v1.0.0
版本发布时间: 2022-01-31 16:00:15
firecracker-microvm/firecracker最新发布版本:v1.9.1(2024-10-03 23:17:10)
Added
- Added jailer option
--parent-cgroup <relative_path>
to allow the placement of microvm cgroups in custom cgroup nested hierarchies. The default value is<exec-file>
which is backwards compatible to the behavior before this change. - Added jailer option
--cgroup-version <1|2>
to support running the jailer on systems that have cgroup-v2. Default value is1
which means that if--cgroup-version
is not specified, the jailer will try to create cgroups on cgroup-v1 hierarchies only. - Added
--http-api-max-payload-size
parameter to configure the maximum payload size for PUT and PATCH requests. - Limit MMDS data store size to
--http-api-max-payload-size
. - Cleanup all environment variables in Jailer.
- Added metrics for accesses to deprecated HTTP and command line API endpoints.
- Added permanent HTTP endpoint for
GET
on/version
for getting the Firecracker version. - Added
--metadata
parameter to enable MMDS content to be supplied from a file allowing the MMDS to be used when using--no-api
to disable the API server. - Checksum file for the release assets.
- Added support for custom headers to MMDS requests. Accepted headers are:
X-metadata-token
, which accepts a string value that provides a session token for MMDS requests; andX-metadata-token-ttl-seconds
, which specifies the lifetime of the session token in seconds. - Support and validation for host and guest kernel 5.10.
- A kernel support policy.
- Added
io_engine
to the pre-boot block device configuration. Possible values:Sync
(the default option) orAsync
(only available for kernels newer than 5.10.51). TheAsync
variant introduces a block device engine that uses io_uring for executing requests asynchronously, which is in developer preview (NOT for production use). Seedocs/api_requests/block-io-engine.md
. - Added
block.io_engine_throttled_events
metric for measuring the number of virtio events throttled because of the IO engine. - New optional
version
field to PUT requests towards/mmds/config
to configure MMDS version. Accepted values areV1
andV2
and default isV1
. MMDSV2
is developer preview only (NOT for production use) and it does not currently work after snapshot load. - Mandatory
network_interfaces
field to PUT requests towards/mmds/config
which contains a list of network interface IDs capable of forwarding packets to MMDS.
Changed
- Removed the
--node
jailer parameter. - Deprecated
vsock_id
body field inPUT
s on/vsock
. - Removed the deprecated the
--seccomp-level parameter
. -
GET
requests to MMDS require a session token to be provided throughX-metadata-token
header when using V2. - Allow
PUT
requests to MMDS in order to generate a session token to be used for futureGET
requests when version 2 is used. - Remove
allow_mmds_requests
field from the request body that attaches network interfaces. Specifying interfaces that allow forwarding requests to MMDS is done by adding the network interface's ID to thenetwork_interfaces
field of PUT/mmds/config
request's body. - Renamed
/machine-config
ht_enabled
tosmt
. -
smt
field is now optional on PUT/machine-config
, defaulting tofalse
. - Configuring
smt: true
on aarch64 via the API is forbidden.
Fixed
- Fixed incorrect propagation of init parameters in kernel commandline. Related to: #2709.
- Adapt T2 and C3 CPU templates for kernel 5.10. Firecracker was not previously
masking some CPU features of the host or emulated by KVM, introduced in more
recent kernels:
umip
,vmx
,avx512_vnni
. - Fix jailer's cgroup implementation to accept properties that contain multiple dots.
1、 firecracker-v1.0.0-aarch64.tgz 1.57MB
2、 firecracker-v1.0.0-aarch64.tgz.sha256.txt 65B
3、 firecracker-v1.0.0-x86_64.tgz 1.59MB