable arm CI by @fidencio in https://github.com/kata-containers/kata-containers/pull/10123
Fix metrics json results file by @dborquez in https://github.com/kata-containers/kata-containers/pull/10120
genpolicy: reject create custom hook settings by @Redent0r in https://github.com/kata-containers/kata-containers/pull/10075
ci: Remove jobs that are not running by @fidencio in https://github.com/kata-containers/kata-containers/pull/10125
ci: Enable encrypted image tests for TEEs by @fidencio in https://github.com/kata-containers/kata-containers/pull/10124
genpolicy: add --version flag by @Redent0r in https://github.com/kata-containers/kata-containers/pull/10121
kata-deploy: Add Helm Chart by @zvonkok in https://github.com/kata-containers/kata-containers/pull/9880
runtime: image-pull: Make it work with nerdctl by @fidencio in https://github.com/kata-containers/kata-containers/pull/10132
genpolicy: add crate-scoped integration test by @burgerdev in https://github.com/kata-containers/kata-containers/pull/10068
ci: Enable nerdctl tests for clh by @amshinde in https://github.com/kata-containers/kata-containers/pull/10089
tools: Support for building qemu with linux aio by @hex2dec in https://github.com/kata-containers/kata-containers/pull/10129
tests:k8s: Update image in kubectl debug for the exec host function by @GabyCT in https://github.com/kata-containers/kata-containers/pull/10127
qemu: don't emit scsi parameter by @Freax13 in https://github.com/kata-containers/kata-containers/pull/10113
ci: cache: Include kata version in artefact versions by @stevenhorsman in https://github.com/kata-containers/kata-containers/pull/10140
tests: Update ubuntu image for stress Dockerfile by @GabyCT in https://github.com/kata-containers/kata-containers/pull/10142
ci: Transition GARM tests to free runners, pt. II by @wainersm in https://github.com/kata-containers/kata-containers/pull/10007
kata-manager: Only check files when tarball is not passed by @fidencio in https://github.com/kata-containers/kata-containers/pull/10149
tests: Add kubernetes stress-ng tests by @GabyCT in https://github.com/kata-containers/kata-containers/pull/10154
tests: Disable k8s file volume test by @GabyCT in https://github.com/kata-containers/kata-containers/pull/10156
tests: Add kubernetes stability test by @GabyCT in https://github.com/kata-containers/kata-containers/pull/10158
runtime-rs: Add the wait_vm support for hypervisors by @lifupan in https://github.com/kata-containers/kata-containers/pull/10148
genpolicy: hardening some agent requests by @burgerdev in https://github.com/kata-containers/kata-containers/pull/10050
genpolicy: Add support for cron jobs by @Redent0r in https://github.com/kata-containers/kata-containers/pull/10153
tools: Fix container image build warning by @hex2dec in https://github.com/kata-containers/kata-containers/pull/10137
tests: Ensure exec_host() consistently captures command output by @BbolroC in https://github.com/kata-containers/kata-containers/pull/10164
Revert "ci: add reset_runtime to cleanup" by @fidencio in https://github.com/kata-containers/kata-containers/pull/10169
Trusted image storage by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/9999
osbuilder: fix typo in ubuntu rootfs depends by @deagon in https://github.com/kata-containers/kata-containers/pull/10172
ci: nydus: Treat the snapshotter as a dependency by @fidencio in https://github.com/kata-containers/kata-containers/pull/10171
genpolicy: ignore Role resource by @Redent0r in https://github.com/kata-containers/kata-containers/pull/10161
kata-deploy: fix kata-deploy reset by @beraldoleal in https://github.com/kata-containers/kata-containers/pull/10170
Revert "version: bump trustee version" by @fidencio in https://github.com/kata-containers/kata-containers/pull/10178
tools: install luks-encrypt-storage script by guest-components by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/10174
runtime: Add specific error message for gRPC request timeouts by @ChengyuZhu6 in https://github.com/kata-containers/kata-containers/pull/10175
genpolicy: add bind mounts for image volumes by @danmihai1 in https://github.com/kata-containers/kata-containers/pull/10136
agent: Handle EINVAL error when umounting container rootfs by @squarti in https://github.com/kata-containers/kata-containers/pull/10159
ci: k8s: Replace nginx alpine images by @fidencio in https://github.com/kata-containers/kata-containers/pull/10179
runtime: Files are not synced between host and guest VMs by @squarti in https://github.com/kata-containers/kata-containers/pull/10151
ci: stdio: Fix typo on getting the containerd version by @fidencio in https://github.com/kata-containers/kata-containers/pull/10181
kata-deploy: Stop symlinking into /usr/local/bin by @fidencio in https://github.com/kata-containers/kata-containers/pull/10183
tests/k8s: check and save kbs.key by @wainersm in https://github.com/kata-containers/kata-containers/pull/10188
ci: Ensure the KBS resources are created by @fidencio in https://github.com/kata-containers/kata-containers/pull/10180
gha: Add k8s stability Kata CoCo GHA workflow by @GabyCT in https://github.com/kata-containers/kata-containers/pull/10177
ci: Let's temporarily revert the helm charts usage in our CI by @fidencio in https://github.com/kata-containers/kata-containers/pull/10191
release: Bump VERSION to 3.8.0 by @beraldoleal in https://github.com/kata-containers/kata-containers/pull/10197

New Contributors

@hex2dec made their first contribution in https://github.com/kata-containers/kata-containers/pull/10129
@Freax13 made their first contribution in https://github.com/kata-containers/kata-containers/pull/10113

Full Changelog: https://github.com/kata-containers/kata-containers/compare/3.7.0...3.8.0

相关地址：原始地址下载(tar) 下载(zip)

1、 kata-containers-3.8.0-vendor.tar.gz 709.32MB

2、 kata-containers-3.8.0-versions.yaml 13.36KB

3、 kata-static-3.8.0-amd64.tar.xz 405.2MB

4、 kata-static-3.8.0-arm64.tar.xz 149.99MB

5、 kata-static-3.8.0-ppc64le.tar.xz 105.78MB

6、 kata-static-3.8.0-s390x.tar.xz 230.72MB

7、 libseccomp-2.5.5.tar.gz 9B

8、 libseccomp-2.5.5.tar.gz.asc 9B

查看：2024-08-22发行的版本